rcb56
2022-07-02, 04:57
and i guess it doesn't like bering brought here, as i d'loaded and ran frst and aswMBR, the asw got a bl;ue page from microsoft saying the system had an error...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2022 01
Ran by ronny (administrator) on DADS (Hewlett-Packard HP EliteDesk 800 G1 SFF) (01-07-2022 18:14:41)
Running from C:\Users\ronny\OneDrive\Desktop
Loaded Profiles: ronny
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe ->) (Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.168.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.168.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Users\ronny\OneDrive\Desktop\FRST64.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe
(C:\Users\ronny\OneDrive\Desktop\FRST64.exe ->) (MIXBYTE, INC. -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Blue Sherpa\sherpa_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (MIXBYTE, INC. -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(services.exe ->) (NCH Software Pty Ltd -> NCH Software) C:\Program Files (x86)\NCH Software\VRS\vrs.exe
(services.exe ->) (PALTALK, INC. -> AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1492928 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [VRS] => C:\Program Files (x86)\NCH Software\VRS\vrs.exe [1313808 2018-10-18] (NCH Software Pty Ltd -> NCH Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10587912 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ASUS WebStorage Timeline Backup] => C:\Program Files (x86)\ASUS WebStorage Timeline Backup\ASUS WebStorage Timeline Backup\1.0.0.23\ASUSWebStorageTimelineBackup_.exe [3310592 2021-09-29] (ASUS Cloud Corporation) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Sound Blaster Audigy Fx Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe [861184 2013-11-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [189320 2022-04-05] (MIXBYTE, INC. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2151360 2022-04-16] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Gaijin.Net Updater] => C:\Users\ronny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [CTRegRun] => C:\WINDOWS\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd) [File not signed]
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [MicrosoftEdgeAutoLaunch_48A1A4294CCEB77515622EF96F55E31B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Paltalk] => C:\Program Files (x86)\Paltalk\Paltalk.exe [32393296 2022-03-05] (PALTALK, INC. -> Paltalk, Inc.)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Samsung DeX] => C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [BingWallpaperApp] => C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13998496 2022-06-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16E71422-6312-4645-8DEC-03A3F2C32550} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [10926568 2021-08-18] (NCH Software, Inc. -> NCH Software)
Task: {32A161FE-6609-4AC3-BF97-43DB6A1C4364} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36EE3A7E-07D4-4A76-BCE5-42FDCFECFFA4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {39D31B77-4D21-488C-AA4C-CE24299E5A9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {561E6F49-EC06-4A67-AF3C-7321394EE673} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {6EF20F01-30B3-46BF-925D-20D08F4879A0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck
Task: {6F979EF0-B5DB-4685-AFE8-6F840D147792} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {736797C2-5509-47BC-A6F8-4CBC4779D4CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {9EC3A1CD-9913-4FB7-AA5D-3940F7FD5B45} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-687888615-3449104039-937635755-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0A75661-603F-414F-9936-34C2ED31BCA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E41ABA13-09C7-44AA-8D36-AD0EEB35C7DE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E85E19FD-0C98-4D06-8129-FC4964EDB436} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{01291768-3b02-447d-8c76-19206fc14f76}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\ronny\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-01]
Edge DownloadDir: Default -> C:\Users\ronny\Downloads
Edge HomePage: Default -> hxxp://https//:yahoo.com
Edge Extension: (No Name) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2020-07-20]
Edge Extension: (Leet ad blocker) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfkdpncdgndakidfnokjoojnfjifiepj [2022-04-21]
Edge Profile: C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-05-07]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-06]
Edge Extension: (Pirates of the Caribbean) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\mgaojgdnjfjppepndmlgnjkpmkijbkah [2022-05-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 6nm8fvx2.default-1611594858898
FF ProfilePath: C:\Users\ronny\AppData\Roaming\Mozilla\Firefox\Profiles\6nm8fvx2.default-1611594858898 [2022-06-29]
FF Homepage: Mozilla\Firefox\Profiles\6nm8fvx2.default-1611594858898 -> hxxps://www.bing.com/?pc=W091
FF ProfilePath: C:\Users\ronny\AppData\Roaming\Mozilla\Firefox\Profiles\ntamu3y2.default-1618974619849 [2022-04-10]
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2020-07-01] (Solware IT Ltd -> Solware)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-687888615-3449104039-937635755-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ddojnmkongaimkdddgmcccldlfhokcfb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable [2022-04-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [106944 2017-06-29] (Andrea Electronics -> Andrea Electronics Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-07-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncHelper.exe [3374472 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2022-04-05] (MIXBYTE, INC. -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-22] (Malwarebytes Inc. -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-18] (Logitech Inc -> Logitech)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.121.0605.0002\OneDriveUpdaterService.exe [3812744 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1336624 2021-07-14] (PALTALK, INC. -> AVM Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [626344 2021-09-06] (CyberLink Corp. -> CyberLink)
R2 sherpa_service; C:\Program Files\Blue Sherpa\sherpa_service.exe [351136 2021-07-29] (Logitech Inc -> Logitech, Inc.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 VRSService; C:\Program Files (x86)\NCH Software\VRS\vrs.exe [1313808 2018-10-18] (NCH Software Pty Ltd -> NCH Software)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AFXfilt; C:\WINDOWS\system32\drivers\AFXfilt.sys [35320 2015-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [33784 2020-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [25952 2018-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider)
R3 iriunvid; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_4747a243bb885bc4\iriunvid.sys [165000 2022-04-29] (Iriun Oy -> Windows (R) Win 7 DDK provider)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-06-30] (Malwarebytes Inc. -> Malwarebytes)
S3 mbtun; C:\WINDOWS\system32\DRIVERS\mbtun.sys [86680 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [54664 2021-03-12] (NCH Software Pty Ltd -> )
S3 VCAM_WDM; C:\WINDOWS\system32\DRIVERS\VCam_WDM.sys [1090984 2018-03-13] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-01 18:13 - 2022-07-01 18:15 - 000000000 ____D C:\FRST
2022-07-01 17:30 - 2022-07-01 17:33 - 007333288 _____ (Tweaking.com) C:\Users\ronny\Downloads\tweaking.com_registry_backup_setup (6).exe
2022-06-30 20:07 - 2022-06-30 20:07 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-06-30 20:07 - 2022-06-30 20:07 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-06-30 20:07 - 2022-06-30 20:07 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-06-29 14:57 - 2022-06-29 14:57 - 000000000 ____D C:\Users\ronny\.ms-ad
2022-06-23 23:25 - 2022-06-23 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-06-22 23:29 - 2022-06-30 20:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-06-21 01:54 - 2022-06-21 01:54 - 000124757 _____ C:\Users\ronny\Downloads\Account e-Statement - May 2022.pdf
2022-06-19 00:16 - 2022-06-30 20:07 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-17 14:34 - 2022-06-17 14:34 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-17 14:33 - 2022-06-17 14:33 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 14:33 - 2022-06-17 14:33 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 14:32 - 2022-06-17 14:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-17 14:32 - 2022-06-17 14:32 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-17 13:51 - 2022-06-17 13:51 - 000000000 ___HD C:\$WinREAgent
2022-06-11 22:16 - 2022-06-11 22:16 - 000000000 ____D C:\ProgramData\Apple Computer
2022-06-11 21:24 - 2022-06-11 21:24 - 000001365 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2022-06-11 21:24 - 2022-06-11 21:24 - 000000000 ____D C:\Users\ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2022-06-11 21:24 - 2022-06-11 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2022-06-11 21:23 - 2022-06-11 21:24 - 000000000 ____D C:\Program Files (x86)\Freemake
2022-06-11 21:09 - 2022-06-11 21:09 - 001017928 _____ (Mixbyte Inc. ) C:\Users\ronny\Downloads\FreemakeVideoDownloaderSetup_1bce304c-9da7-11aa-f461-760a6bc8c142.exe
2022-06-11 21:09 - 2022-06-11 21:09 - 001016720 _____ (Mixbyte Inc. ) C:\Users\ronny\Downloads\FreemakeVideoConverterSetup_1bce304c-9da7-11aa-f461-760a6bc8c142.exe
2022-06-08 21:01 - 2022-06-08 21:01 - 000000000 ____D C:\Users\ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2022-06-08 09:01 - 2022-06-08 09:01 - 003535870 _____ C:\Users\ronny\Downloads\inogen-info-guide-202107.pdf
2022-06-07 01:33 - 2022-06-07 01:33 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2022-06-06 03:05 - 2022-06-06 03:06 - 001114624 _____ C:\Users\ronny\Downloads\WGT Maximized v2.exe
2022-06-05 23:26 - 2022-06-05 23:26 - 000369752 _____ C:\Users\ronny\Downloads\dikph.ppp
2022-06-02 12:34 - 2021-10-08 11:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2022-06-02 12:34 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2022-06-02 12:34 - 2021-10-08 11:00 - 000043640 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-01 18:04 - 2022-04-08 12:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-01 18:04 - 2022-03-28 18:48 - 000033662 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-07-01 18:04 - 2021-01-21 15:24 - 000000000 ___RD C:\Users\ronny\Dropbox
2022-07-01 18:04 - 2020-12-18 21:01 - 000001863 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-07-01 17:25 - 2022-04-08 13:15 - 000004142 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6C960934-DC27-4EFF-89D5-F77C012D2312}
2022-07-01 10:40 - 2020-07-01 22:12 - 000000000 __SHD C:\Users\ronny\IntelGraphicsProfiles
2022-07-01 10:39 - 2020-06-08 11:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-01 02:07 - 2022-04-13 02:22 - 117129216 _____ C:\Users\ronny\OneDrive\Documents\dwyco-backup-diff-919f17398c9e005aeacd.sql
2022-07-01 00:25 - 2020-11-12 22:07 - 000000000 ____D C:\Users\ronny\AppData\Local\CrashDumps
2022-06-29 17:49 - 2022-04-08 13:15 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-687888615-3449104039-937635755-1001
2022-06-29 17:49 - 2022-04-08 13:15 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-06-29 17:49 - 2021-09-11 17:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-06-29 17:49 - 2021-02-26 03:43 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-29 14:57 - 2022-04-08 12:35 - 000000000 ____D C:\Users\ronny
2022-06-29 14:54 - 2022-04-08 13:10 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-29 14:54 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-29 14:48 - 2022-04-08 13:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-29 14:48 - 2021-01-03 02:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-29 00:10 - 2022-04-13 02:22 - 113463296 _____ C:\Users\ronny\OneDrive\Documents\dwyco-backup-diff-919f17398c9e005aeacd.old.sql
2022-06-28 14:13 - 2020-09-16 13:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-06-28 13:21 - 2019-10-23 14:34 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 09:47 - 2020-07-19 08:00 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-25 09:47 - 2020-07-19 08:00 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-23 23:26 - 2021-01-16 09:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-06-22 23:49 - 2019-10-23 14:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-19 00:15 - 2022-03-29 14:43 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-18 21:09 - 2022-04-08 12:57 - 000444392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-18 21:08 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-18 21:06 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-18 21:02 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-06-17 14:49 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 14:31 - 2022-04-08 13:01 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-17 13:43 - 2020-07-02 02:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-17 13:38 - 2020-07-02 02:27 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 09:58 - 2021-01-20 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-06-16 09:58 - 2021-01-20 14:48 - 000000000 ____D C:\Program Files (x86)\Java
2022-06-16 09:57 - 2021-01-20 14:48 - 000166680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-06-15 23:10 - 2022-04-10 06:28 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d84b736cd80c44
2022-06-15 23:10 - 2022-04-08 13:15 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-11 22:16 - 2020-07-10 05:36 - 000000000 ____D C:\ProgramData\Apple
2022-06-11 22:16 - 2020-07-01 22:13 - 000000000 ____D C:\Users\ronny\AppData\Local\Publishers
2022-06-11 22:16 - 2020-07-01 22:12 - 000000000 ____D C:\Users\ronny\AppData\Local\Packages
2022-06-07 01:33 - 2021-06-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
==================== Files in the root of some directories ========
2020-12-27 15:29 - 2020-12-27 15:29 - 000001167 _____ () C:\Users\ronny\AppData\Roaming\trace_FilterInstaller.txt
2020-12-27 15:29 - 2020-12-27 15:29 - 000000000 _____ () C:\Users\ronny\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2020-07-10 05:21 - 2020-07-10 05:21 - 000003584 _____ () C:\Users\ronny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-06-30 21:12 - 2021-06-30 21:12 - 000007597 _____ () C:\Users\ronny\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
--------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by ronny (01-07-2022 18:22:03)
Running from C:\Users\ronny\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-04-08 18:17:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-687888615-3449104039-937635755-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-687888615-3449104039-937635755-503 - Limited - Disabled)
Guest (S-1-5-21-687888615-3449104039-937635755-501 - Limited - Disabled)
ronny (S-1-5-21-687888615-3449104039-937635755-1001 - Administrator - Enabled) => C:\Users\ronny
WDAGUtilityAccount (S-1-5-21-687888615-3449104039-937635755-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(7) Facebook (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\876d02b7a154c12acc74dbe21dbbc4a7) (Version: 1.0 - (7) Facebook)
8 Ball Pool - A free Sports Game (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\f2e784ea14e2058dcbf097ec01441184) (Version: 1.0 - 8 Ball Pool - A free Sports Game)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.001.20142 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS WebStorage Timeline Backup (HKLM-x32\...\ASUS WebStorage Timeline Backup) (Version: 1.0.0.23 - ASUS Cloud Corporation)
Bing Wallpaper (HKLM-x32\...\{99B0DEA2-5306-4BCB-B918-5E945747F7F9}) (Version: 1.0.9.9 - Microsoft Corporation)
Blue Sherpa (HKLM-x32\...\Blue Sherpa) (Version: - Blue Microphones)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cannon Balls 3D - Play Cannon Balls 3D on Crazy Games (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\5be0c4916bb74b139b07376939538cf5) (Version: 1.0 - Cannon Balls 3D - Play Cannon Balls 3D on Crazy Games)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CyberLink PowerDirector 365 (HKLM-x32\...\{278A8296-12A6-4CD0-8A8E-6947948477C5}) (Version: 20.0.2106.0 - CyberLink Corp.)
DeskFX Audio Effect Processor (HKLM-x32\...\DeskFX) (Version: 3.14 - NCH Software)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 151.4.4304 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Dwyco CDC-X version 2.31 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Dwyco CDC-X_is1) (Version: 2.31 - Dwyco, Inc.)
Dwyco Video Conferencing (HKLM-x32\...\Dwyco Video Conferencing_is1) (Version: 2.97 - Dwyco, Inc.)
e2eSoft VCam 6.4 (HKLM-x32\...\VCam_is1) (Version: 6.3 - e2eSoft)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
Featured Songs _ SingSnap Karaoke (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\5c7ad6f550c744e9a98014f78df7bc92) (Version: 1.0 - Featured Songs _ SingSnap Karaoke)
Freemake Video Converter version 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.100.1.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Iriun Webcam version 2.7.3 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.7.3 - Iriun)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kanto Player version 12.0.0.0 (HKLM-x32\...\{B3749D9E-AFD6-49D6-8F40-4722B45859FF}_is1) (Version: 12.0.0.0 - Globosoft S.R.L.)
Karaoke Builder Player 5.0 (HKLM-x32\...\{A9DDC2FC-2028-47E9-847C-0CFA77181C83}_is1) (Version: 5.0.0.528 - Gisburne Media)
LibreOffice 6.1.6.3 (HKLM\...\{FDD378C0-438D-4E89-A692-6D010D5AF9D0}) (Version: 6.1.6.3 - The Document Foundation)
LocK-A-FoLdeR (HKLM-x32\...\LocK-A-FoLdeR) (Version: 3.10.3 - )
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Maxthon (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Maxthon) (Version: 6.1.0.2000 - Maxthon Ltd.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.9.5.1000 - Maxthon International Limited)
Microsoft .NET Core Host - 3.1.16 (x86) (HKLM-x32\...\{5D887DA9-5C68-400F-8948-1CC517CB9A41}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.16 (x86) (HKLM-x32\...\{A0066D67-1765-4066-B260-DD548A154CB5}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.16 (x86) (HKLM-x32\...\{876E7C98-9A2F-4644-BD03-7E6253D54EFE}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.16 (x86) (HKLM-x32\...\{23B1E150-9D20-42E9-ABEA-5F155FE91878}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.16 (x86) (HKLM-x32\...\{eadb038c-8c60-4258-8cf9-e43e809329a4}) (Version: 3.1.16.30112 - Microsoft Corporation)
MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 7.10 - NCH Software)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Firefox 78.6.0 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 78.6.0 ESR (x64 en-US)) (Version: 78.6.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.6.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
ocenaudio (HKLM-x32\...\ocenaudio) (Version: 3.9.5 - Ocenaudio Team)
Paltalk (HKLM-x32\...\Paltalk) (Version: - )
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 8.00 - NCH Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 9.03 - NCH Software)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Sound Blaster Audigy Fx (HKLM-x32\...\{D81021F7-48D0-44B2-9B0E-95EF6DBE9E79}) (Version: 1.00.07 - Creative Technology Limited)
Sound Blaster Audigy Fx Extras (HKLM-x32\...\{52272D09-08E0-4A57-BC14-BC09F5D7AE26}) (Version: 1.0 - Creative Technology Limited)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 6.09 - NCH Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 10.56 - NCH Software)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 10.75 - NCH Software)
VRS Recording System (HKLM-x32\...\VRS) (Version: 5.48 - NCH Software)
War Thunder Launcher 1.0.3.282 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
Wargaming.net Game Center (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Wargaming.net Game Center) (Version: 22.0.0.8225 - Wargaming.net)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 12.23 - NCH Software)
WGT Launcher (HKLM-x32\...\{E4340AAD-E352-4209-9DA2-53C71C2C7F81}) (Version: 1.2 - Topgolf USA, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
World of Tanks NA (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOWP.WW.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
Y8 Browser 1.0.10 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\a6611861-70b4-5ed8-b9ef-d6448267637c) (Version: 1.0.10 - Y8 Games)
Packages:
=========
All Video Player HD -> C:\Program Files\WindowsApps\22450.TotalVideoPlayer_2.2.1.0_x64__0aqw1zw0x2snt [2022-04-08] (韵华软件)
AutoCAD Mobile -> C:\Program Files\WindowsApps\89006A2E.AutoCAD360_8.29.0.0_x64__tf1gferkr813w [2022-06-16] (Autodesk Inc.)
Best Bubble Breaker -> C:\Program Files\WindowsApps\29219fast-soft.de.BestBubbleBreaker_1.1.0.5_x64__ef0y5a6dqd4v4 [2022-05-16] (fast-soft.de) [MS Ad]
Bubble Breaker Ultimate -> C:\Program Files\WindowsApps\55591DelaireDamien.BubbleBreakerUltimate_1.0.0.16_x64__823pgb98jhb94 [2022-05-16] (Delaire Damien)
City Racing 3D 2 -> C:\Program Files\WindowsApps\B9BA84AC.CityRacing2_1.4.5.0_x64__3ag0hv5nd203a [2022-04-08] (成都羽珀科技有限责任公司) [MS Ad]
DrawPad Graphic Design Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.DrawPadFree_8.3.9.0_x86__7kedsbyvzns34 [2022-06-19] (NCH Software)
Farkle Free!! -> C:\Program Files\WindowsApps\IronjawStudiosPrivateLimi.FarkleFree_2.0.1.0_x64__0ah1jqwq7j8nj [2022-04-08] (Ironjaw Studios Private Limited)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-06-11] (Apple Inc.) [Startup Task]
Mail -> C:\Program Files\WindowsApps\40811eyack.com.MAIL_10.1703.61.0_x64__xsbsxxypt8dh6 [2022-05-22] (eyacker.com)
Media Player - All Formats, Video Player All Formats -> C:\Program Files\WindowsApps\2725Swisspix.MediaPlayer-AllFormatsVideoPlayerAllF_1.1.13.0_x64__q68sgvev02mx6 [2022-04-08] (Swisspix) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-10] (Microsoft Studios) [MS Ad]
My Drawing Pad -> C:\Program Files\WindowsApps\14835KeithLam.MyDrawingPad_1.1.3.0_x64__n72ny8k2pphgw [2022-04-08] (Keith Lam)
Net Speed Meter -> C:\Program Files\WindowsApps\4789ZeroByte.NetSpeedMeter_4.0.0.0_neutral__gvheqymwk6zrr [2022-06-01] (Zero Byte) [Startup Task]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation)
Shadow Defense: Kingdom -> C:\Program Files\WindowsApps\32809xgeneration.ShadowDefenseKingdom_1.1.1.1_x86__f6w2wpjbc1rm8 [2022-05-29] (9xgeneration) [MS Ad]
Speech to Text -> C:\Program Files\WindowsApps\49600POONFAMILY.SpeechtoText_1.1.0.2_x86__cjkmrjc535bpe [2022-04-08] (POONFAMILY) [MS Ad]
Tower Defense Game -> C:\Program Files\WindowsApps\46462kankygames4.TowerDefenseGame_1.0.0.0_x64__vkbwk3y7qepp2 [2022-05-18] (kankygames4)
Video Trimmer - Video Editor & Video Maker -> C:\Program Files\WindowsApps\4978BestGameStudio.VideoTrimmer-VideoEditorVideoMa_1.0.3.0_x64__1722q061jff9j [2022-04-08] (Best Game Studio) [MS Ad]
VOICE x NOTE -> C:\Program Files\WindowsApps\33805LSongBee.VOICExNOTE_1.1.3.0_x64__h9vv8ndyw0qje [2022-04-08] (LSongBee) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\ronny\AppData\Local\Maxthon\Application\6.1.0.2000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ronny\Dropbox [2021-01-21 15:24]
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{e4211cc1-dab9-49db-af72-8e71f657e3c5}\localserver32 -> C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe (NCH Software, Inc. -> NCH Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-07] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2011-09-16 18:04 - 2011-09-16 18:04 - 000238080 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\CTLoadRs.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-687888615-3449104039-937635755-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2022-03-29 14:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-01-12 09:13 - 2021-01-12 09:13 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-687888615-3449104039-937635755-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20220701.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VRS"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ASUS WebStorage Timeline Backup"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Paltalk"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Samsung DeX"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "CTRegRun"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{D23D5FBF-6D51-4D2B-A189-AEC57F83DB59}C:\users\ronny\appdata\local\crossout\launcher.exe] => (Allow) C:\users\ronny\appdata\local\crossout\launcher.exe => No File
FirewallRules: [TCP Query User{A2EF3C15-B27E-46A3-9AF5-9BFBADA7C7A1}C:\users\ronny\appdata\local\crossout\launcher.exe] => (Allow) C:\users\ronny\appdata\local\crossout\launcher.exe => No File
FirewallRules: [TCP Query User{4363B518-7365-416A-B65A-7E057EB3AFA4}C:\program files\dwyco2\cdc32.exe] => (Allow) C:\program files\dwyco2\cdc32.exe (Dwyco, Inc.) [File not signed]
FirewallRules: [UDP Query User{0F75ACEB-A709-4124-B69F-A1323DA9B174}C:\program files\dwyco2\cdc32.exe] => (Allow) C:\program files\dwyco2\cdc32.exe (Dwyco, Inc.) [File not signed]
FirewallRules: [TCP Query User{F7C5AB25-F99C-46DC-9A1C-F083EB381BDC}C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe (Dwyco, Inc. -> )
FirewallRules: [UDP Query User{FE17A148-F291-4ECA-9448-3BDAECC4A76A}C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe (Dwyco, Inc. -> )
FirewallRules: [TCP Query User{63EC1546-2686-495A-B46D-BCF1CA82C9A3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FC407C44-8926-4A1E-9484-9A848E1A3BE3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{79344975-A112-42E7-835F-C45F993049D7}] => (Allow) C:\Program Files (x86)\Iriun Webcam\IriunWebcam.exe (IriunWebcam) [File not signed]
FirewallRules: [TCP Query User{C304F362-708A-426A-B6D3-0400EC662067}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{5CBD9B30-432A-4A4D-9897-D5FB16631BF2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A9B7D524-2FC5-49FA-BCDB-DA9AA915E1D2}] => (Allow) C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{2F0EA6F0-712C-4484-BC66-30FA0A8DDB98}] => (Allow) C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{5A3D75C6-3B76-4BA9-BC79-F1DC09F0ED98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{405995C6-7B41-455D-BFC0-498761E3D8C8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0743EDCF-1285-49A4-BB32-E7D962A192DD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97EB7569-B5F4-4979-B410-2288998D12A5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54A10104-3E79-4ACC-858D-707FEB0C054E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5DFEE8A-F1EA-4E07-BA79-0627CF14E3BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{94665A85-8C3F-4E90-8F16-25388E22F32F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E4BCDA11-685B-4D8C-A933-43D240B20573}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3E74A5F-2E25-4FEC-8BFA-1AD7F8361A6C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5C8C5723-D190-4E53-9EE2-05A6036C47B7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F4DA909-78DF-4DAF-89D6-022E3C136E2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D35AF87A-361D-4A2C-9385-CCFAD34ABF43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B15412A-366B-454F-920E-9D5C58FB8192}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{596AF608-A03D-488C-9AAB-BFFBAFB4B7B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
17-06-2022 13:43:38 Windows Modules Installer
17-06-2022 13:48:27 Windows Modules Installer
17-06-2022 13:51:44 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9906
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9906
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7922
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7922
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2022 04:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5922
Error: (07/01/2022 04:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5922
System errors:
=============
Error: (07/01/2022 03:02:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (06/29/2022 02:47:38 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (06/29/2022 02:48:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:00:39 AM on 6/29/2022 was unexpected.
Error: (06/28/2022 01:17:00 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (06/28/2022 01:17:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:05:44 PM on 6/28/2022 was unexpected.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-04-27 07:20:50
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Hewlett-Packard L01 v02.65 07/13/2015
Motherboard: Hewlett-Packard 1998
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 57%
Total physical RAM: 8082.33 MB
Available physical RAM: 3440.02 MB
Total Virtual: 9938.33 MB
Available Virtual: 4664.36 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.29 GB) (Free:695.28 GB) (Model: Hitachi HUA722010CLA330) NTFS
Drive d: (SB_INSTALL) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
\\?\Volume{6936fdef-0000-0000-0000-100000000000}\ (System) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS
\\?\Volume{6936fdef-0000-0000-0000-f0b1e8000000}\ () (Fixed) (Total:0.73 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6936FDEF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=749 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2022 01
Ran by ronny (administrator) on DADS (Hewlett-Packard HP EliteDesk 800 G1 SFF) (01-07-2022 18:14:41)
Running from C:\Users\ronny\OneDrive\Desktop
Loaded Profiles: ronny
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe ->) (Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.168.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22042.168.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Users\ronny\OneDrive\Desktop\FRST64.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe
(C:\Users\ronny\OneDrive\Desktop\FRST64.exe ->) (MIXBYTE, INC. -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Blue Sherpa\sherpa_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (MIXBYTE, INC. -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(services.exe ->) (NCH Software Pty Ltd -> NCH Software) C:\Program Files (x86)\NCH Software\VRS\vrs.exe
(services.exe ->) (PALTALK, INC. -> AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1492928 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [VRS] => C:\Program Files (x86)\NCH Software\VRS\vrs.exe [1313808 2018-10-18] (NCH Software Pty Ltd -> NCH Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10587912 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ASUS WebStorage Timeline Backup] => C:\Program Files (x86)\ASUS WebStorage Timeline Backup\ASUS WebStorage Timeline Backup\1.0.0.23\ASUSWebStorageTimelineBackup_.exe [3310592 2021-09-29] (ASUS Cloud Corporation) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Sound Blaster Audigy Fx Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe [861184 2013-11-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [189320 2022-04-05] (MIXBYTE, INC. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632072 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2151360 2022-04-16] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Gaijin.Net Updater] => C:\Users\ronny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [CTRegRun] => C:\WINDOWS\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd) [File not signed]
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [MicrosoftEdgeAutoLaunch_48A1A4294CCEB77515622EF96F55E31B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Paltalk] => C:\Program Files (x86)\Paltalk\Paltalk.exe [32393296 2022-03-05] (PALTALK, INC. -> Paltalk, Inc.)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [Samsung DeX] => C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Run: [BingWallpaperApp] => C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13998496 2022-06-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16E71422-6312-4645-8DEC-03A3F2C32550} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [10926568 2021-08-18] (NCH Software, Inc. -> NCH Software)
Task: {32A161FE-6609-4AC3-BF97-43DB6A1C4364} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36EE3A7E-07D4-4A76-BCE5-42FDCFECFFA4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {39D31B77-4D21-488C-AA4C-CE24299E5A9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {561E6F49-EC06-4A67-AF3C-7321394EE673} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {6EF20F01-30B3-46BF-925D-20D08F4879A0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck
Task: {6F979EF0-B5DB-4685-AFE8-6F840D147792} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {736797C2-5509-47BC-A6F8-4CBC4779D4CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {9EC3A1CD-9913-4FB7-AA5D-3940F7FD5B45} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-687888615-3449104039-937635755-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0A75661-603F-414F-9936-34C2ED31BCA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E41ABA13-09C7-44AA-8D36-AD0EEB35C7DE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E85E19FD-0C98-4D06-8129-FC4964EDB436} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{01291768-3b02-447d-8c76-19206fc14f76}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\ronny\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-01]
Edge DownloadDir: Default -> C:\Users\ronny\Downloads
Edge HomePage: Default -> hxxp://https//:yahoo.com
Edge Extension: (No Name) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2020-07-20]
Edge Extension: (Leet ad blocker) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfkdpncdgndakidfnokjoojnfjifiepj [2022-04-21]
Edge Profile: C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-05-07]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-06]
Edge Extension: (Pirates of the Caribbean) - C:\Users\ronny\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\mgaojgdnjfjppepndmlgnjkpmkijbkah [2022-05-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 6nm8fvx2.default-1611594858898
FF ProfilePath: C:\Users\ronny\AppData\Roaming\Mozilla\Firefox\Profiles\6nm8fvx2.default-1611594858898 [2022-06-29]
FF Homepage: Mozilla\Firefox\Profiles\6nm8fvx2.default-1611594858898 -> hxxps://www.bing.com/?pc=W091
FF ProfilePath: C:\Users\ronny\AppData\Roaming\Mozilla\Firefox\Profiles\ntamu3y2.default-1618974619849 [2022-04-10]
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2020-07-01] (Solware IT Ltd -> Solware)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-687888615-3449104039-937635755-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ddojnmkongaimkdddgmcccldlfhokcfb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable [2022-04-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\ronny\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [106944 2017-06-29] (Andrea Electronics -> Andrea Electronics Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-06-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-07-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncHelper.exe [3374472 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2022-04-05] (MIXBYTE, INC. -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-22] (Malwarebytes Inc. -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-18] (Logitech Inc -> Logitech)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.121.0605.0002\OneDriveUpdaterService.exe [3812744 2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1336624 2021-07-14] (PALTALK, INC. -> AVM Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [626344 2021-09-06] (CyberLink Corp. -> CyberLink)
R2 sherpa_service; C:\Program Files\Blue Sherpa\sherpa_service.exe [351136 2021-07-29] (Logitech Inc -> Logitech, Inc.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 VRSService; C:\Program Files (x86)\NCH Software\VRS\vrs.exe [1313808 2018-10-18] (NCH Software Pty Ltd -> NCH Software)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AFXfilt; C:\WINDOWS\system32\drivers\AFXfilt.sys [35320 2015-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [33784 2020-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [25952 2018-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider)
R3 iriunvid; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_4747a243bb885bc4\iriunvid.sys [165000 2022-04-29] (Iriun Oy -> Windows (R) Win 7 DDK provider)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-06-30] (Malwarebytes Inc. -> Malwarebytes)
S3 mbtun; C:\WINDOWS\system32\DRIVERS\mbtun.sys [86680 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [54664 2021-03-12] (NCH Software Pty Ltd -> )
S3 VCAM_WDM; C:\WINDOWS\system32\DRIVERS\VCam_WDM.sys [1090984 2018-03-13] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-01 18:13 - 2022-07-01 18:15 - 000000000 ____D C:\FRST
2022-07-01 17:30 - 2022-07-01 17:33 - 007333288 _____ (Tweaking.com) C:\Users\ronny\Downloads\tweaking.com_registry_backup_setup (6).exe
2022-06-30 20:07 - 2022-06-30 20:07 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-06-30 20:07 - 2022-06-30 20:07 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-06-30 20:07 - 2022-06-30 20:07 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-06-29 14:57 - 2022-06-29 14:57 - 000000000 ____D C:\Users\ronny\.ms-ad
2022-06-23 23:25 - 2022-06-23 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-06-22 23:29 - 2022-06-30 20:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-06-22 06:07 - 2022-06-22 06:07 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-06-21 01:54 - 2022-06-21 01:54 - 000124757 _____ C:\Users\ronny\Downloads\Account e-Statement - May 2022.pdf
2022-06-19 00:16 - 2022-06-30 20:07 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-17 14:34 - 2022-06-17 14:34 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-17 14:33 - 2022-06-17 14:33 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 14:33 - 2022-06-17 14:33 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 14:32 - 2022-06-17 14:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-17 14:32 - 2022-06-17 14:32 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-17 13:51 - 2022-06-17 13:51 - 000000000 ___HD C:\$WinREAgent
2022-06-11 22:16 - 2022-06-11 22:16 - 000000000 ____D C:\ProgramData\Apple Computer
2022-06-11 21:24 - 2022-06-11 21:24 - 000001365 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2022-06-11 21:24 - 2022-06-11 21:24 - 000000000 ____D C:\Users\ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2022-06-11 21:24 - 2022-06-11 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2022-06-11 21:23 - 2022-06-11 21:24 - 000000000 ____D C:\Program Files (x86)\Freemake
2022-06-11 21:09 - 2022-06-11 21:09 - 001017928 _____ (Mixbyte Inc. ) C:\Users\ronny\Downloads\FreemakeVideoDownloaderSetup_1bce304c-9da7-11aa-f461-760a6bc8c142.exe
2022-06-11 21:09 - 2022-06-11 21:09 - 001016720 _____ (Mixbyte Inc. ) C:\Users\ronny\Downloads\FreemakeVideoConverterSetup_1bce304c-9da7-11aa-f461-760a6bc8c142.exe
2022-06-08 21:01 - 2022-06-08 21:01 - 000000000 ____D C:\Users\ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2022-06-08 09:01 - 2022-06-08 09:01 - 003535870 _____ C:\Users\ronny\Downloads\inogen-info-guide-202107.pdf
2022-06-07 01:33 - 2022-06-07 01:33 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2022-06-06 03:05 - 2022-06-06 03:06 - 001114624 _____ C:\Users\ronny\Downloads\WGT Maximized v2.exe
2022-06-05 23:26 - 2022-06-05 23:26 - 000369752 _____ C:\Users\ronny\Downloads\dikph.ppp
2022-06-02 12:34 - 2021-10-08 11:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2022-06-02 12:34 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2022-06-02 12:34 - 2021-10-08 11:00 - 000043640 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-01 18:11 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-01 18:04 - 2022-04-08 12:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-01 18:04 - 2022-03-28 18:48 - 000033662 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-07-01 18:04 - 2021-01-21 15:24 - 000000000 ___RD C:\Users\ronny\Dropbox
2022-07-01 18:04 - 2020-12-18 21:01 - 000001863 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-07-01 17:25 - 2022-04-08 13:15 - 000004142 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6C960934-DC27-4EFF-89D5-F77C012D2312}
2022-07-01 10:40 - 2020-07-01 22:12 - 000000000 __SHD C:\Users\ronny\IntelGraphicsProfiles
2022-07-01 10:39 - 2020-06-08 11:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-01 02:07 - 2022-04-13 02:22 - 117129216 _____ C:\Users\ronny\OneDrive\Documents\dwyco-backup-diff-919f17398c9e005aeacd.sql
2022-07-01 00:25 - 2020-11-12 22:07 - 000000000 ____D C:\Users\ronny\AppData\Local\CrashDumps
2022-06-29 17:49 - 2022-04-08 13:15 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-687888615-3449104039-937635755-1001
2022-06-29 17:49 - 2022-04-08 13:15 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-06-29 17:49 - 2021-09-11 17:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-06-29 17:49 - 2021-02-26 03:43 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-29 14:57 - 2022-04-08 12:35 - 000000000 ____D C:\Users\ronny
2022-06-29 14:54 - 2022-04-08 13:10 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-29 14:54 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-29 14:48 - 2022-04-08 13:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-29 14:48 - 2021-01-03 02:02 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-29 00:10 - 2022-04-13 02:22 - 113463296 _____ C:\Users\ronny\OneDrive\Documents\dwyco-backup-diff-919f17398c9e005aeacd.old.sql
2022-06-28 14:13 - 2020-09-16 13:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-06-28 13:21 - 2019-10-23 14:34 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 09:47 - 2020-07-19 08:00 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-25 09:47 - 2020-07-19 08:00 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-23 23:26 - 2021-01-16 09:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-06-22 23:49 - 2019-10-23 14:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-19 00:15 - 2022-03-29 14:43 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-18 21:09 - 2022-04-08 12:57 - 000444392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-18 21:08 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-18 21:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-18 21:06 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-18 21:02 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-06-17 14:49 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 14:31 - 2022-04-08 13:01 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-17 13:43 - 2020-07-02 02:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-17 13:38 - 2020-07-02 02:27 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 09:58 - 2021-01-20 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-06-16 09:58 - 2021-01-20 14:48 - 000000000 ____D C:\Program Files (x86)\Java
2022-06-16 09:57 - 2021-01-20 14:48 - 000166680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-06-15 23:10 - 2022-04-10 06:28 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d84b736cd80c44
2022-06-15 23:10 - 2022-04-08 13:15 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-11 22:16 - 2020-07-10 05:36 - 000000000 ____D C:\ProgramData\Apple
2022-06-11 22:16 - 2020-07-01 22:13 - 000000000 ____D C:\Users\ronny\AppData\Local\Publishers
2022-06-11 22:16 - 2020-07-01 22:12 - 000000000 ____D C:\Users\ronny\AppData\Local\Packages
2022-06-07 01:33 - 2021-06-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
==================== Files in the root of some directories ========
2020-12-27 15:29 - 2020-12-27 15:29 - 000001167 _____ () C:\Users\ronny\AppData\Roaming\trace_FilterInstaller.txt
2020-12-27 15:29 - 2020-12-27 15:29 - 000000000 _____ () C:\Users\ronny\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2020-07-10 05:21 - 2020-07-10 05:21 - 000003584 _____ () C:\Users\ronny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-06-30 21:12 - 2021-06-30 21:12 - 000007597 _____ () C:\Users\ronny\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
--------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by ronny (01-07-2022 18:22:03)
Running from C:\Users\ronny\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-04-08 18:17:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-687888615-3449104039-937635755-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-687888615-3449104039-937635755-503 - Limited - Disabled)
Guest (S-1-5-21-687888615-3449104039-937635755-501 - Limited - Disabled)
ronny (S-1-5-21-687888615-3449104039-937635755-1001 - Administrator - Enabled) => C:\Users\ronny
WDAGUtilityAccount (S-1-5-21-687888615-3449104039-937635755-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(7) Facebook (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\876d02b7a154c12acc74dbe21dbbc4a7) (Version: 1.0 - (7) Facebook)
8 Ball Pool - A free Sports Game (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\f2e784ea14e2058dcbf097ec01441184) (Version: 1.0 - 8 Ball Pool - A free Sports Game)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 22.001.20142 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS WebStorage Timeline Backup (HKLM-x32\...\ASUS WebStorage Timeline Backup) (Version: 1.0.0.23 - ASUS Cloud Corporation)
Bing Wallpaper (HKLM-x32\...\{99B0DEA2-5306-4BCB-B918-5E945747F7F9}) (Version: 1.0.9.9 - Microsoft Corporation)
Blue Sherpa (HKLM-x32\...\Blue Sherpa) (Version: - Blue Microphones)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cannon Balls 3D - Play Cannon Balls 3D on Crazy Games (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\5be0c4916bb74b139b07376939538cf5) (Version: 1.0 - Cannon Balls 3D - Play Cannon Balls 3D on Crazy Games)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CyberLink PowerDirector 365 (HKLM-x32\...\{278A8296-12A6-4CD0-8A8E-6947948477C5}) (Version: 20.0.2106.0 - CyberLink Corp.)
DeskFX Audio Effect Processor (HKLM-x32\...\DeskFX) (Version: 3.14 - NCH Software)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 151.4.4304 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Dwyco CDC-X version 2.31 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Dwyco CDC-X_is1) (Version: 2.31 - Dwyco, Inc.)
Dwyco Video Conferencing (HKLM-x32\...\Dwyco Video Conferencing_is1) (Version: 2.97 - Dwyco, Inc.)
e2eSoft VCam 6.4 (HKLM-x32\...\VCam_is1) (Version: 6.3 - e2eSoft)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
Featured Songs _ SingSnap Karaoke (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\5c7ad6f550c744e9a98014f78df7bc92) (Version: 1.0 - Featured Songs _ SingSnap Karaoke)
Freemake Video Converter version 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.100.1.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Iriun Webcam version 2.7.3 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.7.3 - Iriun)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kanto Player version 12.0.0.0 (HKLM-x32\...\{B3749D9E-AFD6-49D6-8F40-4722B45859FF}_is1) (Version: 12.0.0.0 - Globosoft S.R.L.)
Karaoke Builder Player 5.0 (HKLM-x32\...\{A9DDC2FC-2028-47E9-847C-0CFA77181C83}_is1) (Version: 5.0.0.528 - Gisburne Media)
LibreOffice 6.1.6.3 (HKLM\...\{FDD378C0-438D-4E89-A692-6D010D5AF9D0}) (Version: 6.1.6.3 - The Document Foundation)
LocK-A-FoLdeR (HKLM-x32\...\LocK-A-FoLdeR) (Version: 3.10.3 - )
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Maxthon (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Maxthon) (Version: 6.1.0.2000 - Maxthon Ltd.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.9.5.1000 - Maxthon International Limited)
Microsoft .NET Core Host - 3.1.16 (x86) (HKLM-x32\...\{5D887DA9-5C68-400F-8948-1CC517CB9A41}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.16 (x86) (HKLM-x32\...\{A0066D67-1765-4066-B260-DD548A154CB5}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.16 (x86) (HKLM-x32\...\{876E7C98-9A2F-4644-BD03-7E6253D54EFE}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.37 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.16 (x86) (HKLM-x32\...\{23B1E150-9D20-42E9-ABEA-5F155FE91878}) (Version: 24.64.30112 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.16 (x86) (HKLM-x32\...\{eadb038c-8c60-4258-8cf9-e43e809329a4}) (Version: 3.1.16.30112 - Microsoft Corporation)
MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 7.10 - NCH Software)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Firefox 78.6.0 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 78.6.0 ESR (x64 en-US)) (Version: 78.6.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.6.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
ocenaudio (HKLM-x32\...\ocenaudio) (Version: 3.9.5 - Ocenaudio Team)
Paltalk (HKLM-x32\...\Paltalk) (Version: - )
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 8.00 - NCH Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 9.03 - NCH Software)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Sound Blaster Audigy Fx (HKLM-x32\...\{D81021F7-48D0-44B2-9B0E-95EF6DBE9E79}) (Version: 1.00.07 - Creative Technology Limited)
Sound Blaster Audigy Fx Extras (HKLM-x32\...\{52272D09-08E0-4A57-BC14-BC09F5D7AE26}) (Version: 1.0 - Creative Technology Limited)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 6.09 - NCH Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 10.56 - NCH Software)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 10.75 - NCH Software)
VRS Recording System (HKLM-x32\...\VRS) (Version: 5.48 - NCH Software)
War Thunder Launcher 1.0.3.282 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
Wargaming.net Game Center (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\Wargaming.net Game Center) (Version: 22.0.0.8225 - Wargaming.net)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 12.23 - NCH Software)
WGT Launcher (HKLM-x32\...\{E4340AAD-E352-4209-9DA2-53C71C2C7F81}) (Version: 1.2 - Topgolf USA, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
World of Tanks NA (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOWP.WW.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
Y8 Browser 1.0.10 (HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\a6611861-70b4-5ed8-b9ef-d6448267637c) (Version: 1.0.10 - Y8 Games)
Packages:
=========
All Video Player HD -> C:\Program Files\WindowsApps\22450.TotalVideoPlayer_2.2.1.0_x64__0aqw1zw0x2snt [2022-04-08] (韵华软件)
AutoCAD Mobile -> C:\Program Files\WindowsApps\89006A2E.AutoCAD360_8.29.0.0_x64__tf1gferkr813w [2022-06-16] (Autodesk Inc.)
Best Bubble Breaker -> C:\Program Files\WindowsApps\29219fast-soft.de.BestBubbleBreaker_1.1.0.5_x64__ef0y5a6dqd4v4 [2022-05-16] (fast-soft.de) [MS Ad]
Bubble Breaker Ultimate -> C:\Program Files\WindowsApps\55591DelaireDamien.BubbleBreakerUltimate_1.0.0.16_x64__823pgb98jhb94 [2022-05-16] (Delaire Damien)
City Racing 3D 2 -> C:\Program Files\WindowsApps\B9BA84AC.CityRacing2_1.4.5.0_x64__3ag0hv5nd203a [2022-04-08] (成都羽珀科技有限责任公司) [MS Ad]
DrawPad Graphic Design Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.DrawPadFree_8.3.9.0_x86__7kedsbyvzns34 [2022-06-19] (NCH Software)
Farkle Free!! -> C:\Program Files\WindowsApps\IronjawStudiosPrivateLimi.FarkleFree_2.0.1.0_x64__0ah1jqwq7j8nj [2022-04-08] (Ironjaw Studios Private Limited)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-06-11] (Apple Inc.) [Startup Task]
Mail -> C:\Program Files\WindowsApps\40811eyack.com.MAIL_10.1703.61.0_x64__xsbsxxypt8dh6 [2022-05-22] (eyacker.com)
Media Player - All Formats, Video Player All Formats -> C:\Program Files\WindowsApps\2725Swisspix.MediaPlayer-AllFormatsVideoPlayerAllF_1.1.13.0_x64__q68sgvev02mx6 [2022-04-08] (Swisspix) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-10] (Microsoft Studios) [MS Ad]
My Drawing Pad -> C:\Program Files\WindowsApps\14835KeithLam.MyDrawingPad_1.1.3.0_x64__n72ny8k2pphgw [2022-04-08] (Keith Lam)
Net Speed Meter -> C:\Program Files\WindowsApps\4789ZeroByte.NetSpeedMeter_4.0.0.0_neutral__gvheqymwk6zrr [2022-06-01] (Zero Byte) [Startup Task]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation)
Shadow Defense: Kingdom -> C:\Program Files\WindowsApps\32809xgeneration.ShadowDefenseKingdom_1.1.1.1_x86__f6w2wpjbc1rm8 [2022-05-29] (9xgeneration) [MS Ad]
Speech to Text -> C:\Program Files\WindowsApps\49600POONFAMILY.SpeechtoText_1.1.0.2_x86__cjkmrjc535bpe [2022-04-08] (POONFAMILY) [MS Ad]
Tower Defense Game -> C:\Program Files\WindowsApps\46462kankygames4.TowerDefenseGame_1.0.0.0_x64__vkbwk3y7qepp2 [2022-05-18] (kankygames4)
Video Trimmer - Video Editor & Video Maker -> C:\Program Files\WindowsApps\4978BestGameStudio.VideoTrimmer-VideoEditorVideoMa_1.0.3.0_x64__1722q061jff9j [2022-04-08] (Best Game Studio) [MS Ad]
VOICE x NOTE -> C:\Program Files\WindowsApps\33805LSongBee.VOICExNOTE_1.1.3.0_x64__h9vv8ndyw0qje [2022-04-08] (LSongBee) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\ronny\AppData\Local\Maxthon\Application\6.1.0.2000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ronny\Dropbox [2021-01-21 15:24]
CustomCLSID: HKU\S-1-5-21-687888615-3449104039-937635755-1001_Classes\CLSID\{e4211cc1-dab9-49db-af72-8e71f657e3c5}\localserver32 -> C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe (NCH Software, Inc. -> NCH Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.121.0605.0002\FileSyncShell64.dll [2022-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-07] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2011-09-16 18:04 - 2011-09-16 18:04 - 000238080 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\CTLoadRs.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-687888615-3449104039-937635755-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2022-03-29 14:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-01-12 09:13 - 2021-01-12 09:13 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-687888615-3449104039-937635755-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ronny\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20220701.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VRS"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ASUS WebStorage Timeline Backup"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Paltalk"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Samsung DeX"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-687888615-3449104039-937635755-1001\...\StartupApproved\Run: => "CTRegRun"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{D23D5FBF-6D51-4D2B-A189-AEC57F83DB59}C:\users\ronny\appdata\local\crossout\launcher.exe] => (Allow) C:\users\ronny\appdata\local\crossout\launcher.exe => No File
FirewallRules: [TCP Query User{A2EF3C15-B27E-46A3-9AF5-9BFBADA7C7A1}C:\users\ronny\appdata\local\crossout\launcher.exe] => (Allow) C:\users\ronny\appdata\local\crossout\launcher.exe => No File
FirewallRules: [TCP Query User{4363B518-7365-416A-B65A-7E057EB3AFA4}C:\program files\dwyco2\cdc32.exe] => (Allow) C:\program files\dwyco2\cdc32.exe (Dwyco, Inc.) [File not signed]
FirewallRules: [UDP Query User{0F75ACEB-A709-4124-B69F-A1323DA9B174}C:\program files\dwyco2\cdc32.exe] => (Allow) C:\program files\dwyco2\cdc32.exe (Dwyco, Inc.) [File not signed]
FirewallRules: [TCP Query User{F7C5AB25-F99C-46DC-9A1C-F083EB381BDC}C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe (Dwyco, Inc. -> )
FirewallRules: [UDP Query User{FE17A148-F291-4ECA-9448-3BDAECC4A76A}C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\ronny\onedrive\documents\dwyco\cdc-x\cdcx.exe (Dwyco, Inc. -> )
FirewallRules: [TCP Query User{63EC1546-2686-495A-B46D-BCF1CA82C9A3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FC407C44-8926-4A1E-9484-9A848E1A3BE3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{79344975-A112-42E7-835F-C45F993049D7}] => (Allow) C:\Program Files (x86)\Iriun Webcam\IriunWebcam.exe (IriunWebcam) [File not signed]
FirewallRules: [TCP Query User{C304F362-708A-426A-B6D3-0400EC662067}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{5CBD9B30-432A-4A4D-9897-D5FB16631BF2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A9B7D524-2FC5-49FA-BCDB-DA9AA915E1D2}] => (Allow) C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{2F0EA6F0-712C-4484-BC66-30FA0A8DDB98}] => (Allow) C:\Users\ronny\OneDrive\Desktop\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{5A3D75C6-3B76-4BA9-BC79-F1DC09F0ED98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{405995C6-7B41-455D-BFC0-498761E3D8C8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0743EDCF-1285-49A4-BB32-E7D962A192DD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97EB7569-B5F4-4979-B410-2288998D12A5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54A10104-3E79-4ACC-858D-707FEB0C054E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5DFEE8A-F1EA-4E07-BA79-0627CF14E3BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{94665A85-8C3F-4E90-8F16-25388E22F32F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E4BCDA11-685B-4D8C-A933-43D240B20573}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3E74A5F-2E25-4FEC-8BFA-1AD7F8361A6C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5C8C5723-D190-4E53-9EE2-05A6036C47B7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F4DA909-78DF-4DAF-89D6-022E3C136E2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D35AF87A-361D-4A2C-9385-CCFAD34ABF43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B15412A-366B-454F-920E-9D5C58FB8192}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{596AF608-A03D-488C-9AAB-BFFBAFB4B7B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
17-06-2022 13:43:38 Windows Modules Installer
17-06-2022 13:48:27 Windows Modules Installer
17-06-2022 13:51:44 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9906
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9906
Error: (07/01/2022 04:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7922
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7922
Error: (07/01/2022 04:08:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2022 04:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5922
Error: (07/01/2022 04:08:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5922
System errors:
=============
Error: (07/01/2022 03:02:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (06/29/2022 02:47:38 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (06/29/2022 02:48:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:00:39 AM on 6/29/2022 was unexpected.
Error: (06/28/2022 01:17:00 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (06/28/2022 01:17:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:05:44 PM on 6/28/2022 was unexpected.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/22/2022 03:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DADS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-04-27 07:20:50
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Hewlett-Packard L01 v02.65 07/13/2015
Motherboard: Hewlett-Packard 1998
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 57%
Total physical RAM: 8082.33 MB
Available physical RAM: 3440.02 MB
Total Virtual: 9938.33 MB
Available Virtual: 4664.36 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.29 GB) (Free:695.28 GB) (Model: Hitachi HUA722010CLA330) NTFS
Drive d: (SB_INSTALL) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
\\?\Volume{6936fdef-0000-0000-0000-100000000000}\ (System) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS
\\?\Volume{6936fdef-0000-0000-0000-f0b1e8000000}\ () (Fixed) (Total:0.73 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6936FDEF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=749 MB) - (Type=27)
==================== End of Addition.txt =======================