Couple of PC issues...PC running slow and PC will not restart

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Malnutrition
    PCHF Moderator
    • Jul 2016
    • 7041

    #16
    No, they are two separate programs. No worries on the time. Just make sure you check what logs you post, it happens sometimes.

    Re run Frst and collect fresh logs after running adware cleaner.

    Instructions are in post 12

    I just need the logs in order to help. ???

    Comment

    • Ginger-Overlord
      PCHF Member
      • Jul 2024
      • 59

      #17
      Apologies. Will get these for you later. Thanks for clarifying.

      Comment

      • Ginger-Overlord
        PCHF Member
        • Jul 2024
        • 59

        #18
        Hi again,

        Having trouble getting my pc to boot up!
        Gets about half-way through booting up then shuts down again.
        Having no luck at the moment. I’ll keep trying and will update you with some log files as soon as I can.

        Many thanks.

        Comment

        • Ginger-Overlord
          PCHF Member
          • Jul 2024
          • 59

          #19
          Could this be a faulty power supply or is it an effect of being infected? I have pressed F11 while booting and it has took me to a ‘click bios 2’ screen. Thing is, the pc is on and hasn’t shut down! Not sure what to select on this screen though…

          Comment

          • Ginger-Overlord
            PCHF Member
            • Jul 2024
            • 59

            #20
            Could this be a faulty power supply or is it an effect of being infected?

            Comment

            • Bruce
              PCHF Moderator
              • Oct 2017
              • 10697

              #21
              It does indeed sound like a hardware issue.
              Some simple things to try first - take out the memory sticks and graphics card.
              Using a soft bristled brush, wipe their circuit boards, contact pins, and their motherboard slots they go into.
              Re-seat them and see if that helps.
              If not, just try one memory stick at a time in case a stick is faulty.
              If still no luck, try one stick in the other slot in case a slot has gone bad.

              While you have the case open, clean out any dust buildup.
              And if still no luck, yes, try and get your hands on another PSU (friend, family, neighbour, work).

              Comment

              • Ginger-Overlord
                PCHF Member
                • Jul 2024
                • 59

                #22
                Hi, just tried booting again tonight. Got into Windows fine, after a short while it started run slow and tabs in Google started to open very slowly. A few seconds after this the PC shut down!
                I’ll take pc into the garden tomorrow and tinker around with its innards as you’ve advised.

                I’ll post back tomorrow???

                Comment

                • Malnutrition
                  PCHF Moderator
                  • Jul 2016
                  • 7041

                  #23
                  [MEDIA=youtube]DLxNPBQBfT8[/MEDIA]

                  Comment

                  • Ginger-Overlord
                    PCHF Member
                    • Jul 2024
                    • 59

                    #24
                    Will try re-seating my hardware and report back later.
                    Just turned on the pc this morning. Everything was fine for the first couple of minutes, then the slowing down, the lag and eventually the shut down.
                    The psu is 650w although I have a spare 500w. Would trying the 500w psu damage my pc?

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7041

                      #25
                      Originally posted by Ginger-Overlord
                      Would trying the 500w psu damage my pc?
                      No

                      Comment

                      • Ginger-Overlord
                        PCHF Member
                        • Jul 2024
                        • 59

                        #26
                        Hi,

                        OK, I think I have resolved my PC instability.

                        For some unknown reason the CPU fan had become loose with one of the securing ‘buttons’ popping out, this would answer why the PC would start fine but shut down after a few minutes (CPU becoming overheated as the fan would occasionally not work). I pressed this in again and the unit is steady on the motherboard again (I was wondering why the fan was loose while dusting the PC the other day).
                        Anyway, since securing the fan the PC boots and runs fine.

                        Regarding Adware. Apologies, I completely missed the information in post 12 advising me how to run, install, and process a log file. Sorry.

                        On Adware, I get the screen below then click next:

                        [ATTACH type=“full”]13987[/ATTACH]

                        Then it gives me this screen:

                        [ATTACH type=“full”]13988[/ATTACH]

                        My SSD is Samsung and I am concerned that quarantining this may adversley effect my PC. Do I leave ‘PreInstalled.SamsungSmartSwitch’ unticked and click on quarantine to quarantine/remove the items in screenshot 1?

                        Cheers for your continued help - apologies for being a dumb-ass

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7041

                          #27
                          You can leave the Samsung item unchecked, it is just pre installed bloatware. Remove or leave that is your choice, the other crap should go.

                          We may as well clean up the computer while we are at it. Definitely will run smoother when we are done. That is your choice tho. ???

                          Comment

                          • Ginger-Overlord
                            PCHF Member
                            • Jul 2024
                            • 59

                            #28
                            Hi,

                            Ran Adware - this is the .log it left me with:
                            [HEADING=1]-------------------------------[/HEADING]
                            [HEADING=1]Malwarebytes AdwCleaner 8.4.2.0[/HEADING]
                            [HEADING=1]-------------------------------[/HEADING]
                            [HEADING=1]Build: 03-04-2024[/HEADING]
                            [HEADING=1]Database: 2024-03-04.1 (Cloud)[/HEADING]
                            [HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
                            [HEADING=1]-------------------------------[/HEADING]
                            [HEADING=1]Mode: Clean[/HEADING]
                            [HEADING=1]-------------------------------[/HEADING]
                            [HEADING=1]Start: 07-20-2024[/HEADING]
                            [HEADING=1]Duration: 00:00:03[/HEADING]
                            [HEADING=1]OS: Windows 10 (Build 19045.4651)[/HEADING]
                            [HEADING=1]Cleaned: 43[/HEADING]
                            [HEADING=1]Failed: 0[/HEADING]
                            ***** [ Services ] *****

                            No malicious services cleaned.

                            ***** [ Folders ] *****

                            Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
                            Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
                            Deleted C:\Program Files (x86)\Downloaded Installers
                            Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
                            Deleted C:\Program Files (x86)\VIDEOVIEWER
                            Deleted C:\ProgramData\IObit\Advanced SystemCare
                            Deleted C:\ProgramData\IObit\Advanced SystemCare V7
                            Deleted C:\ProgramData\IObit\Advanced SystemCare V8
                            Deleted C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\IObit\Advanced SystemCare V8
                            Deleted C:\Users\MSSQLFDLauncher\AppData\Roaming\IObit\Adv anced SystemCare V8
                            Deleted C:\Users\MSSQLSERVER\AppData\Roaming\IObit\Advance d SystemCare V8
                            Deleted C:\Users\MSSQLServerOLAPService\AppData\Roaming\IO bit\Advanced SystemCare V8
                            Deleted C:\Users\MsDtsServer110\AppData\Roaming\IObit\Adva nced SystemCare V8
                            Deleted C:\Users\Public\Documents\Downloaded Installers
                            Deleted C:\Users\ReportServer\AppData\Roaming\IObit\Advanc ed SystemCare V8
                            Deleted C:\Users\chredge\AppData\LocalLow.acestream
                            Deleted C:\Users\chredge\AppData\LocalLow\IObit\Advanced SystemCare
                            Deleted C:\Users\chredge\AppData\LocalLow\IObit\Advanced SystemCare V8
                            Deleted C:\Users\chredge\AppData\Local\slimware utilities inc
                            Deleted C:\Users\chredge\AppData\Roaming.acestream
                            Deleted C:\Users\chredge\AppData\Roaming\IObit\Advanced SystemCare
                            Deleted C:\Users\chredge\AppData\Roaming\IObit\Advanced SystemCare V8
                            Deleted C:_acestream_cache_

                            ***** [ Files ] *****

                            Deleted C:\Users\chredge\AppData\Roaming\Mozilla\Firefox\P rofiles\vr7y4hjr.default\invalidprefs.js

                            ***** [ DLL ] *****

                            No malicious DLLs cleaned.

                            ***** [ WMI ] *****

                            No malicious WMI cleaned.

                            ***** [ Shortcuts ] *****

                            No malicious shortcuts cleaned.

                            ***** [ Tasks ] *****

                            Deleted C:\Windows\System32\Tasks\IORRT

                            ***** [ Registry ] *****

                            Deleted HKCU\Software\Classes\acestream
                            Deleted HKCU\Software\RegisteredApplications|AceStream
                            Deleted HKCU\Software\csastats
                            Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZ ECHILD|BackgroundHost64.exe
                            Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{DFB76C2 1-3D18-4052-81C2-913B6E62E54D}
                            Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{DFB76C2 1-3D18-4052-81C2-913B6E62E54D}
                            Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iorrt
                            Deleted HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{80BDBB4C-163E-4F4B-9533-59A7ED62A695}|Publisher
                            Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9791AB8D-A287-44A1-998E-E81FD126C583}C:\program files (x86)\bitlord\bitlord.exe
                            Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DEC71C29-B12B-40F2-80CD-473FDCEF153B}C:\program files (x86)\bitlord\bitlord.exe
                            Deleted HKLM\Software\SlimWare Utilities Inc
                            Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
                            Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
                            Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
                            Deleted HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
                            Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMess agingHosts\com.ascplugin.protect
                            Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULA TION|BackgroundHost.exe
                            Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZ ECHILD|BackgroundHost.exe

                            ***** [ Chromium (and derivatives) ] *****

                            No malicious Chromium entries cleaned.

                            ***** [ Chromium URLs ] *****

                            No malicious Chromium URLs cleaned.

                            ***** [ Firefox (and derivatives) ] *****

                            No malicious Firefox entries cleaned.

                            ***** [ Firefox URLs ] *****

                            No malicious Firefox URLs cleaned.

                            ***** [ Hosts File Entries ] *****

                            No malicious hosts file entries cleaned.

                            ***** [ Preinstalled Software ] *****

                            No Preinstalled Software cleaned.


                            [+] Delete Tracing Keys
                            [+] Reset Winsock


                            AdwCleaner[S00].txt - [5749 octets] - [20/07/2024 11:43:46]
                            AdwCleaner[S01].txt - [5810 octets] - [20/07/2024 11:48:01]
                            AdwCleaner[S02].txt - [5871 octets] - [20/07/2024 13:19:46]

                            ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

                            Comment

                            • Malnutrition
                              PCHF Moderator
                              • Jul 2016
                              • 7041

                              #29
                              Now re run FRST and this time, post both frst and addition.txt the last time you double posted addition log. Delete and text related to this thread prior to getting new logs, so there is no issue.

                              ???

                              Comment

                              • Ginger-Overlord
                                PCHF Member
                                • Jul 2024
                                • 59

                                #30
                                OK, I’ll try again

                                Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.07.2024
                                Ran by chredge (administrator) on MYSTERYMACHINE (MSI MS-7758) (20-07-2024 14:55:12)
                                Running from C:\Users\chredge\Desktop\FRST64.exe
                                Loaded Profiles: chredge & MsDtsServer110 & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MSSQLSERVER
                                Platform: Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) Language: English (United States)
                                Default browser: Chrome
                                Boot Mode: Normal

                                ==================== Processes (Whitelisted) =================

                                (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

                                (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
                                (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
                                (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
                                (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
                                (C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.e xe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
                                (cmd.exe ->) (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
                                (DriverStore\FileRepository\u0390451.inf_amd64_393 77efdd62734d1\B390182\atiesrxx.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u03 90451.inf_amd64_39377efdd62734d1\B390182\atieclxx. exe
                                (explorer.exe ->) (Google LLC → Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
                                (explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
                                (explorer.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
                                (Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
                                (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\cmd.exe
                                (services.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u03 90451.inf_amd64_39377efdd62734d1\B390182\atiesrxx. exe
                                (services.exe ->) (Intel® Upgrade Service → Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
                                (services.exe ->) (Malwarebytes Inc. → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService .exe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.e xe
                                (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
                                (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
                                (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe
                                (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe
                                (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe
                                (services.exe ->) (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
                                (services.exe ->) (Samsung Electronics Co., Ltd. → DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
                                (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
                                (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
                                (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
                                (svchost.exe ->) (Samsung Electronics Co., Ltd. → Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

                                ==================== Registry (Whitelisted) ===================

                                (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

                                HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. → Realtek Semiconductor)
                                HKLM...\Run: [C:\WINDOWS\system32\V0770Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\V0770Ext.ax (No File)
                                HKLM-x32...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation → Intel Corporation)
                                HKLM-x32...\Run: [C:\WINDOWS\System32\V0770Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\System32\V0770Ext.ax (No File)
                                HKLM...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
                                HKLM...\Policies\Explorer: [NoResolveSearch] 1
                                HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUp date: Restriction <==== ATTENTION
                                HKLM\Software\Policies...\system: [EnableCloudClipboard] 0
                                HKLM\Software\Policies...\system: [CloudClipboardAutomaticUpload] 0
                                HKLM\Software\Policies...\system: [EnableActivityFeed] 0
                                HKLM\Software\Policies...\system: [PublishUserActivities] 0
                                HKLM\Software\Policies...\system: [UploadUserActivities] 0
                                HKLM\Software\Policies...\system: [AllowCrossDeviceClipboard] 0
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Run: [appnhost] => C:\Users\chredge\AppData\Local\Mixesoft\AppNHost\a ppnhost.exe [453176 2014-08-08] (Vladislavas Jarmalis → Mixesoft Project)
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Run: [AMDNoiseSuppression] => “C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.e xe” (No File)
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Run: [MicrosoftEdgeAutoLaunch_3B3BB905A374F1CF0D310AB30E 4EDE63] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start [3883560 2024-07-11] (Microsoft Corporation → Microsoft Corporation)
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Policies\Explorer: [NoResolveSearch] 1
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Policies\Explorer: [NoInternetOpenWith] 1
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\Policies\Explorer: [HideSCAMeetNow] 1
                                HKLM...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher → CANON INC.)
                                HKLM...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher → CANON INC.)
                                HKLM...\Print\Monitors\Canon BJ Language Monitor MG2500 series XPS: C:\WINDOWS\system32\CNMXLMBX.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher → CANON INC.)
                                HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.128\Ins taller\chrmstp.exe [2024-07-17] (Google LLC → Google LLC)
                                HKLM\Software...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] →
                                Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Watch.lnk [2013-04-10]
                                ShortcutTarget: Watch.lnk → C:\Program Files (x86)\MUSTEK 1248UB\Driver\WATCH.exe (Common Group) [File not signed]
                                GroupPolicy: Restriction ? <==== ATTENTION
                                Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
                                HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
                                HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
                                HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

                                ==================== Scheduled Tasks (Whitelisted) =================

                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                Task: {116E3548-253D-4F04-A9E0-FC4387A9822F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d → No File <==== ATTENTION
                                Task: {1C5E60AA-0C47-4621-A967-049429A2D4DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d → No File <==== ATTENTION
                                Task: {38883215-466E-4BD7-8D0C-2A569F5179EE} - \Microsoft\Windows\UNP\RunCampaignManager → No File <==== ATTENTION
                                Task: {519A8396-93C1-430C-9B66-957F837C561F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent → No File <==== ATTENTION
                                Task: {5243425B-993B-40ED-BDF5-92AB68DBF2EF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd → No File <==== ATTENTION
                                Task: {868E7A8D-EFAC-4ECD-9354-CA69CBC63EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d → No File <==== ATTENTION
                                Task: {9BD0A96C-7DCD-4E94-A191-650252DE7A6A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask → No File <==== ATTENTION
                                Task: {BD83E793-452E-4EC7-83B7-FBE05E1FCD87} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig → No File <==== ATTENTION
                                Task: {D5330EA6-8548-46B2-8013-23AB0D32C1A2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d → No File <==== ATTENTION
                                Task: {DF573AD4-8335-432C-8091-D74A4B1A2544} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B → No File <==== ATTENTION
                                Task: {E27C0C30-95E3-440E-B7EF-67557F3B763D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent → No File <==== ATTENTION
                                Task: {EE8419BF-8261-44DF-9F69-5398DCE47A1A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess → No File <==== ATTENTION
                                Task: {FBA7627D-3194-440A-87DD-3563128AA85A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d → No File <==== ATTENTION
                                Task: {30DB77CA-5DFA-4FAB-A208-86176305F836} - System32\Tasks{6E00ECDE-3602-4FEF-858D-F51BD4482340} => C:\Windows\System32\pcalua.exe [88064 2024-07-09] (Microsoft Windows → Microsoft Corporation) → -a E:\install.exe -d E:
                                Task: {8FB8BC4D-0E22-466B-9E91-2CDCE1E2E8B5} - System32\Tasks{6E96E9DF-8C1C-46FE-A88C-B2C62537F979} => C:\Windows\System32\pcalua.exe [88064 2024-07-09] (Microsoft Windows → Microsoft Corporation) → -a D:\Setup.exe -d D:
                                Task: {C43DE1C1-1630-4296-82DC-9BE28A3339E2} - System32\Tasks{DAF28B77-7893-4299-9FE0-8B7FE3AC27C2} => C:\Windows\System32\pcalua.exe [88064 2024-07-09] (Microsoft Windows → Microsoft Corporation) → -a “C:\Program Files (x86)\IObit\Advanced SystemCare 8\unins000.exe”
                                Task: {BB675DF8-604E-488A-B1CB-03BA53AD9745} - System32\Tasks{F0CF969B-A4F7-451D-98A9-1462AAEA81F3} => C:\Windows\System32\pcalua.exe [88064 2024-07-09] (Microsoft Windows → Microsoft Corporation) → -a C:\Users\Chris\Downloads\mp3gain-win-1_2_5.exe -d C:\Users\Chris\Downloads
                                Task: {C66C6B2B-38F8-4E2C-8D3E-9324C0DA2F68} - System32\Tasks\AdobeAAMUpdater-1.0-Chris-PC-Chris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [444904 2012-09-20] (Adobe Systems Incorporated → Adobe Systems Incorporated)
                                Task: {CC2BAEF1-DA9A-44A0-86C1-AF31E7F676C7} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-07-20] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                Task: {20697CEF-A6C5-4754-86A4-F48E8E92C130} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)
                                Task: {B818C323-F13F-4B91-B70F-FD863BE274DD} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe → C:\Program Files\Bitdefender Agent\repair
                                Task: {0D35864B-769D-4CA0-926E-88D679FDD1FD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5754336 2024-07-09] (Microsoft Windows → Microsoft Corporation)
                                Task: {99DAB5B9-B9AA-45EF-B826-3F7DB707F69D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c (No File)
                                Task: {E1E5EA9B-45B0-44B6-90F5-9A05AD38AAE7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler (No File)
                                Task: {C1AF9FBE-2F4C-4B6D-9F6A-16A35AAF107F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUp daterTaskSystem128.0.6597.0{FB0D115E-37F7-4F4E-99FA-F612A04431AE} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.ex e [4889704 2024-07-15] (Google LLC → Google LLC)
                                Task: {540BFF73-A7A9-4BC1-803F-6848A7DBA4A7} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [855 2014-09-21] () [File not signed]
                                Task: {54169E29-8553-4111-8896-044299C8BA1F} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [855 2014-09-21] () [File not signed]
                                Task: {16FE398A-2720-4078-BDF8-C4F616A8DAFD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
                                Task: {1ECF0236-9F72-45BA-AD5B-1C3ACF743F2C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
                                Task: {1EC448A7-56D8-444F-8FFB-419390675C2E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
                                Task: {7698B61B-812C-42E9-9A79-EBD591212F69} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (No File)
                                Task: {5D92A073-3E21-451D-A751-29DD8BF4B1CC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
                                Task: {3BA3CF0C-28CE-46C7-8EB0-EFADED5D7B26} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (No File)
                                Task: {41CBF80B-D38A-4887-951C-827F277A149E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (No File)
                                Task: {AF9D17B0-C1C9-467A-BF18-79EA73477B89} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
                                Task: {6772B81E-2739-4656-A805-A38B57F6BB3E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
                                Task: {D72F9EF5-E92D-4349-91D7-C11F80585250} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (No File)
                                Task: {04927EC1-C6B4-4772-8E6E-033034782CD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
                                Task: {6A0B3724-EC49-4DEB-96D3-CD6E3849B0A6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (No File)
                                Task: {F1851D8E-5C21-44CF-88B4-F0A2D466E043} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
                                Task: {1A793F00-F97B-428A-8963-F4B1118CBAEE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
                                Task: {9A789A97-DE78-46CF-9163-6F9E23B559B1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (No File)
                                Task: {2183BFE5-4329-40F4-8A9D-C53244CAC165} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (No File)
                                Task: {91CC317A-B720-482D-BEE7-D9F25F0FD773} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (No File)
                                Task: {E394741E-C4AD-4E3B-B0CA-E403EEE20BAA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (No File)
                                Task: {381A8673-B576-4AB8-95F1-DC99CF561C00} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
                                Task: {3BEE19E5-67EC-4563-BF63-FE89F704316E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
                                Task: {6B34BB93-5EF8-407B-AB1D-17F2D65B30EA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
                                Task: {DA44B33B-AC1F-41F5-B95D-8F686BE929EE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (No File)
                                Task: {AAA61D29-CF9C-488F-9E9F-30252612D69E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
                                Task: {80A7A0FB-261E-4464-9389-63AB5781B849} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
                                Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
                                Task: {B6BCB4E1-4114-4150-BE26-CE5DC04DE4BC} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
                                Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
                                Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
                                Task: {CA15F4A5-1954-4DE9-8104-3A5ADB8FB69A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
                                Task: {D9436438-987F-4BD3-AE64-BF398DD96936} - System32\Tasks\Microsoft\Windows\SideShow\GadgetMa nager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
                                Task: {3807D894-5114-481A-9345-42DFD6847B8F} - System32\Tasks\Microsoft\Windows\SideShow\SessionA gent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
                                Task: {4B65A728-4996-4AE9-AB8B-D2EE2DC3A7C4} - System32\Tasks\Microsoft\Windows\SideShow\SystemDa taProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
                                Task: {7C8C0ABB-6874-4E89-B5E8-1954FE774736} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                Task: {8280ED3F-1830-49C7-B5AB-1E3F3120CF74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                Task: {61755C47-F846-45B6-B4F4-06B622CB4543} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                Task: {52E0A672-E962-4A65-B734-C78EA0DDF83A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                Task: {29B11E1E-942E-495C-A69D-97177A8BBAA0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-07-20] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                Task: {EAAB85EA-7B25-4FEF-93F5-A6601DA5DDAC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [677448 2024-07-12] (Mozilla Corporation → Mozilla Corporation) → C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask background (the data entry has 6 more characters).
                                Task: {6F09A005-A0C7-43F4-8E49-3C7E9A1F18DA} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3466739526-2485095647-408758403-1009 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [677448 2024-07-12] (Mozilla Corporation → Mozilla Corporation) → C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask background (the data entry has 6 more characters).
                                Task: {E7055F57-67EF-4A81-9B45-0DE2A7B31855} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-07-12] (Mozilla Corporation → Mozilla Foundation)
                                Task: {862DFBA4-23F4-41E6-A5DD-A3EE59B73024} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => “C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe” /apply /silent /atlogon (No File)
                                Task: {3CDE6E07-736F-42F6-A679-A6F29AA5A3EA} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. → Samsung Electronics Co. Ltd.) → C:\Program Files (x86)\Samsung\Samsung Magician\/AUTOHIDE
                                Task: {1609267D-B0C1-4484-BC2E-61A0C5C4D5A1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                Task: {B9EB41A6-4BC0-437F-A6AF-49B19B035911} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-11-30] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)

                                (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

                                Task: C:\WINDOWS\Tasks\ASC8_SkipUac_chredge.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
                                Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe

                                ==================== Internet (Whitelisted) ====================

                                (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

                                Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                Tcpip..\Interfaces{013b464c-8697-4c75-99ff-506f33faecca}: [DhcpNameServer] 172.18.11.1
                                Tcpip..\Interfaces{2925c1fa-818d-4087-b6e4-fe1470812e13}: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                Tcpip..\Interfaces{5e6392e4-179a-44fc-8ee8-ff0999cbc492}: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                Tcpip..\Interfaces{6a48626b-bb9c-4aa2-9d50-d55a281d5918}: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                Tcpip..\Interfaces{bd7af2aa-0472-42f1-8119-fbbde3ff19d3}: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                Tcpip..\Interfaces{ee550c16-21cf-4ff9-a401-2758c1a38dbe}: [DhcpNameServer] 194.168.4.100 194.168.8.100
                                [HEADING=1]Edge:[/HEADING]
                                Edge DefaultProfile: Default
                                Edge Profile: C:\Users\chredge\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-20]
                                Edge StartupUrls: Default → “hxxps://uk.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=zxy_03ee163caff7e8f369&param1=ArFaIWxoNqA rQGMVIDImAHFbMnMqQGMVA7RoNqAdBHFaISoeATVoNqAqAXFaI WQBvmE4ICILNopcGWUIvmFdISoUwVVdISoXNVE9ISIXvFE3vCI VvFRdImoUNVU4ICILNVJdESk8NUM9J6k3vFI9ISILNFdbDSk8w VU9ImIXvFI9ImIWwVA4ISIVwV5cGWUWvmE9GqUNNFxcJqUDNF5 bDGUNNEU3wGQGwVNdJmoXvmo9JaYYvFE9JmISvFFdICoWwVI9I aYWwVNdJqYVwVw4ISoUNVVdJCISNVBdIGYYvFQ9IWYXNVE3vGY VNVQ4IGYYNoU9GqUMNFBcJqQzNEBcGqQANFdcFCk8NoNdImIXN VM4IWYWNVM9JaYWwVw4J6IWvFRdImISvFE4ISk4vmo9I6k3vFE 9IWYXwVxdJ6oVwVNdIGYWNVU3vmIYNVE3vCIYvFNbFCILNVVdG Sk8vFFoNqAqxrFaIWx4NaJcLWR7MbFbMnVoN9I4ATsux81cM81 dMU0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQ GQXNGZoNpQRy78o&param2=MapdNGp9NWx6”
                                Edge DefaultSearchURL: Default → hxxps://uk.search.yahoo.com/search{googleathWildcard}?ei={inputEncoding}&fr=crmas&p={search Terms}
                                Edge DefaultSearchKeyword: Default → uk.yahoo.com
                                Edge DefaultSuggestURL: Default → hxxps://uk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTe rms}
                                Edge Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2024-07-15]
                                Edge Extension: (Edge relevant text changes) - C:\Users\chredge\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkg hcpiha [2024-03-03]
                                [HEADING=1]FireFox:[/HEADING]
                                FF DefaultProfile: s2vrsgd6.default-1701613744906
                                FF ProfilePath: C:\Users\chredge\AppData\Roaming\TomTom\HOME\Profi les\33bmloxc.default [2016-05-17]
                                FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensionsMapShare-status@tomtom.com [not found]
                                FF ProfilePath: C:\Users\chredge\AppData\Roaming\Mozilla\Firefox\P rofiles\bkulylrj.default-release-1656109909228 [2024-07-18]
                                FF ProfilePath: C:\Users\chredge\AppData\Roaming\Mozilla\Firefox\P rofiles\s2vrsgd6.default-1701613744906 [2024-07-18]
                                FF Notifications: Mozilla\Firefox\Profiles\s2vrsgd6.default-1701613744906 → hxxps://team.soccerstreams100.io
                                FF Plugin: @java.com/DTPlugin,version=10.11.2 → C:\Windows\system32\npDeployJava1.dll [2013-01-24] (Oracle America, Inc. → Oracle Corporation)
                                FF Plugin: @videolan.org/vlc,version=3.0.10 → C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN → VideoLAN)
                                FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect64.dll [2012-09-20] (Adobe Systems Incorporated → Adobe Systems)
                                FF Plugin-x32: @esn/esnlaunch,version=2.1.3 → C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB) [File not signed]
                                FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software → Intel Corporation)
                                FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software → Intel Corporation)
                                FF Plugin-x32: @java.com/DTPlugin,version=11.162.2 → C:\Program Files (x86)\Java\jre1.8.0_162\bin\dtplugin\npDeployJava1 .dll [2018-05-02] (Oracle America, Inc. → Oracle Corporation)
                                FF Plugin-x32: @java.com/JavaPlugin,version=11.162.2 → C:\Program Files (x86)\Java\jre1.8.0_162\bin\plugin2\npjp2.dll [2018-05-02] (Oracle America, Inc. → Oracle Corporation)
                                FF Plugin-x32: @pandonetworks.com/PandoWebPlugin → C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
                                FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect32.dll [2012-09-20] (Adobe Systems Incorporated → Adobe Systems)
                                FF Plugin HKU\S-1-5-21-3466739526-2485095647-408758403-1009: temasys.com.sg/TemWebRTCPlugin → C:\Users\chredge\AppData\Roaming\Tem\TemWebRTCPlug in\0.8.902\npTemWebRTCPlugin.dll [2017-10-26] (Temasys Communications Pte Ltd → Temasys)
                                StartMenuInternet: FIREFOX.EXE - firefox.exe
                                [HEADING=1]Chrome:[/HEADING]
                                CHR DefaultProfile: Default
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default [2024-07-20]
                                CHR DownloadDir: C:\Users\chredge\Desktop
                                CHR Notifications: Default → hxxps://scentsatno3.co.uk; hxxps://www.facebook.com
                                CHR HomePage: Default → hxxp://www.google.co.uk/
                                CHR StartupUrls: Default → “hxxps://www.facebook.com/”
                                CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbko oimhnj [2024-07-05]
                                CHR Extension: (I don’t care about cookies) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaokn halnja [2024-06-26]
                                CHR Extension: (AdBlock — block ads across the web) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2024-07-16]
                                CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2024-07-18]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-29]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-07-18]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10 [2024-07-18]
                                CHR Extension: (Endpoint Verification) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\callobklhcbilhphinckomhgkigmfocg [2023-06-20]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-20]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-20]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-06-20]
                                CHR Extension: (Gantter Project Management) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\himomacamcpodhkahelbnmaddladgjgo [2023-06-20]
                                CHR Extension: (Google Forms) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2023-06-20]
                                CHR Extension: (PrinterLogic Client Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\llhfdhidddepenjnklbngmapjohlbekh [2023-06-20]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-06-20]
                                CHR Extension: (Google Drawings) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2023-06-20]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-20]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11 [2024-07-18]
                                CHR Extension: (Endpoint Verification) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\callobklhcbilhphinckomhgkigmfocg [2023-06-27]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-27]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-06-27]
                                CHR Extension: (Gantter Project Management) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\himomacamcpodhkahelbnmaddladgjgo [2023-06-27]
                                CHR Extension: (Google Forms) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2023-06-27]
                                CHR Extension: (PrinterLogic Client Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\llhfdhidddepenjnklbngmapjohlbekh [2023-06-27]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-06-27]
                                CHR Extension: (Google Drawings) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2023-06-27]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-27]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12 [2024-07-18]
                                CHR Extension: (Endpoint Verification) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\callobklhcbilhphinckomhgkigmfocg [2023-12-07]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-07]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-07]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-12-07]
                                CHR Extension: (Gantter Project Management) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\himomacamcpodhkahelbnmaddladgjgo [2023-12-07]
                                CHR Extension: (Google Forms) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2023-12-07]
                                CHR Extension: (PrinterLogic Client Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\llhfdhidddepenjnklbngmapjohlbekh [2023-12-07]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-12-07]
                                CHR Extension: (Google Drawings) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2023-12-07]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-07]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13 [2024-07-18]
                                CHR Extension: (Endpoint Verification) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\callobklhcbilhphinckomhgkigmfocg [2024-02-26]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-26]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-26]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-02-26]
                                CHR Extension: (Gantter Project Management) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\himomacamcpodhkahelbnmaddladgjgo [2024-02-26]
                                CHR Extension: (Google Forms) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2024-02-26]
                                CHR Extension: (PrinterLogic Client Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\llhfdhidddepenjnklbngmapjohlbekh [2024-02-26]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2024-02-26]
                                CHR Extension: (Google Drawings) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2024-02-26]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-26]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-07-18]
                                CHR Notifications: Profile 2 → hxxps://appstream2.eu-west-1.aws.amazon.com; hxxps://meet.google.com; hxxps://prd-conn-csd.my.connect.aws; hxxps://veolia.bomgarcloud.com; hxxps://veoliauki1.lightning.force.com
                                CHR Extension: (Authenticator) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-06-03]
                                CHR Extension: (Endpoint Verification) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\callobklhcbilhphinckomhgkigmfocg [2024-02-20]
                                CHR Extension: (Adobe Acrobat) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-10]
                                CHR Extension: (WalkMe Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fckonodhlfjlkndmedanenhgdnbopbmh [2024-05-27]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-19]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-06-05]
                                CHR Extension: (Gantter Project Management) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\himomacamcpodhkahelbnmaddladgjgo [2021-12-10]
                                CHR Extension: (Bomgar Remote Support) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ipfljipbjloahhabacnofonhfbddnajm [2021-12-10]
                                CHR Extension: (Google Forms) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2021-12-10]
                                CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-07-12]
                                CHR Extension: (PrinterLogic Client Extension) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\llhfdhidddepenjnklbngmapjohlbekh [2024-07-17]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-10-06]
                                CHR Extension: (Google Drawings) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2021-12-10]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-10]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-07-18]
                                CHR Extension: (Slides) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-21]
                                CHR Extension: (Docs) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-21]
                                CHR Extension: (Google Drive) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-21]
                                CHR Extension: (YouTube) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-21]
                                CHR Extension: (Adobe Acrobat) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-01-21]
                                CHR Extension: (Sheets) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-21]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-21]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-01-21]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2022-01-21]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-21]
                                CHR Extension: (Gmail) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-21]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-07-18]
                                CHR Notifications: Profile 4 → hxxps://prd-conn-csd.awsapps.com
                                CHR Extension: (Slides) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-24]
                                CHR Extension: (Docs) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-24]
                                CHR Extension: (Google Drive) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-24]
                                CHR Extension: (YouTube) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-24]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-24]
                                CHR Extension: (Sheets) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-24]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-24]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-02-24]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2022-02-24]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24]
                                CHR Extension: (Gmail) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-24]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-07-18]
                                CHR Extension: (Slides) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-01]
                                CHR Extension: (Docs) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-01]
                                CHR Extension: (Google Drive) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-01]
                                CHR Extension: (YouTube) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-01]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-07-06]
                                CHR Extension: (Sheets) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-01]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-01]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-03-01]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2024-07-06]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-01]
                                CHR Extension: (Gmail) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-01]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-07-18]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-15]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-15]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-02-15]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-02-15]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-15]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7 [2024-07-18]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-17]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-17]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-03-17]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-03-17]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-17]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-07-18]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-18]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-18]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-18]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-04-18]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-18]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9 [2024-07-18]
                                CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-25]
                                CHR Extension: (Google Docs Offline) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-25]
                                CHR Extension: (Avast Online Security & Privacy) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-25]
                                CHR Extension: (Ace Script) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-04-25]
                                CHR Extension: (Chrome Web Store Payments) - C:\Users\chredge\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-25]
                                CHR Profile: C:\Users\chredge\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-20]
                                CHR HKU\S-1-5-21-3466739526-2485095647-408758403-1009\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [efaidnbmnnnibpcajpcglclefindmkaj]
                                CHR HKU\S-1-5-21-3466739526-2485095647-408758403-1009\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [mjbepbhonbojpoaenhckjocchgfiaofo]
                                CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

                                ==================== Services (Whitelisted) ===================

                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1467912 2017-02-04] (BattlEye Innovations e.K. → )
                                S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [820352 2020-04-20] (EasyAntiCheat Oy → Epic Games, Inc)
                                S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. → Epic Games, Inc.)
                                R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8901528 2024-07-15] (Malwarebytes Inc. → Malwarebytes)
                                S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-06-12] (Malwarebytes Inc. → Malwarebytes)
                                R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe [1377416 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                R2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218816 2016-09-24] (Microsoft Corporation → Microsoft Corporation)
                                R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.e xe [50368 2014-05-15] (Microsoft Corporation → Microsoft Corporation)
                                R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation → Microsoft Corporation)
                                S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts, Inc. → Electronic Arts)
                                R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService .exe [2454720 2014-05-15] (Microsoft Corporation → Microsoft Corporation)
                                S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation → Microsoft Corporation)
                                R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.)
                                R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. → DEVGURU Co., LTD.)
                                S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate → Adobe Systems Incorporated) [File not signed]
                                R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe [3236728 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe [133688 2024-07-08] (Microsoft Windows Publisher → Microsoft Corporation)
                                R2 MSSQLServerOLAPService; “C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe” -s “C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\Config”

                                ===================== Drivers (Whitelisted) ===================

                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
                                R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amd safd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. → Advanced Micro Devices)
                                R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u03 90451.inf_amd64_39377efdd62734d1\B390182\amdkmdag. sys [94467928 2023-04-06] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                S3 CySmb; C:\WINDOWS\System32\drivers\cysmb.sys [10752 2016-05-29] (Cypress Semiconductor, Inc.) [File not signed]
                                S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. → Samsung Electronics Co., Ltd.)
                                S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] (PassMark Software Pty Ltd → )
                                S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-04] (Phoenix Technologies) [File not signed]
                                R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (iolo technologies, LLC → EldoS Corporation)
                                S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2020-05-18] (Beijing Kingsoft Security software Co.,Ltd → Kingsoft Corporation)
                                R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221264 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
                                S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-02] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes)
                                R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes)
                                S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (Shenzhen Saikeware Technology Co., Ltd. → MotioninJoy) [File not signed]
                                S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation → Microsoft Corporation)
                                R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2013-10-26] (Realtek Semiconductor Corp → )
                                S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. → Samsung Electronics Co., Ltd.)
                                S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-07-31] (TunnelBear, Inc. → The OpenVPN Project)
                                S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21968 2024-07-08] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
                                R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-07-08] (Microsoft Windows → Microsoft Corporation)
                                R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-07-08] (Microsoft Windows → Microsoft Corporation)
                                S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys
                                U3 idsvc; no ImagePath

                                ==================== NetSvcs (Whitelisted) ===================

                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                                ==================== One month (created) (Whitelisted) =========

                                (If an entry is included in the fixlist, the file/folder will be moved.)

                                2024-07-20 14:55 - 2024-07-20 14:55 - 000055600 _____ C:\Users\chredge\Desktop\FRST.txt
                                2024-07-20 14:51 - 2024-07-20 14:51 - 000003328 _____ C:\WINDOWS\system32\Tasks\IORRT
                                2024-07-20 14:51 - 2024-07-20 14:51 - 000003120 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
                                2024-07-20 13:21 - 2024-07-20 13:21 - 000005210 _____ C:\Users\chredge\Desktop\AdwCleaner[C02].txt
                                2024-07-20 11:43 - 2024-07-20 13:20 - 000000000 ____D C:\AdwCleaner
                                2024-07-20 11:42 - 2024-07-20 11:42 - 008790880 _____ (Malwarebytes) C:\Users\chredge\Desktop\adwcleaner.exe
                                2024-07-18 22:27 - 2024-07-18 22:29 - 000188450 _____ C:\WINDOWS\ntbtlog.txt
                                2024-07-18 22:27 - 2024-07-18 22:27 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job
                                2024-07-18 06:50 - 2018-05-02 07:16 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
                                2024-07-18 06:48 - 2024-07-18 06:50 - 000000000 ____D C:\Users\chredge\AppData\Roaming\Geek Uninstaller
                                2024-07-18 06:47 - 2024-07-18 06:47 - 002961151 _____ C:\Users\chredge\Desktop\geek.zip
                                2024-07-17 07:36 - 2024-07-17 07:36 - 002395648 _____ (Farbar) C:\Users\chredge\Desktop\FRST64.exe
                                2024-07-16 07:19 - 2024-07-16 07:19 - 000033139 _____ C:\Users\chredge\Desktop\MYSTERYMACHINE.speccy
                                2024-07-16 07:13 - 2024-07-16 07:13 - 003082294 _____ C:\Users\chredge\Desktop\GSI6_MYSTERYMACHINE_chred ge_07_16_2024_07_04_37.zip
                                2024-07-16 07:04 - 2024-07-16 07:04 - 014288288 _____ (AO Kaspersky Lab) C:\Users\chredge\Desktop\GSI-6.2.2.58.exe
                                2024-07-15 21:49 - 2024-07-15 21:49 - 000956928 _____ (Farbar) C:\Users\chredge\Desktop\MiniToolBox.exe
                                2024-07-12 08:21 - 2024-07-12 23:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
                                2024-07-09 22:51 - 2024-07-09 20:19 - 000417720 __RSH C:\bootmgr
                                2024-07-09 22:51 - 2019-12-07 10:08 - 000000001 ___SH C:\BOOTNXT
                                2024-07-09 22:50 - 2024-07-09 22:50 - 000000000 ____D C:\WINDOWS\system32\compatrel
                                2024-07-09 20:19 - 2024-07-09 20:19 - 000021724 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicy Set.json
                                2024-07-09 20:18 - 2024-07-09 20:18 - 000021724 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicy Set.json
                                2024-07-09 20:13 - 2024-07-09 20:13 - 000000000 ___HD C:$WinREAgent

                                ==================== One month (modified) ==================

                                (If an entry is included in the fixlist, the file/folder will be moved.)

                                2024-07-20 14:55 - 2013-07-22 10:04 - 000000000 ____D C:\FRST
                                2024-07-20 14:51 - 2023-09-02 10:49 - 000008192 ___SH C:\DumpStack.log.tmp
                                2024-07-20 14:51 - 2021-04-22 18:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
                                2024-07-20 13:25 - 2019-12-07 10:03 - 000131072 _____ C:\WINDOWS\system32\config\BBI
                                2024-07-20 13:25 - 2017-04-15 04:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
                                2024-07-20 13:21 - 2021-12-14 23:23 - 000000000 ____D C:\WINDOWS\SystemTemp
                                2024-07-20 13:20 - 2019-05-05 15:21 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\ReportServer\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\MSSQLServerOLAPService\AppData\Roaming\IO bit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\MSSQLSERVER\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\MSSQLFDLauncher\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\MsDtsServer110\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2018-06-06 23:36 - 000000000 ____D C:\Users\chredge\AppData\Roaming\IObit
                                2024-07-20 13:20 - 2015-12-05 07:38 - 000000000 ____D C:\Users\chredge\AppData\LocalLow\IObit
                                2024-07-20 13:20 - 2015-04-04 08:41 - 000000000 ____D C:\ProgramData\IObit
                                2024-07-20 13:20 - 2015-04-04 08:41 - 000000000 ____D C:\Program Files (x86)\IObit
                                2024-07-20 13:18 - 2021-04-22 18:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
                                2024-07-20 13:15 - 2023-09-02 12:17 - 000000000 ____D C:\Users\chredge\AppData\Local\Malwarebytes
                                2024-07-20 11:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
                                2024-07-20 07:31 - 2021-04-22 18:04 - 000000000 ____D C:\Users\ReportServer
                                2024-07-20 07:31 - 2021-04-22 18:04 - 000000000 ____D C:\Users\MSSQLServerOLAPService
                                2024-07-20 07:31 - 2021-04-22 18:04 - 000000000 ____D C:\Users\MSSQLSERVER
                                2024-07-20 07:31 - 2021-04-22 18:04 - 000000000 ____D C:\Users\MSSQLFDLauncher
                                2024-07-20 07:31 - 2021-04-22 18:04 - 000000000 ____D C:\Users\MsDtsServer110
                                2024-07-20 07:08 - 2021-04-22 18:04 - 000000000 ____D C:\Users\chredge
                                2024-07-19 04:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
                                2024-07-18 07:00 - 2016-03-08 10:13 - 000000000 ____D C:\Users\chredge\AppData\LocalLow\Temp
                                2024-07-18 06:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
                                2024-07-18 06:50 - 2018-05-01 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
                                2024-07-18 06:50 - 2018-05-01 22:10 - 000000000 ____D C:\Program Files (x86)\Java
                                2024-07-17 19:14 - 2018-07-08 15:59 - 000000000 ____D C:\Users\chredge\AppData\Local\D3DSCache
                                2024-07-17 17:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
                                2024-07-17 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
                                2024-07-17 06:25 - 2012-12-23 22:12 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
                                2024-07-16 07:03 - 2021-04-22 18:11 - 000976178 _____ C:\WINDOWS\system32\PerfStringBackup.INI
                                2024-07-16 07:02 - 2022-06-29 23:02 - 000000000 ____D C:\Users\chredge\AppData\Local\AMD_Common
                                2024-07-15 14:54 - 2022-02-15 17:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
                                2024-07-13 16:27 - 2024-02-22 23:41 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
                                2024-07-12 23:24 - 2023-12-03 15:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
                                2024-07-12 09:04 - 2023-12-03 15:29 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
                                2024-07-12 09:04 - 2023-12-03 15:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
                                2024-07-12 07:07 - 2020-06-08 14:56 - 000000000 ____D C:\Users\chredge\AppData\Roaming\vlc
                                2024-07-11 21:21 - 2021-04-22 18:10 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
                                2024-07-11 21:21 - 2021-04-22 18:10 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
                                2024-07-09 22:51 - 2021-04-22 18:03 - 005321568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
                                2024-07-09 22:50 - 2024-02-22 23:37 - 000000000 ____D C:\WINDOWS\InboxApps
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
                                2024-07-09 22:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
                                2024-07-09 20:18 - 2021-04-22 18:03 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
                                2024-07-09 20:12 - 2013-08-02 23:16 - 000000000 ____D C:\WINDOWS\system32\MRT
                                2024-07-09 20:08 - 2012-12-26 09:07 - 194135240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
                                2024-07-08 21:50 - 2018-06-06 23:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

                                ==================== Files in the root of some directories ========

                                2015-12-28 23:34 - 2015-12-28 23:34 - 000000000 _____ () C:\Program Files\Microsoft Security Client
                                2015-12-28 23:34 - 2015-12-28 23:34 - 000000000 _____ () C:\Program Files (x86)\ATI Technologies
                                2016-04-02 22:53 - 2024-01-23 21:39 - 000000132 _____ () C:\Users\chredge\AppData\Roaming\Adobe BMP Format CS5 Prefs
                                2016-07-17 23:20 - 2021-03-20 14:36 - 000000132 _____ () C:\Users\chredge\AppData\Roaming\Adobe PNG Format CS5 Prefs
                                2019-02-28 22:21 - 2019-02-28 22:21 - 000000132 _____ () C:\Users\chredge\AppData\Roaming\Adobe Targa Format CS5 Prefs
                                2017-01-08 08:57 - 2017-01-30 19:16 - 000000347 _____ () C:\Users\chredge\AppData\Roaming\WB.CFG
                                2016-07-03 12:04 - 2018-07-22 17:37 - 002128896 _____ () C:\Users\chredge\AppData\Local\file__0.localstorag e
                                2018-03-24 15:47 - 2018-03-24 15:47 - 000001810 _____ () C:\Users\chredge\AppData\Local\recently-used.xbel
                                2017-11-11 17:58 - 2017-11-11 17:58 - 000000017 _____ () C:\Users\chredge\AppData\Local\resmon.resmoncfg

                                ==================== SigCheck ============================

                                (There is no automatic fix for files that do not pass verification.)

                                ==================== End of FRST.txt ========================

                                ***Now for the addition.txt
                                [HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.07.2024
                                Ran by chredge (20-07-2024 14:56:51)
                                Running from C:\Users\chredge\Desktop
                                Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) (2021-04-22 17:10:26)
                                Boot Mode: Normal[/HEADING]
                                [HEADING=1]==================== Accounts: =============================
                                (If an entry is included in the fixlist, it will be removed.)
                                Administrator (S-1-5-21-3466739526-2485095647-408758403-500 - Administrator - Disabled)
                                chredge (S-1-5-21-3466739526-2485095647-408758403-1009 - Administrator - Enabled) => C:\Users\chredge
                                DefaultAccount (S-1-5-21-3466739526-2485095647-408758403-503 - Limited - Disabled)
                                Guest (S-1-5-21-3466739526-2485095647-408758403-501 - Limited - Disabled)
                                HomeGroupUser$ (S-1-5-21-3466739526-2485095647-408758403-1002 - Limited - Enabled)
                                WDAGUtilityAccount (S-1-5-21-3466739526-2485095647-408758403-504 - Limited - Disabled)
                                ==================== Security Center ========================
                                (If an entry is included in the fixlist, it will be removed.)
                                AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                                ==================== Installed Programs ======================
                                (Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
                                1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32...{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
                                Adobe Photoshop CS5.1 (HKLM-x32...{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
                                AMD Software (HKLM...\AMD Catalyst Install Manager) (Version: 23.7.2 - Advanced Micro Devices, Inc.)
                                AppNHost 1.0.5.1 (HKLM-x32...{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
                                Branding64 (HKLM...{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
                                Canon IJ Scan Utility (HKLM-x32...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
                                Canon MG2500 series MP Drivers (HKLM...{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
                                Canon MG2500 series User Registration (HKLM-x32...\Canon MG2500 series User Registration) (Version: - ‭Canon Inc.)
                                Canon My Printer (HKLM-x32...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
                                Dual-Core Optimizer (HKLM-x32...{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
                                Epic Games Launcher (HKLM-x32...{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
                                Epic Online Services (HKLM-x32...{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
                                GDR 5343 for SQL Server 2012 (KB3045321) (64-bit) (HKLM...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
                                GDR 5388 for SQL Server 2012 (KB3194719) (64-bit) (HKLM...\KB3194719) (Version: 11.2.5388.0 - Microsoft Corporation)
                                Google Chrome (HKLM-x32...\Google Chrome) (Version: 126.0.6478.128 - Google LLC)
                                Google Earth Pro (HKLM...{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
                                Google Update Helper (HKLM-x32...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
                                HP Webcam HD 2300 Software (HKLM-x32...{74E6771A-47B5-433E-A96F-15E29F70F920}) (Version: 1.00.0000 - Hewlett-Packard)
                                HWiNFO64 (HKLM...\HWiNFO64_is1) (Version: 8.02 - Martin Malik, REALiX s.r.o.)
                                Imaging And Configuration Designer (HKLM-x32...{E0F2B4CC-8551-9304-84E0-73535C1AA953}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Imaging Designer (HKLM-x32...{E1A52E1E-7F37-2A0D-3F17-F4B349EB9EA2}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Imaging Tools Support (HKLM-x32...{0EAC56B8-9CC7-C9E0-A0FB-62A6787D2699}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                ImgBurn (HKLM-x32...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
                                Intel(R) Management Engine Components (HKLM-x32...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
                                Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32...{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
                                Intel® Trusted Connect Service Client (HKLM...{171C7193-1BB5-4619-BF23-E962598CAB13}) (Version: 1.23.943.1 - Intel Corporation) Hidden
                                Java 8 Update 162 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180162F0}) (Version: 8.0.1620.12 - Oracle Corporation)
                                Kits Configuration Installer (HKLM-x32...{C690B2D9-0AA8-8CDA-965D-FED648C3EF9C}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
                                LibreOffice 7.1.5.2 (HKLM...{4F0D0C39-A2CD-4908-AA4C-A1CC9BDCD71A}) (Version: 7.1.5.2 - The Document Foundation)
                                Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM...\Creative VF0770) (Version: - Creative Technology Ltd.)
                                Malwarebytes version 5.1.6.117 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}is1) (Version: 5.1.6.117 - Malwarebytes)
                                MediaHuman Audio Converter version 1.9.4 (HKLM-x32...\MediaHuman Audio Converter_is1) (Version: 1.9.4 - MediaHuman)
                                Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32...{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
                                Microsoft .NET Framework 4.5.1 (HKLM...{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: 4.5.50938 - Microsoft Corporation) Hidden
                                Microsoft Camera Codec Pack (HKLM...{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
                                Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral
                                ~8wekyb3d8bbwe (x64) (HKLM...{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
                                Microsoft Edge (HKLM-x32...\Microsoft Edge) (Version: 126.0.2592.102 - Microsoft Corporation)
                                Microsoft Edge WebView2 Runtime (HKLM-x32...\Microsoft EdgeWebView) (Version: 126.0.2592.102 - Microsoft Corporation)
                                Microsoft Games for Windows - LIVE (HKLM-x32...{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
                                Microsoft Games for Windows - LIVE Redistributable (HKLM-x32...{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
                                Microsoft Help Viewer 1.1 (HKLM...{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}) (Version: 1.1.40219 - Microsoft Corporation) Hidden
                                Microsoft Help Viewer 1.1 (HKLM...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
                                Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8weky b3d8bbwe (x64) (HKLM...{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
                                Microsoft Report Viewer 2012 Runtime (HKLM-x32...{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Microsoft Security Client (HKLM...{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}) (Version: 4.8.0204.0 - Microsoft Corporation) Hidden
                                Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32...{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
                                Microsoft SQL Server 2008 Setup Support Files (HKLM...{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 (64-bit) (HKLM...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
                                Microsoft SQL Server 2012 Data-Tier App Framework (HKLM...{DC5602AF-666C-4A56-92C3-B8D675003775}) (Version: 11.1.2818.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Management Objects (HKLM-x32...{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Management Objects (x64) (HKLM...{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Native Client (HKLM...{2B9EE1FE-105F-4093-A40E-C1BF12F873B7}) (Version: 11.2.5388.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Policies (HKLM-x32...{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 RsFx Driver (HKLM...{9F616548-62E3-4C12-9E35-74A650BC199C}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                Microsoft SQL Server 2012 Setup (English) (HKLM...{C23DBA16-E075-41BE-AE2E-C1B0DD0B4535}) (Version: 11.2.5388.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM...{FA73FAE6-BAE5-4928-8CBB-00D311B6DFD3}) (Version: 11.2.5388.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM...{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Microsoft SQL Server 2012 T-SQL Language Service (HKLM...{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32...{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
                                Microsoft SQL Server System CLR Types (HKLM-x32...{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
                                Microsoft System CLR Types for SQL Server 2012 (HKLM-x32...{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM...{DEB263CA-0386-4648-8382-FB78DBFA2C5F}) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Microsoft Update Health Tools (HKLM...{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
                                Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
                                Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
                                Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
                                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                                Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
                                Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
                                Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32...{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32...{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32...{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32...{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM...{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM...{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM...{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM...{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32...{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32...{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32...{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32...{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32...{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32...{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM...{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM...{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32...{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32...{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32...{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
                                Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32...{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
                                Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM...{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM...{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32...{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
                                Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32...{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
                                Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32...{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
                                Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32...{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
                                Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
                                Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
                                Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32...{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
                                Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM...{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
                                Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32...{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
                                Microsoft VSS Writer for SQL Server 2012 (HKLM...{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Microsoft_VC80_ATL_x86 (HKLM-x32...{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_ATL_x86_x64 (HKLM...{925D058B-564A-443A-B4B2-7E90C6432E55}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_CRT_x86 (HKLM-x32...{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_CRT_x86_x64 (HKLM...{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_MFC_x86 (HKLM-x32...{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_MFC_x86_x64 (HKLM...{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_MFCLOC_x86 (HKLM-x32...{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
                                Microsoft_VC80_MFCLOC_x86_x64 (HKLM...{1E9FC118-651D-4934-97BE-E53CAE5C7D45}) (Version: 80.50727.4053 - Adobe) Hidden
                                Microsoft_VC90_ATL_x86 (HKLM-x32...{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_ATL_x86_x64 (HKLM...{8557397C-A42D-486F-97B3-A2CBC2372593}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_CRT_x86 (HKLM-x32...{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_CRT_x86_x64 (HKLM...{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_MFC_x86 (HKLM-x32...{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_MFC_x86_x64 (HKLM...{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_MFCLOC_x86 (HKLM-x32...{B6D38690-755E-4F40-A35A-23F8BC2B86AC}) (Version: 1.00.0000 - Adobe) Hidden
                                Microsoft_VC90_MFCLOC_x86_x64 (HKLM...{90BF0360-A1DB-4599-A643-95AB90A52C1E}) (Version: 1.00.0000 - Adobe) Hidden
                                Mozilla Firefox (x64 en-GB) (HKLM...\Mozilla Firefox 128.0 (x64 en-GB)) (Version: 128.0 - Mozilla)
                                Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
                                MUSTEK 1248UB V1.2 (HKLM-x32...{514C5488-192E-4C40-ACE5-CD28ECEED0E3}) (Version: 1.00.0000 - mustek) Hidden
                                MUSTEK 1248UB V1.2 (HKLM-x32...\InstallShield
                                {514C5488-192E-4C40-ACE5-CD28ECEED0E3}) (Version: 1.00.0000 - mustek)
                                NirSoft Wireless Network Watcher (HKLM-x32...\NirSoft Wireless Network Watcher) (Version: - )
                                NVIDIA PhysX System Software 9.17.0524 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
                                OpenAL (HKLM-x32...\OpenAL) (Version: - )
                                Origin (HKLM-x32...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
                                paint.net (HKLM...{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC)
                                PC VGA Camer@ Plus (HKLM-x32...{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.0.19 - Aecotech)
                                PCSX2 - Playstation 2 Emulator (HKLM-x32...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
                                PDF Settings CS5 (HKLM-x32...{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
                                Pegasun System Utilities (HKLM-x32...{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1) (Version: 7.1 - Pegasun)
                                PixInsight Core for Windows (HKLM-x32...\PCL64) (Version: - )
                                Prerequisites for SSDT (HKLM-x32...{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
                                Qtracker (HKLM-x32...\Qtracker) (Version: 4.92 - )
                                Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.053.1001.2021 - Realtek)
                                Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
                                RegiStax 5 (HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\RegiStax 5) (Version: - )
                                RegiStax 6 (HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\RegiStax 6) (Version: - )
                                RegiStax 6.1.0.8 update (HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\RegiStax 6.1.0.8 update) (Version: - )
                                Samsung Magician (HKLM-x32...{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
                                Samsung USB Driver for Mobile Phones (HKLM...{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
                                Secure Download Manager (HKLM-x32...{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
                                Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Shotcut (HKLM-x32...\Shotcut) (Version: 20.04.12 - Meltytech, LLC)
                                SlimComputer (HKLM-x32...{80BDBB4C-163E-4F4B-9533-59A7ED62A695}) (Version: 1.1.4130 - )
                                Speccy (HKLM...\Speccy) (Version: 1.32 - Piriform)
                                SQL Server 2012 Analysis Services (HKLM...{9674CB74-4808-4B59-B79D-9AB501F23279}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Analysis Services (HKLM...{FB1349FD-D102-4722-9F0A-2543670FF7FB}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 BI Development Studio (HKLM...{656E214E-B73F-458C-AD64-ED316F008207}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 BI Development Studio (HKLM...{EE1B54D1-BFBC-4C19-8D66-E0AF3E967896}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Client Tools (HKLM...{6B3840D6-4B8F-4E74-9202-9CE36DA94E99}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Client Tools (HKLM...{7842C220-6E9A-4D5A-AE70-0E138271F883}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Common Files (HKLM...{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Common Files (HKLM...{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Data quality client (HKLM...{3C50A8F3-6BB8-44E8-9B8B-D3696561DF2E}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Data quality client (HKLM...{80162C08-0FA6-4656-9685-AD88C6527F0B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Data quality service (HKLM...{1ABA92B0-CD1F-478B-A351-415F79B2A9E6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Data quality service (HKLM...{38661DD1-576D-48CA-A188-F97819D5B5FB}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
                                SQL Server 2012 Database Engine Services (HKLM...{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Database Engine Services (HKLM...{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Database Engine Shared (HKLM...{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Database Engine Shared (HKLM...{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Documentation Components (HKLM...{7272DF1C-2F88-43AC-A481-84DD67DF9746}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
                                SQL Server 2012 Documentation Components (HKLM...{B3192F55-2CE8-4C8E-9E40-D3B4998276B2}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
                                SQL Server 2012 Documentation Components (HKLM...{CECA0188-BD7A-43EF-B1F7-DDF719099C46}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
                                SQL Server 2012 Full text search (HKLM...{34A7A77A-A23D-44ED-B3B6-EC8198BE2622}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Integration Services (HKLM...{22BCA430-2A68-4678-9824-184F3839948F}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Integration Services (HKLM...{36BF5D42-BF68-4E0C-A165-A4C6E9841F4A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Management Studio (HKLM...{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Management Studio (HKLM...{A7037EB2-F953-4B12-B843-195F4D988DA1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Reporting Services (HKLM...{DCCB1789-1DA0-4E3A-A52F-7815B602CC98}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 Reporting Services (HKLM...{FCD81E1A-6ED6-4F19-A572-82FFE102654E}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server 2012 SQL Data Quality Common (HKLM...{D307B5CF-D1F0-48A4-8DA3-54765F535208}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                SQL Server Browser for SQL Server 2012 (HKLM-x32...{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
                                Sql Server Customer Experience Improvement Program (HKLM...{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
                                Steam (HKLM-x32...{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
                                swMSM (HKLM-x32...{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
                                TechPowerUp GPU-Z (HKLM-x32...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
                                TemWebRTCPlugin (HKLM-x32...{00A96020-0597-4602-9E6F-FDACD74483B4}) (Version: 0.8.902 - Temasys)
                                the Free Unix Spectrum Emulator (Fuse) 1.6.0 (HKLM-x32...\Fuse) (Version: 1.6.0 - )
                                Toolkit Documentation (HKLM-x32...{563689A6-D95B-EA6D-665F-97959643E0DB}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Ubisoft Connect (HKLM-x32...\Uplay) (Version: 137.0.10799 - Ubisoft)
                                UE4 Prerequisites (x64) (HKLM...{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
                                UE4 Prerequisites (x64) (HKLM-x32...{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
                                UEV Tools on amd64 (HKLM...{45B55BB8-B09F-6204-E1A1-1443C81DCDA9}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Update for Windows 10 for x64-based Systems (KB5001716) (HKLM...{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
                                User State Migration Tool (HKLM-x32...{E224B062-6D80-A746-F08C-9847DF1B5144}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Visual Studio 2010 Prerequisites - English (HKLM...{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
                                Visual Studio C++ 10.0 Runtime (HKLM-x32...{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
                                VLC media player (HKLM...\VLC media player) (Version: 3.0.10 - VideoLAN)
                                VobSub v2.23 (Remove Only) (HKLM-x32...\VobSub) (Version: - )
                                Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32...{d794748d-72e9-45d7-9ab7-83d6c4c80f7f}) (Version: 10.1.17134.1 - Microsoft Corporation)
                                Windows Deployment Customizations (HKLM-x32...{A28EBA01-553B-4346-F8F2-E780592F0BB8}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows Deployment Tools (HKLM-x32...{C4443D4E-AC00-CF0E-9519-C9111E83ADBB}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
                                Windows Live ID Sign-in Assistant (HKLM...{CE52672C-A0E9-4450-8875-88A221D5CD50}) (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
                                Windows PE ARM ARM64 (HKLM-x32...{C80B2DA8-46D4-EFFC-8054-D2C663C468D7}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows PE ARM ARM64 wims (HKLM-x32...{1C15FC16-76B9-E297-905C-0A99FBC5DA1F}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows PE x86 x64 (HKLM-x32...{346FC109-E9A8-2224-5726-843C7283E4F7}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows PE x86 x64 wims (HKLM-x32...{64FF0563-D6F1-C8E4-56F8-F678D1158C58}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Windows System Image Manager on amd64 (HKLM-x32...{90D52AE3-4CAB-C97A-84D9-9DF0348BBDCA}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                Winki (HKLM-x32...{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.123 - MSI)
                                WinRAR 5.70 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
                                WP_CPTT_NT-x86-fre (HKLM-x32...{E6F4B9E6-6C5C-9EE0-1CEC-23F80B1960F5}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                WPT Redistributables (HKLM-x32...{EEB65046-3AB2-821A-12BD-F0C0490D46D2}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                WPTx64 (HKLM-x32...{C7B318E4-43EF-AA14-637F-6C6EDF59917D}) (Version: 10.1.17134.1 - Microsoft) Hidden
                                XviD MPEG4 Video Codec (remove only) (HKLM-x32...\XviD MPEG4 Video Codec) (Version: - )
                                ZX-Paintbrush (HKLM-x32...{59EBF467-993A-48CC-98AE-34510EE8A1F0}) (Version: 2.4.0.1 - Claus Jahn)
                                Packages:[/HEADING]
                                [HEADING=1]AMD Link → C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.23.30003.0_x64__0a9344xs7nr4m [2024-01-25] (Advanced Micro Devices Inc.)
                                DuckDuckGo → C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.56.1 .0_x64__ya2fgkz3nks94 [2023-11-05] (DuckDuckGo)
                                Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2023-01-28] (Microsoft Corporation) [MS Ad]
                                Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2023-01-28] (Microsoft Corporation) [MS Ad]
                                PDF X → C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.4.2.0_x64__s be4t8mqwq93a [2024-07-17] (NG PDF Lab) [Startup Task]
                                Windows App Studio Installer → C:\Program Files\WindowsApps\Microsoft.WindowsAppStudioInstal ler_1.0.18.0_x86__8wekyb3d8bbwe [2023-01-28] (Microsoft Corporation) [MS Ad]
                                ==================== Custom CLSID (Whitelisted): ==============
                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
                                ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH → Alexander Roshal)
                                ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH → Alexander Roshal)
                                ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-02] (Malwarebytes Inc. → Malwarebytes)
                                ContextMenuHandlers5: [ACE] → {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2022-11-30] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
                                ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-02] (Malwarebytes Inc. → Malwarebytes)
                                ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH → Alexander Roshal)
                                ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH → Alexander Roshal)
                                ==================== Codecs (Whitelisted) ====================
                                (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
                                HKLM...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
                                HKLM...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
                                HKLM...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2004-07-03] () [File not signed]
                                HKLM...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-22] (Voxware, Inc.) [File not signed]
                                HKLM...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
                                HKLM...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-22] (NCT Company) [File not signed]
                                HKLM...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
                                HKLM...\Drivers32: [msacm.lame] => C:\Windows\SysWOW64\lame.ax [245760 2005-08-01] () [File not signed]
                                HKLM...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-22] (MainConcept) [File not signed]
                                HKLM...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
                                HKLM...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
                                HKLM...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
                                HKLM...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
                                HKLM...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
                                HKLM...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
                                HKLM...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
                                HKLM...\Drivers32: [vidc.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
                                ==================== Shortcuts & WMI ========================
                                (The entries could be listed to be restored or removed.)
                                ShortcutWithArgument: C:\Users\chredge\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\DBandT Helper.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=“Profile 2” --app-id=mpnidfjngpijmjaloelmomppgpebokim
                                ShortcutWithArgument: C:\Users\chredge\AppData\Roaming\Microsoft\Interne t Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Chris topher (veolia.com) - Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) → --profile-directory=“Profile 2”
                                ==================== Loaded Modules (Whitelisted) =============
                                2012-12-23 21:04 - 2012-03-26 18:12 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
                                2021-04-22 18:05 - 2021-04-22 18:05 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b 9a1e18e3b_8.0.50727.6229_none_8a167c0b2edeae4c\ATL 80.DLL
                                ==================== Alternate Data Streams (Whitelisted) ========
                                ==================== Safe Mode (Whitelisted) ==================
                                (If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
                                HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => “”=“Service”
                                HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => “”=“Service”
                                ==================== Association (Whitelisted) =================
                                ==================== Internet Explorer (Whitelisted) ==========
                                HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
                                HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
                                HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
                                HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
                                HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
                                HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
                                HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
                                HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
                                HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
                                SearchScopes: HKLM-x32 → DefaultScope value is missing
                                BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_162\bin\ssv.dll [2018-05-02] (Oracle America, Inc. → Oracle Corporation)
                                BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_162\bin\jp2ssv.dll [2018-05-02] (Oracle America, Inc. → Oracle Corporation)
                                ==================== Hosts content: =========================
                                (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
                                2024-07-18 06:52 - 2024-07-18 06:52 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
                                127.0.0.1 localhost
                                ==================== Other Areas ===========================
                                (Currently there is no automatic fix for this section.)
                                HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\S ystem32\Wbem;C:\WINDOWS\System32\WindowsPowerShell \v1.0;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\adb;C:\Program Files\Microsoft SQL Server\110\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies;C:\Program Files (x86)\Microsoft SQL Server\110\DTS\Binn;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenS SH;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit;C:\ProgramData\chocolatey\bin;;%SystemRoot %\system32;%SystemRoot%;%SystemRoot%\System32\Wbem ;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYS TEMROOT%\System32\OpenSSH
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009\Control Panel\Desktop\Wallpaper → C:\Users\chredge\Desktop\microsoft_nostalgic_windo ws_wallpaper_4k.jpg
                                HKU\S-1-5-80-1770670200-1234090253-3451813168-4041049723-2370973757\Control Panel\Desktop\Wallpaper →
                                HKU\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\Control Panel\Desktop\Wallpaper →
                                HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Control Panel\Desktop\Wallpaper →
                                HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Control Panel\Desktop\Wallpaper →
                                HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\Wallpaper →
                                DNS Servers: 194.168.4.100 - 194.168.8.100
                                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
                                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin)
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\App Host => (EnableWebContentEvaluation: 0)
                                HKLM\software\microsoft\Windows\CurrentVersion\Tel ephony\Providers => ProviderFileName2 → ndptsp.tsp (No File)
                                Windows Firewall is enabled.
                                ==================== MSCONFIG/TASK MANAGER disabled items ==
                                (If an entry is included in the fixlist, it will be removed.)
                                MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk => C:\Windows\pss\HP Button Manager.lnk.CommonStartup
                                MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^What’s my computer doing.lnk => C:\Windows\pss\What’s my computer doing.lnk.CommonStartup
                                MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => “C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe”
                                MSCONFIG\startupreg: Chromium => “c:\users\chredge\appdata\local\chromium\applicati on\chrome.exe” --auto-launch-at-startup --profile-directory=“Default” --restore-last-session
                                MSCONFIG\startupreg: MicrosoftEdgeAutoLaunch_3B3BB905A374F1CF0D310AB30E 4EDE63 => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start
                                MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
                                HKLM...\StartupApproved\StartupFolder: => “Watch.lnk”
                                HKLM...\StartupApproved\StartupFolder: => “What’s my computer doing.lnk”
                                HKLM...\StartupApproved\Run: => “SecurityHealth”
                                HKLM...\StartupApproved\Run: => “SamsungRapidApp”
                                HKLM...\StartupApproved\Run: => “AdobeAAMUpdater-1.0”
                                HKLM...\StartupApproved\Run: => “Logitech Download Assistant”
                                HKLM...\StartupApproved\Run: => “RtsCM”
                                HKLM...\StartupApproved\Run32: => “cmsc”
                                HKLM...\StartupApproved\Run32: => “AdobeCS5.5ServiceManager”
                                HKLM...\StartupApproved\Run32: => “AdobeCS6ServiceManager”
                                HKLM...\StartupApproved\Run32: => “CanonQuickMenu”
                                HKLM...\StartupApproved\Run32: => “LogMeIn Hamachi Ui”
                                HKLM...\StartupApproved\Run32: => “SwitchBoard”
                                HKLM...\StartupApproved\Run32: => “IObit Malware Fighter”
                                HKLM...\StartupApproved\Run32: => “Dropbox”
                                HKLM...\StartupApproved\Run32: => “PlaysTV”
                                HKLM...\StartupApproved\Run32: => “AdobeAAMUpdater-1.0”
                                HKLM...\StartupApproved\Run32: => “RtsCM”
                                HKLM...\StartupApproved\Run32: => “Wondershare Helper Compact.exe”
                                HKLM...\StartupApproved\Run32: => “Adobe ARM”
                                HKLM...\StartupApproved\Run32: => “Fitbit Connect”
                                HKLM...\StartupApproved\Run32: => “Redirector”
                                HKLM...\StartupApproved\Run32: => “ConnectionCenter”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\StartupFolder: => “Citrix Receiver.lnk”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “OneDrive”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “appnhost”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “CCleaner Monitoring”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “TomTomHOME.exe”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “AdobeBridge”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “uTorrent”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “Chromium”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “AceStream”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “EpicGamesLauncher”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “CCleaner Smart Cleaning”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “Fitbit Connect”
                                HKU\S-1-5-21-3466739526-2485095647-408758403-1009...\StartupApproved\Run: => “vidnotifier.exe”
                                ==================== FirewallRules (Whitelisted) ================
                                (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
                                FirewallRules: [{A5A387CE-60A9-47D2-858F-FF5F5A867BF2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
                                FirewallRules: [{B45FFF36-8BD2-4088-8EFF-E2A1267ECC52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
                                FirewallRules: [UDP Query User{78016A53-190B-440B-BBBC-1F5EA3A62B31}C:\program files (x86)\qtracker\qtracker.exe] => (Allow) C:\program files (x86)\qtracker\qtracker.exe (Ronald E. Mercer) [File not signed]
                                FirewallRules: [TCP Query User{6CB6F6C2-9ACE-4CD0-AFED-7747D071EE74}C:\program files (x86)\qtracker\qtracker.exe] => (Allow) C:\program files (x86)\qtracker\qtracker.exe (Ronald E. Mercer) [File not signed]
                                FirewallRules: [UDP Query User{7AB173E6-26C0-4BCB-8386-6ED42715A83A}C:\users\chredge\desktop\openarena-0.8.8\openarena.exe] => (Allow) C:\users\chredge\desktop\openarena-0.8.8\openarena.exe () [File not signed]
                                FirewallRules: [TCP Query User{998595D1-4A45-478A-A1EB-4365F00808A8}C:\users\chredge\desktop\openarena-0.8.8\openarena.exe] => (Allow) C:\users\chredge\desktop\openarena-0.8.8\openarena.exe () [File not signed]
                                FirewallRules: [{F16C9550-FF25-43F6-B2E3-C326A56E530C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
                                FirewallRules: [{C07C0AFA-25DA-4F18-A225-342B944FF738}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
                                FirewallRules: [UDP Query User{C28774B5-C54C-4FB4-8D87-5B5126F8200C}C:\windows\microsoft.net\framework\v2 .0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc. exe (Microsoft Corporation → Microsoft Corporation)
                                FirewallRules: [TCP Query User{089CEDDF-E4CB-4DD2-A91C-4F1C6938F286}C:\windows\microsoft.net\framework\v2 .0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc. exe (Microsoft Corporation → Microsoft Corporation)
                                FirewallRules: [{23F73AC9-43A7-4903-9AAB-1AD8064A7BBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. → Valve Corporation)
                                FirewallRules: [{0808F055-1FE7-4613-B994-2AC6B0E421F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. → Valve Corporation)
                                FirewallRules: [TCP Query User{668F70CF-F4D7-4F7E-8668-1169392C5391}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper .exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper .exe (Epic Games Inc. → Epic Games, Inc.)
                                FirewallRules: [UDP Query User{65B945B7-5306-4657-8950-8BB42B08B16B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper .exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper .exe (Epic Games Inc. → Epic Games, Inc.)
                                FirewallRules: [{2E8B619A-CF34-4020-A5AD-12B7236A8243}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.56.1 .0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msed gewebview2.exe (Duck Duck Go, Inc. → Microsoft Corporation)
                                FirewallRules: [{3621FAFB-8E8B-453D-99B4-C9FD2627AE7A}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.56.1 .0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msed gewebview2.exe (Duck Duck Go, Inc. → Microsoft Corporation)
                                FirewallRules: [{C382FDEC-E3F5-4317-88B4-1601038892BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
                                FirewallRules: [TCP Query User{CB0AB420-C938-4AED-83E8-9651C1B7B756}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
                                FirewallRules: [UDP Query User{130B8B32-2EBC-41A9-8D46-EA29A2044F40}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
                                FirewallRules: [{9D6C8437-0FA7-4AD6-8835-56AB6D836242}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592 .102\msedgewebview2.exe (Microsoft Corporation → Microsoft Corporation)
                                FirewallRules: [{64738077-F7F5-430E-9AB4-3CB8C2DB3FA1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC → Google LLC)
                                ==================== Restore Points =========================
                                29-06-2024 18:59:21 Scheduled Checkpoint
                                09-07-2024 06:44:53 Scheduled Checkpoint
                                17-07-2024 19:18:52 Scheduled Checkpoint
                                ==================== Faulty Device Manager Devices ============
                                ==================== Event log errors: ========================
                                Application errors:[/HEADING]
                                [HEADING=1]Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
                                Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Cache Flushes/Sec performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Total Cache Flushes performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Snapshot Updates/Sec performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Total Snapshot Updates performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Events/Sec performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Total Events performance counter.
                                Error: (07/20/2024 02:51:45 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 113) (User: )
                                Description: The report server cannot create the Delivers/Sec performance counter.
                                System errors:[/HEADING]
                                [HEADING=1]Error: (07/20/2024 02:51:07 PM) (Source: SNMP) (EventID: 1500) (User: )
                                Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ TrapConfiguration.
                                Error: (07/20/2024 01:21:48 PM) (Source: SNMP) (EventID: 1500) (User: )
                                Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ TrapConfiguration.
                                Error: (07/20/2024 01:20:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
                                Description: The SAMSUNG Mobile Connectivity Service V2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
                                Error: (07/20/2024 01:20:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
                                Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
                                Error: (07/20/2024 01:20:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
                                Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
                                Error: (07/20/2024 01:20:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
                                Description: The AMD Crash Defender Service service terminated unexpectedly. It has done this 1 time(s).
                                Error: (07/20/2024 01:20:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
                                Description: The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
                                Error: (07/20/2024 11:29:22 AM) (Source: SNMP) (EventID: 1500) (User: )
                                Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ TrapConfiguration.
                                Windows Defender:
                                ================Event[0]:
                                Date: 2024-07-18 22:27:31
                                Description:
                                Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
                                Feature: On Access
                                Error Code: 0x8007043c
                                Error description: This service cannot be started in Safe Mode
                                Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
                                ==================== Memory info ===========================
                                BIOS: American Megatrends Inc. V2.4 06/19/2012
                                Motherboard: MSI Z77A-G41 (MS-7758)
                                Processor: Intel(R) Core™ i5-3470 CPU @ 3.20GHz
                                Percentage of memory in use: 29%
                                Total physical RAM: 16332.88 MB
                                Available physical RAM: 11474.95 MB
                                Total Virtual: 32716.88 MB
                                Available Virtual: 26307.8 MB
                                ==================== Drives ================================
                                Drive c: () (Fixed) (Total:465.26 GB) (Free:227.13 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS ==>[drive with boot components (obtained from BCD)]
                                Drive f: (Storage1) (Fixed) (Total:465.75 GB) (Free:218.52 GB) (Model: Hitachi HDT721050SLA360) NTFS
                                \?\Volume{03a9c944-0000-0000-0000-c05074000000}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
                                ==================== MBR & Partition Table ====================[/HEADING]
                                [HEADING=1]Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 03A9C944)
                                Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
                                Partition 2: (Not Active) - (Size=511 MB) - (Type=27)[/HEADING]
                                Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 658D658D)
                                Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
                                ==================== End of Addition.txt =======================

                                Comment

                                Working...