Solved Am I Infected?

Malnutrition · Sep 30, 2023

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

start::
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKCU\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c
DeleteKey: HKU\S-1-5-21-2215749033-445842302-415398914-1001\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c
C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
C:\Scripts
C:\Users\justc\AppData\Roaming\c
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg
CMD: "C:\Program Files (x86)\WindowsInstallationAssistant\Windows10UpgraderApp.exe" /SunValley /ForceUninstall
emptytemp:
Reboot:
End::

jUstcAllmEdOc · Oct 1, 2023

Sorry about not seeing page 2. My bad.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by justc (01-10-2023 01:09:49) Run:2
Running from C:\Users\justc\Desktop
Loaded Profiles: justc
Boot Mode: Normal
==============================================

fixlist content:
*****************
start::
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKCU\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c
DeleteKey: HKU\S-1-5-21-2215749033-445842302-415398914-1001\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c
C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
C:\Scripts
C:\Users\justc\AppData\Roaming\c
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg
CMD: "C:\Program Files (x86)\WindowsInstallationAssistant\Windows10UpgraderApp.exe" /SunValley /ForceUninstall
emptytemp:
Reboot:
End::
*****************

Restore point was successfully created.
Processes closed successfully.
HKCU\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c => removed successfully
HKU\S-1-5-21-2215749033-445842302-415398914-1001\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c => not found

"C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4" folder move:

Could not move "C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4" => Scheduled to move on reboot.

"C:\Scripts" folder move:

Could not move "C:\Scripts" => Scheduled to move on reboot.

C:\Users\justc\AppData\Roaming\c => moved successfully

"C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm" folder move:

Could not move "C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb" folder move:

Could not move "C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc" folder move:

Could not move "C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg" folder move:

Could not move "C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip" folder move:

Could not move "C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg" folder move:

Could not move "C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg" => Scheduled to move on reboot.

========= "C:\Program Files (x86)\WindowsInstallationAssistant\Windows10UpgraderApp.exe" /SunValley /ForceUninstall =========

'C:\Program' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32090522 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7982 B
Edge => 0 B
Chrome => 469145633 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 51428 B
NetworkService => 62012 B
justc => 34001275 B

RecycleBin => 14050 B
EmptyTemp: => 511.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-10-2023 01:12:45)

C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4 => Is moved successfully
C:\Scripts => Is moved successfully
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm => Is moved successfully
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb => Is moved successfully
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc => Is moved successfully
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg => Is moved successfully
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip => Is moved successfully
C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg => Is moved successfully

==== End of Fixlog 01:12:45 ====

Malnutrition · Oct 2, 2023

Can you post fresh frst and Addition.txt logs please.

Along with letting me known if there are any issues .

jUstcAllmEdOc · Oct 2, 2023

ok

Code:

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [439856 2023-06-07] (Bitdefender SRL -> AnchorFree Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [474672 2023-08-18] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncHelper.exe [3511720 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\OneDriveUpdaterService.exe [3849128 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 VCUpdateSvc; C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe [54608 2023-08-25] (Verizon Data Services LLC -> Verizon)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windhawk; C:\Program Files\Windhawk\windhawk.exe [762840 2023-09-17] (Michael Maltsev -> Ramen Software)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6205488 2023-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\Windows\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
S3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2023-10-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [522136 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55872 2023-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [574872 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 14:01 - 2023-10-02 14:03 - 000005603 _____ C:\Users\justc\Desktop\FRST.txt
2023-10-02 14:01 - 2023-10-02 14:02 - 000000000 ____D C:\FRST
2023-10-02 14:00 - 2023-10-02 14:00 - 002382848 _____ (Farbar) C:\Users\justc\Desktop\FRST64.exe
2023-10-02 12:08 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Roaming\SnookerQ
2023-10-02 12:07 - 2023-10-02 12:07 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnookerQ.lnk
2023-10-02 12:07 - 2023-10-02 12:07 - 000000000 ____D C:\Program Files (x86)\SnookerQ
2023-10-02 12:06 - 2023-10-02 12:06 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 12:05 - 2023-10-02 12:05 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe
2023-10-02 11:58 - 2023-10-02 11:59 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Desktop\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 11:24 - 2023-10-02 11:24 - 000000000 ____D C:\Users\justc\Verizon Cloud
2023-10-02 09:43 - 2023-10-02 09:43 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\HTML Help
2023-10-02 09:40 - 2023-10-02 09:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\CoreFTP
2023-10-02 09:38 - 2023-10-02 09:38 - 003978758 _____ C:\Users\justc\Desktop\coreftplite64.exe
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64)
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Program Files\CoreFTP
2023-10-02 02:26 - 2023-10-02 02:26 - 000000000 ____D C:\Users\justc\AppData\Local\OO Software
2023-10-02 02:23 - 2023-10-02 02:23 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-10-02 02:22 - 2023-10-02 02:22 - 000000000 ____D C:\KPRM
2023-10-02 01:27 - 2023-10-02 02:23 - 000000000 ____D C:\Users\justc\AppData\Local\ESET
2023-10-01 19:39 - 2023-10-01 19:39 - 000000000 ____D C:\Users\justc\AppData\Local\CEF
2023-10-01 19:33 - 2023-10-02 01:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\ZHP
2023-10-01 19:19 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Comments.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Aliases.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000004 _____ C:\Users\justc\advanced_ip_scanner_MAC.bin
2023-10-01 19:06 - 2023-10-01 19:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\Program Files\CPUID
2023-10-01 19:01 - 2023-10-02 11:42 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 19:01 - 2023-10-02 01:24 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-01 19:01 - 2023-10-01 19:02 - 000003472 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-01 19:01 - 2023-10-01 19:01 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-01 19:01 - 2023-10-01 19:01 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - justc
2023-10-01 19:01 - 2023-10-01 19:01 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-01 19:01 - 2023-10-01 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\Atom
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\.atom
2023-10-01 18:57 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Local\atom
2023-10-01 18:57 - 2023-10-01 18:58 - 000000000 ____D C:\Users\justc\AppData\Local\SquirrelTemp
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Program Files\AnyDesk
2023-10-01 18:55 - 2023-10-01 18:55 - 000001848 _____ C:\Windows\system32\Tasks\Amazon Music Helper
2023-10-01 18:55 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2023-10-01 18:54 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Local\Amazon Music
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:51 - 2023-10-01 18:53 - 000000000 ____D C:\Users\justc\AppData\Local\Innovative Solutions
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\ProductData
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Local\Adobe
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\ProgramData\Adobe
2023-10-01 18:48 - 2023-10-01 19:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-10-01 18:47 - 2023-10-01 19:39 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\Program Files\7-Zip
2023-10-01 18:44 - 2023-10-02 01:25 - 000000000 ____D C:\Program Files (x86)\360
2023-10-01 18:42 - 2023-10-01 18:42 - 000000000 ____D C:\Users\justc\AppData\Local\Patch_My_PC,_LLC
2023-10-01 02:01 - 2023-10-01 02:01 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-10-01 01:13 - 2023-10-01 01:13 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-10-01 00:32 - 2023-10-01 00:32 - 000710972 _____ C:\ProgramData\cl.1696134161.bdinstall.v2.bin
2023-10-01 00:32 - 2023-10-01 00:32 - 000120408 _____ C:\ProgramData\cl.kit.1696134156.bdinstall.v2.bin
2023-10-01 00:26 - 2023-10-01 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2023-10-01 00:24 - 2023-10-01 00:24 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender
2023-10-01 00:04 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (3).exe
2023-10-01 00:04 - 2023-10-01 00:04 - 000009988 _____ C:\ProgramData\uninstalltool.1696133085.bdinstall.v2.bin
2023-10-01 00:03 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (2).exe
2023-09-30 19:29 - 2023-09-30 19:29 - 000000000 ____D C:\Windows\system32\Tasks\Meta
2023-09-30 19:28 - 2023-09-30 19:28 - 076637736 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.196.0.0.4.210.exe
2023-09-30 19:26 - 2023-09-30 19:26 - 002904424 _____ (Opera Software) C:\Users\justc\Downloads\OperaSetup.exe
2023-09-30 18:49 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (1).exe
2023-09-30 18:48 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool.exe
2023-09-30 16:26 - 2023-09-30 16:26 - 000000000 ____D C:\Users\justc\Desktop\Missy.Mikes business cards
2023-09-29 16:41 - 2023-09-29 16:42 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form (1).pdf
2023-09-29 16:39 - 2023-09-29 16:39 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form.pdf
2023-09-29 08:38 - 2023-09-29 08:38 - 000000000 ____D C:\PUB
2023-09-29 08:37 - 2023-09-29 08:50 - 000000054 _____ C:\Windows\Lic.xxx
2023-09-29 08:36 - 2023-09-29 08:36 - 000176760 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2023-09-29 08:36 - 2023-09-29 08:36 - 000000000 ____D C:\ProgramData\MicroWorld
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (4).exe
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (3).exe
2023-09-29 08:32 - 2023-09-29 08:32 - 015012420 _____ C:\Users\justc\Downloads\avz5.zip
2023-09-29 08:28 - 2023-09-29 08:28 - 000000396 _____ C:\Users\justc\Downloads\avzfix.txt
2023-09-29 08:20 - 2023-09-29 08:20 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (2).exe
2023-09-29 08:18 - 2023-09-29 08:19 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (1).exe
2023-09-29 07:54 - 2023-09-29 07:54 - 000000000 ____D C:\Users\justc\AppData\Local\ToastNotificationManagerCompat
2023-09-28 22:23 - 2023-09-28 22:23 - 000000000 ____D C:\Windows\ABR
2023-09-28 22:15 - 2023-09-28 22:15 - 018320588 _____ C:\Users\justc\Downloads\AutoLogger (1).zip
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis.exe
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis (1).exe
2023-09-28 16:03 - 2023-09-28 16:03 - 001029415 _____ C:\Users\justc\Downloads\RegSeeker47.zip
2023-09-28 13:11 - 2023-09-28 13:11 - 000000000 ____D C:\ProgramData\Hydra Windows SDK
2023-09-28 12:58 - 2023-09-28 12:58 - 000000121 _____ C:\Users\justc\Downloads\backup_codes.txt
2023-09-28 11:29 - 2023-09-28 11:29 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-09-28 10:57 - 2023-09-28 10:57 - 000000000 ___HD C:\$WinREAgent
2023-09-27 22:43 - 2023-09-27 22:43 - 000092200 _____ C:\ProgramData\agent.update.1695869008.bdinstall.v2.bin
2023-09-27 22:42 - 2023-09-27 22:42 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_windows_439a9349-ed46-4358-a035-c15a69ffedf2.exe
2023-09-27 22:19 - 2023-09-27 22:19 - 000213860 _____ C:\ProgramData\vpn.1695867536.bdinstall.v2.bin
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2023-09-27 22:19 - 2021-09-16 05:55 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\bdvpn_netfilter.sys
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Gemma
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Atc
2023-09-27 22:08 - 2023-09-28 19:48 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-27 22:08 - 2023-09-27 22:08 - 000000000 ____D C:\Windows\system32\elambkup
2023-09-27 22:07 - 2023-09-27 22:07 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender Security App
2023-09-27 22:05 - 2023-10-01 00:42 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-27 22:05 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-27 22:00 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-09-27 21:59 - 2023-09-27 22:43 - 000003854 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-27 21:57 - 2023-09-27 22:43 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-27 21:57 - 2023-09-27 21:57 - 000143364 _____ C:\ProgramData\agent.1695866221.bdinstall.v2.bin
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\Users\justc\AppData\Local\Bitdefender
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-27 19:47 - 2023-09-27 19:47 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_avfree.exe
2023-09-26 22:00 - 2023-09-26 22:00 - 001789560 _____ () C:\Users\justc\Downloads\Everything-1.4.1.1024.x86-Setup.exe
2023-09-26 20:32 - 2023-09-26 20:32 - 000000000 ____D C:\Users\justc\Documents\Custom Office Templates
2023-09-26 18:41 - 2023-09-27 17:54 - 000000000 ____D C:\Program Files\HijackThis
2023-09-26 17:16 - 2023-09-26 17:16 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2023-09-26 17:16 - 2023-09-26 17:16 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\MSBuild
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-09-26 10:05 - 2023-09-26 10:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Geek Uninstaller
2023-09-26 10:05 - 2023-09-26 10:05 - 002961151 _____ C:\Users\justc\Downloads\geek.zip
2023-09-25 17:05 - 2023-09-25 17:05 - 005252911 _____ C:\Users\justc\Downloads\Fw_ more piks, couldn't find none of rusty and bian younger.. tryin to make sure all the kids and g kids and g g kids are in.eml
2023-09-24 16:35 - 2023-09-24 16:35 - 000175687 _____ C:\Users\justc\Downloads\HarrellRaeleigh.pdf
2023-09-24 16:32 - 2023-09-24 16:32 - 022152410 _____ C:\Users\justc\Downloads\champion power washer manual.pdf
2023-09-24 16:30 - 2023-09-24 16:30 - 000000000 ____D C:\Users\justc\AppData\LocalLow\webviewdata
2023-09-24 16:13 - 2023-09-24 16:13 - 000000000 ____D C:\ProgramData\VerizonCloud
2023-09-24 16:12 - 2023-10-01 11:43 - 000000000 ____D C:\Users\justc\AppData\Local\VerizonCloud-Data
2023-09-24 16:12 - 2023-09-24 16:13 - 000000000 ____D C:\Windows\system32\Tasks\VerizonCloud
2023-09-24 16:12 - 2023-09-24 16:12 - 000000000 ____D C:\Users\justc\AppData\Local\IsolatedStorage
2023-09-24 15:49 - 2023-09-24 15:49 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000002521 _____ C:\Users\Public\Desktop\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000000000 ____D C:\Program Files\Verizon Cloud
2023-09-24 15:37 - 2023-09-24 15:48 - 028643328 _____ C:\Users\justc\Downloads\pc-vzcloud-install.msi
2023-09-24 14:16 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Desktop\Pool.Snooker (2).zip
2023-09-21 21:48 - 2023-09-21 21:48 - 000000721 _____ C:\Users\justc\Downloads\ATT00001
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\Users\justc\AppData\Roaming\CDTPL
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\ProgramData\CDTPL
2023-09-21 20:32 - 2023-09-21 20:33 - 087778968 _____ (SysTools Software Pvt Ltd ) C:\Users\justc\Downloads\pst-converter.exe
2023-09-21 07:33 - 2023-09-21 07:33 - 000002967 _____ C:\Users\justc\Downloads\ATT00001.htm
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\system32\RTCOM
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files\Waves
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-09-20 09:42 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Windows\system32\SRSLabs
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Program Files\Realtek
2023-09-20 09:42 - 2017-06-19 04:19 - 005762544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2023-09-20 09:42 - 2017-06-19 04:19 - 003685872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2023-09-20 09:42 - 2017-06-19 04:19 - 003545984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003541896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003213808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 001373792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000706472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000692504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000545808 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000460424 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000399448 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000355480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000232696 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000225480 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000220120 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000176456 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000174608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000161928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000144168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000120696 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000097952 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000094152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000032384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013245712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013110360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 012129784 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxVoiceAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007181592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007104872 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 003795400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2023-09-20 09:42 - 2017-06-19 04:18 - 002320104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002218480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002058864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001991768 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001804920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001613696 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001530848 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001444232 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001233064 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001185168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001017424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000759192 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000742512 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000723208 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000693008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000517448 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000457992 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000453824 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000342264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000339112 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000283904 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264952 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264880 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000263928 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000212240 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000131008 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2023-09-20 09:39 - 2017-10-01 20:13 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker.zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (2).zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (1).zip
2023-09-19 14:49 - 2023-10-01 23:40 - 000000000 ____D C:\Users\justc\AppData\Local\Messenger
2023-09-19 14:49 - 2023-10-01 23:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000002333 _____ C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\Local\messenger-updater
2023-09-19 14:48 - 2023-09-19 14:49 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225 (1).exe
2023-09-19 14:48 - 2023-09-19 14:48 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225.exe
2023-09-19 14:34 - 2023-09-19 14:34 - 000000089 _____ C:\Users\justc\Downloads\recovery_codes.txt
2023-09-19 12:51 - 2023-09-19 12:51 - 000136344 _____ C:\Users\justc\Downloads\163217533609.JPEG
2023-09-19 10:16 - 2023-09-19 10:16 - 000006876 _____ C:\Users\justc\Downloads\start2.bin
2023-09-19 09:27 - 2023-10-01 00:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-18 17:13 - 2023-09-18 17:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\InputMethod
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\UProof
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Proof
2023-09-17 23:01 - 2023-09-17 23:01 - 000000000 ___HD C:\ProgramData\CanonIJScan
2023-09-17 23:00 - 2023-09-17 23:01 - 000000000 ____D C:\Users\justc\AppData\Roaming\Canon
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\STRING
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\CanonIJ Uninstaller Information
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Program Files\CanonBJ
2023-09-17 22:56 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2023-09-17 22:55 - 2023-09-17 22:55 - 032939648 _____ C:\Users\justc\Downloads\mp68-win-mx340-1_06-ea24.exe
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\Canon
2023-09-17 22:48 - 2023-09-17 22:49 - 047823992 _____ C:\Users\justc\Downloads\mpnx_3_1-win-3_14-ej.exe
2023-09-17 21:37 - 2023-10-02 09:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Word
2023-09-17 21:37 - 2023-09-29 12:42 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-17 21:37 - 2023-09-29 12:42 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-17 21:37 - 2023-09-17 21:48 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Office
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\AddIns
2023-09-17 21:27 - 2023-09-17 21:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-17 21:27 - 2023-09-17 21:27 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-17 21:11 - 2023-10-02 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\CrashDumps
2023-09-17 21:11 - 2023-09-17 21:14 - 000000000 ____D C:\ProgramData\Windhawk
2023-09-17 21:11 - 2023-09-17 21:11 - 000003562 _____ C:\Windows\system32\Tasks\WindhawkUpdateTask
2023-09-17 21:11 - 2023-09-17 21:11 - 000003000 _____ C:\Windows\system32\Tasks\WindhawkRunUITask
2023-09-17 21:11 - 2023-09-17 21:11 - 000001824 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windhawk.lnk
2023-09-17 21:10 - 2023-09-26 10:24 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Temp
2023-09-17 21:09 - 2023-09-17 21:11 - 000000000 ____D C:\Program Files\Windhawk
2023-09-17 21:08 - 2023-09-17 21:09 - 129469224 _____ (Ramen Software) C:\Users\justc\Downloads\windhawk_setup.exe
2023-09-17 20:55 - 2023-09-17 21:34 - 000000000 ___HD C:\$WINDOWS.~BT
2023-09-17 19:45 - 2023-09-17 19:45 - 000000000 ____D C:\Users\justc\AppData\Local\ElevatedDiagnostics
2023-09-17 19:17 - 2023-09-17 19:22 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\MMC
2023-09-17 17:45 - 2023-09-19 23:29 - 000000000 ____D C:\Windows\Panther
2023-09-17 17:33 - 2023-09-17 17:38 - 000000000 ____D C:\Users\justc\Documents\malwarebytes license key
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagwrn.xml
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagerr.xml
2023-09-17 17:09 - 2023-09-17 17:09 - 000000000 ____D C:\Users\justc\AppData\Local\mbam
2023-09-17 17:08 - 2023-09-17 17:08 - 000000000 ____D C:\Users\justc\Tracing
2023-09-17 17:07 - 2023-09-17 17:07 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5 (1).exe
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-17 17:06 - 2023-09-17 17:06 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5.exe
2023-09-17 16:54 - 2023-09-17 16:54 - 000000000 ___HD C:\$Windows.~WS
2023-09-17 16:49 - 2023-09-17 16:49 - 000000000 _SHDL C:\Documents and Settings
2023-09-17 16:46 - 2023-10-02 13:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-17 16:46 - 2023-10-02 01:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-17 16:46 - 2023-10-02 01:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-17 16:46 - 2023-09-30 19:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-17 16:46 - 2023-09-28 12:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-17 16:46 - 2023-09-18 08:05 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-17 16:46 - 2023-09-18 08:05 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____D C:\Windows\ServiceProfiles
2023-09-17 16:46 - 2023-09-17 16:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-17 16:43 - 2023-09-17 17:08 - 000000000 ____D C:\ESD
2023-09-17 16:21 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-17 16:12 - 2023-09-17 16:12 - 000000000 ____H C:\Users\justc\Documents\Default.rdp
2023-09-17 16:09 - 2023-09-17 16:09 - 000000000 ____D C:\Users\justc\AppData\Local\OneDrive
2023-09-17 15:58 - 2023-09-17 15:58 - 000002888 _____ C:\Users\justc\Desktop\Child support portal pin.odt
2023-09-17 15:50 - 2023-09-17 15:58 - 000000000 ____D C:\Windows\system32\MRT
2023-09-17 15:46 - 2023-09-17 15:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-17 14:55 - 2023-09-17 14:55 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPool.lnk
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Users\Public\Documents\Memir Games
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Program Files (x86)\ipool
2023-09-17 14:54 - 2023-09-17 14:54 - 007933240 _____ (Stratician ) C:\Users\justc\Downloads\setup2302.exe
2023-09-17 14:53 - 2023-09-17 14:53 - 000000000 ____D C:\Users\Public\Documents\Stratician Online
2023-09-17 14:52 - 2023-09-17 14:52 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSnooker.lnk
2023-09-17 14:52 - 2023-09-17 14:52 - 000000000 ____D C:\Program Files (x86)\iSnooker
2023-09-17 14:51 - 2023-09-17 14:51 - 032390920 _____ (Stratician ) C:\Users\justc\Downloads\setup2528.exe
2023-09-17 14:36 - 2023-09-27 17:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Users\justc\AppData\Local\Google
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Program Files\Google
2023-09-17 14:35 - 2023-10-02 13:46 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-17 14:35 - 2023-09-18 18:41 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B}
2023-09-17 14:35 - 2023-09-18 18:41 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F}
2023-09-17 14:35 - 2023-09-17 14:35 - 001372712 _____ (Google LLC) C:\Users\justc\Downloads\ChromeSetup.exe
2023-09-17 14:22 - 2023-09-17 15:08 - 000000000 ____D C:\Users\justc\AppData\Local\Comms
2023-09-17 14:10 - 2023-09-17 20:06 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Spelling
2023-09-17 14:08 - 2023-09-29 12:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001
2023-09-17 14:08 - 2023-09-20 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\PlaceholderTileLogoFolder
2023-09-17 14:08 - 2023-09-17 14:08 - 000000000 ___HD C:\OneDriveTemp
2023-09-17 14:07 - 2023-10-02 11:22 - 000000000 ___RD C:\Users\justc\OneDrive
2023-09-17 14:07 - 2023-09-17 14:07 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-17 14:05 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Local\AMD
2023-09-17 14:05 - 2023-10-02 09:48 - 000000000 ____D C:\Users\justc\AppData\Local\Packages
2023-09-17 14:05 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Adobe
2023-09-17 14:05 - 2023-10-01 00:17 - 000000000 ____D C:\Users\justc\AppData\Local\D3DSCache
2023-09-17 14:05 - 2023-09-26 23:46 - 000000000 ____D C:\ProgramData\Packages
2023-09-17 14:05 - 2023-09-23 09:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-17 14:05 - 2023-09-21 22:28 - 000000000 ____D C:\Users\justc\AppData\Local\ConnectedDevicesPlatform
2023-09-17 14:05 - 2023-09-17 20:06 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Crypto
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ___RD C:\Users\justc\3D Objects
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Vault
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Network
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\LocalLow\AMD
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\VirtualStore
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\Publishers
2023-09-17 14:00 - 2023-10-02 01:23 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\SystemCertificates
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Windows\system32\AMD
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Program Files\AMD
2023-09-17 14:00 - 2020-10-29 16:31 - 000107560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2023-09-17 13:59 - 2023-10-02 11:24 - 000000000 ____D C:\Users\justc
2023-09-17 13:59 - 2023-09-28 19:29 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows
2023-09-17 13:59 - 2023-09-19 14:51 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Credentials
2023-09-17 13:59 - 2023-09-17 13:59 - 000000020 ___SH C:\Users\justc\ntuser.ini
2023-09-17 13:59 - 2023-09-17 13:59 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Protect
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 064809072 _____ C:\Windows\system32\amd_comgr.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 053684848 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000760432 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000496752 _____ C:\Windows\system32\GameManager64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000493168 _____ C:\Windows\system32\dgtrayicon.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000456304 _____ C:\Windows\system32\atieah64.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000432752 _____ C:\Windows\system32\EEURestart.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000380016 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000351856 _____ C:\Windows\SysWOW64\atieah32.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000339568 _____ C:\Windows\system32\clinfo.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000135792 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000134768 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000125552 _____ C:\Windows\system32\atidxx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000120432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107632 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001686016 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001365368 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000546800 _____ C:\Windows\system32\amdmiracast.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000489584 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000466544 _____ C:\Windows\system32\amdlogum.exe
2023-09-17 13:59 - 2020-10-29 16:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000380016 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-09-17 13:59 - 2020-10-29 15:29 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-09-17 13:54 - 2023-10-02 01:31 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 13:46 - 2023-05-05 08:27 - 000000000 ____D C:\Windows\SystemTemp
2023-10-02 12:31 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-02 01:31 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-10-02 01:23 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-02 00:05 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-01 19:42 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-01 19:26 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-10-01 19:23 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-10-01 19:05 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-10-01 07:36 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-29 14:04 - 2019-12-07 05:14 - 000000554 _____ C:\Windows\win.ini
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\Offline Web Pages
2023-09-28 12:45 - 2019-12-07 05:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-09-28 12:23 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-24 15:49 - 2023-05-05 08:22 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ProjectedFSLib.dll
2023-09-17 22:57 - 2019-12-07 05:14 - 000000000 __RSD C:\Windows\Media
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\MsDtc
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\appcompat
2023-09-17 17:45 - 2019-12-07 05:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-09-17 17:21 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2023-09-17 16:51 - 2019-12-07 05:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-17 16:08 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-17 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [439856 2023-06-07] (Bitdefender SRL -> AnchorFree Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [474672 2023-08-18] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncHelper.exe [3511720 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\OneDriveUpdaterService.exe [3849128 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 VCUpdateSvc; C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe [54608 2023-08-25] (Verizon Data Services LLC -> Verizon)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windhawk; C:\Program Files\Windhawk\windhawk.exe [762840 2023-09-17] (Michael Maltsev -> Ramen Software)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6205488 2023-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\Windows\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
S3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2023-10-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [522136 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55872 2023-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [574872 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 14:06 - 2023-10-02 14:10 - 000039369 _____ C:\Users\justc\Desktop\Addition.txt
2023-10-02 14:01 - 2023-10-02 14:11 - 000058466 _____ C:\Users\justc\Desktop\FRST.txt
2023-10-02 14:01 - 2023-10-02 14:10 - 000000000 ____D C:\FRST
2023-10-02 14:00 - 2023-10-02 14:00 - 002382848 _____ (Farbar) C:\Users\justc\Desktop\FRST64.exe
2023-10-02 12:08 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Roaming\SnookerQ
2023-10-02 12:07 - 2023-10-02 12:07 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnookerQ.lnk
2023-10-02 12:07 - 2023-10-02 12:07 - 000000000 ____D C:\Program Files (x86)\SnookerQ
2023-10-02 12:06 - 2023-10-02 12:06 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 12:05 - 2023-10-02 12:05 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe
2023-10-02 11:58 - 2023-10-02 11:59 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Desktop\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 11:24 - 2023-10-02 11:24 - 000000000 ____D C:\Users\justc\Verizon Cloud
2023-10-02 09:43 - 2023-10-02 09:43 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\HTML Help
2023-10-02 09:40 - 2023-10-02 09:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\CoreFTP
2023-10-02 09:38 - 2023-10-02 09:38 - 003978758 _____ C:\Users\justc\Desktop\coreftplite64.exe
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64)
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Program Files\CoreFTP
2023-10-02 02:26 - 2023-10-02 02:26 - 000000000 ____D C:\Users\justc\AppData\Local\OO Software
2023-10-02 02:23 - 2023-10-02 02:23 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-10-02 02:22 - 2023-10-02 02:22 - 000000000 ____D C:\KPRM
2023-10-02 01:27 - 2023-10-02 02:23 - 000000000 ____D C:\Users\justc\AppData\Local\ESET
2023-10-01 19:39 - 2023-10-01 19:39 - 000000000 ____D C:\Users\justc\AppData\Local\CEF
2023-10-01 19:33 - 2023-10-02 01:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\ZHP
2023-10-01 19:19 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Comments.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Aliases.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000004 _____ C:\Users\justc\advanced_ip_scanner_MAC.bin
2023-10-01 19:06 - 2023-10-01 19:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\Program Files\CPUID
2023-10-01 19:01 - 2023-10-02 11:42 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 19:01 - 2023-10-02 01:24 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-01 19:01 - 2023-10-01 19:02 - 000003472 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-01 19:01 - 2023-10-01 19:01 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-01 19:01 - 2023-10-01 19:01 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - justc
2023-10-01 19:01 - 2023-10-01 19:01 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-01 19:01 - 2023-10-01 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\Atom
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\.atom
2023-10-01 18:57 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Local\atom
2023-10-01 18:57 - 2023-10-01 18:58 - 000000000 ____D C:\Users\justc\AppData\Local\SquirrelTemp
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Program Files\AnyDesk
2023-10-01 18:55 - 2023-10-01 18:55 - 000001848 _____ C:\Windows\system32\Tasks\Amazon Music Helper
2023-10-01 18:55 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2023-10-01 18:54 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Local\Amazon Music
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:51 - 2023-10-01 18:53 - 000000000 ____D C:\Users\justc\AppData\Local\Innovative Solutions
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\ProductData
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Local\Adobe
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\ProgramData\Adobe
2023-10-01 18:48 - 2023-10-01 19:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-10-01 18:47 - 2023-10-01 19:39 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\Program Files\7-Zip
2023-10-01 18:44 - 2023-10-02 01:25 - 000000000 ____D C:\Program Files (x86)\360
2023-10-01 18:42 - 2023-10-01 18:42 - 000000000 ____D C:\Users\justc\AppData\Local\Patch_My_PC,_LLC
2023-10-01 02:01 - 2023-10-01 02:01 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-10-01 01:13 - 2023-10-01 01:13 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-10-01 00:32 - 2023-10-01 00:32 - 000710972 _____ C:\ProgramData\cl.1696134161.bdinstall.v2.bin
2023-10-01 00:32 - 2023-10-01 00:32 - 000120408 _____ C:\ProgramData\cl.kit.1696134156.bdinstall.v2.bin
2023-10-01 00:26 - 2023-10-01 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2023-10-01 00:24 - 2023-10-01 00:24 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender
2023-10-01 00:04 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (3).exe
2023-10-01 00:04 - 2023-10-01 00:04 - 000009988 _____ C:\ProgramData\uninstalltool.1696133085.bdinstall.v2.bin
2023-10-01 00:03 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (2).exe
2023-09-30 19:29 - 2023-09-30 19:29 - 000000000 ____D C:\Windows\system32\Tasks\Meta
2023-09-30 19:28 - 2023-09-30 19:28 - 076637736 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.196.0.0.4.210.exe
2023-09-30 19:26 - 2023-09-30 19:26 - 002904424 _____ (Opera Software) C:\Users\justc\Downloads\OperaSetup.exe
2023-09-30 18:49 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (1).exe
2023-09-30 18:48 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool.exe
2023-09-30 16:26 - 2023-09-30 16:26 - 000000000 ____D C:\Users\justc\Desktop\Missy.Mikes business cards
2023-09-29 16:41 - 2023-09-29 16:42 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form (1).pdf
2023-09-29 16:39 - 2023-09-29 16:39 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form.pdf
2023-09-29 08:38 - 2023-09-29 08:38 - 000000000 ____D C:\PUB
2023-09-29 08:37 - 2023-09-29 08:50 - 000000054 _____ C:\Windows\Lic.xxx
2023-09-29 08:36 - 2023-09-29 08:36 - 000176760 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2023-09-29 08:36 - 2023-09-29 08:36 - 000000000 ____D C:\ProgramData\MicroWorld
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (4).exe
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (3).exe
2023-09-29 08:32 - 2023-09-29 08:32 - 015012420 _____ C:\Users\justc\Downloads\avz5.zip
2023-09-29 08:28 - 2023-09-29 08:28 - 000000396 _____ C:\Users\justc\Downloads\avzfix.txt
2023-09-29 08:20 - 2023-09-29 08:20 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (2).exe
2023-09-29 08:18 - 2023-09-29 08:19 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (1).exe
2023-09-29 07:54 - 2023-09-29 07:54 - 000000000 ____D C:\Users\justc\AppData\Local\ToastNotificationManagerCompat
2023-09-28 22:23 - 2023-09-28 22:23 - 000000000 ____D C:\Windows\ABR
2023-09-28 22:15 - 2023-09-28 22:15 - 018320588 _____ C:\Users\justc\Downloads\AutoLogger (1).zip
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis.exe
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis (1).exe
2023-09-28 16:03 - 2023-09-28 16:03 - 001029415 _____ C:\Users\justc\Downloads\RegSeeker47.zip
2023-09-28 13:11 - 2023-09-28 13:11 - 000000000 ____D C:\ProgramData\Hydra Windows SDK
2023-09-28 12:58 - 2023-09-28 12:58 - 000000121 _____ C:\Users\justc\Downloads\backup_codes.txt
2023-09-28 11:29 - 2023-09-28 11:29 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-09-28 10:57 - 2023-09-28 10:57 - 000000000 ___HD C:\$WinREAgent
2023-09-27 22:43 - 2023-09-27 22:43 - 000092200 _____ C:\ProgramData\agent.update.1695869008.bdinstall.v2.bin
2023-09-27 22:42 - 2023-09-27 22:42 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_windows_439a9349-ed46-4358-a035-c15a69ffedf2.exe
2023-09-27 22:19 - 2023-09-27 22:19 - 000213860 _____ C:\ProgramData\vpn.1695867536.bdinstall.v2.bin
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2023-09-27 22:19 - 2021-09-16 05:55 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\bdvpn_netfilter.sys
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Gemma
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Atc
2023-09-27 22:08 - 2023-09-28 19:48 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-27 22:08 - 2023-09-27 22:08 - 000000000 ____D C:\Windows\system32\elambkup
2023-09-27 22:07 - 2023-09-27 22:07 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender Security App
2023-09-27 22:05 - 2023-10-01 00:42 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-27 22:05 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-27 22:00 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-09-27 21:59 - 2023-09-27 22:43 - 000003854 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-27 21:57 - 2023-09-27 22:43 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-27 21:57 - 2023-09-27 21:57 - 000143364 _____ C:\ProgramData\agent.1695866221.bdinstall.v2.bin
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\Users\justc\AppData\Local\Bitdefender
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-27 19:47 - 2023-09-27 19:47 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_avfree.exe
2023-09-26 22:00 - 2023-09-26 22:00 - 001789560 _____ () C:\Users\justc\Downloads\Everything-1.4.1.1024.x86-Setup.exe
2023-09-26 20:32 - 2023-09-26 20:32 - 000000000 ____D C:\Users\justc\Documents\Custom Office Templates
2023-09-26 18:41 - 2023-09-27 17:54 - 000000000 ____D C:\Program Files\HijackThis
2023-09-26 17:16 - 2023-09-26 17:16 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2023-09-26 17:16 - 2023-09-26 17:16 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\MSBuild
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-09-26 10:05 - 2023-09-26 10:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Geek Uninstaller
2023-09-26 10:05 - 2023-09-26 10:05 - 002961151 _____ C:\Users\justc\Downloads\geek.zip
2023-09-25 17:05 - 2023-09-25 17:05 - 005252911 _____ C:\Users\justc\Downloads\Fw_ more piks, couldn't find none of rusty and bian younger.. tryin to make sure all the kids and g kids and g g kids are in.eml
2023-09-24 16:35 - 2023-09-24 16:35 - 000175687 _____ C:\Users\justc\Downloads\HarrellRaeleigh.pdf
2023-09-24 16:32 - 2023-09-24 16:32 - 022152410 _____ C:\Users\justc\Downloads\champion power washer manual.pdf
2023-09-24 16:30 - 2023-09-24 16:30 - 000000000 ____D C:\Users\justc\AppData\LocalLow\webviewdata
2023-09-24 16:13 - 2023-09-24 16:13 - 000000000 ____D C:\ProgramData\VerizonCloud
2023-09-24 16:12 - 2023-10-01 11:43 - 000000000 ____D C:\Users\justc\AppData\Local\VerizonCloud-Data
2023-09-24 16:12 - 2023-09-24 16:13 - 000000000 ____D C:\Windows\system32\Tasks\VerizonCloud
2023-09-24 16:12 - 2023-09-24 16:12 - 000000000 ____D C:\Users\justc\AppData\Local\IsolatedStorage
2023-09-24 15:49 - 2023-09-24 15:49 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000002521 _____ C:\Users\Public\Desktop\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000000000 ____D C:\Program Files\Verizon Cloud
2023-09-24 15:37 - 2023-09-24 15:48 - 028643328 _____ C:\Users\justc\Downloads\pc-vzcloud-install.msi
2023-09-24 14:16 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Desktop\Pool.Snooker (2).zip
2023-09-21 21:48 - 2023-09-21 21:48 - 000000721 _____ C:\Users\justc\Downloads\ATT00001
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\Users\justc\AppData\Roaming\CDTPL
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\ProgramData\CDTPL
2023-09-21 20:32 - 2023-09-21 20:33 - 087778968 _____ (SysTools Software Pvt Ltd ) C:\Users\justc\Downloads\pst-converter.exe
2023-09-21 07:33 - 2023-09-21 07:33 - 000002967 _____ C:\Users\justc\Downloads\ATT00001.htm
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\system32\RTCOM
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files\Waves
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-09-20 09:42 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Windows\system32\SRSLabs
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Program Files\Realtek
2023-09-20 09:42 - 2017-06-19 04:19 - 005762544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2023-09-20 09:42 - 2017-06-19 04:19 - 003685872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2023-09-20 09:42 - 2017-06-19 04:19 - 003545984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003541896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003213808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 001373792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000706472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000692504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000545808 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000460424 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000399448 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000355480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000232696 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000225480 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000220120 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000176456 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000174608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000161928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000144168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000120696 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000097952 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000094152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000032384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013245712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013110360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 012129784 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxVoiceAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007181592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007104872 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 003795400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2023-09-20 09:42 - 2017-06-19 04:18 - 002320104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002218480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002058864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001991768 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001804920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001613696 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001530848 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001444232 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001233064 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001185168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001017424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000759192 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000742512 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000723208 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000693008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000517448 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000457992 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000453824 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000342264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000339112 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000283904 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264952 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264880 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000263928 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000212240 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000131008 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2023-09-20 09:39 - 2017-10-01 20:13 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker.zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (2).zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (1).zip
2023-09-19 14:49 - 2023-10-01 23:40 - 000000000 ____D C:\Users\justc\AppData\Local\Messenger
2023-09-19 14:49 - 2023-10-01 23:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000002333 _____ C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\Local\messenger-updater
2023-09-19 14:48 - 2023-09-19 14:49 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225 (1).exe
2023-09-19 14:48 - 2023-09-19 14:48 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225.exe
2023-09-19 14:34 - 2023-09-19 14:34 - 000000089 _____ C:\Users\justc\Downloads\recovery_codes.txt
2023-09-19 12:51 - 2023-09-19 12:51 - 000136344 _____ C:\Users\justc\Downloads\163217533609.JPEG
2023-09-19 10:16 - 2023-09-19 10:16 - 000006876 _____ C:\Users\justc\Downloads\start2.bin
2023-09-19 09:27 - 2023-10-01 00:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-18 17:13 - 2023-09-18 17:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\InputMethod
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\UProof
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Proof
2023-09-17 23:01 - 2023-09-17 23:01 - 000000000 ___HD C:\ProgramData\CanonIJScan
2023-09-17 23:00 - 2023-09-17 23:01 - 000000000 ____D C:\Users\justc\AppData\Roaming\Canon
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\STRING
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\CanonIJ Uninstaller Information
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Program Files\CanonBJ
2023-09-17 22:56 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2023-09-17 22:55 - 2023-09-17 22:55 - 032939648 _____ C:\Users\justc\Downloads\mp68-win-mx340-1_06-ea24.exe
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\Canon
2023-09-17 22:48 - 2023-09-17 22:49 - 047823992 _____ C:\Users\justc\Downloads\mpnx_3_1-win-3_14-ej.exe
2023-09-17 21:37 - 2023-10-02 09:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Word
2023-09-17 21:37 - 2023-09-29 12:42 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-17 21:37 - 2023-09-29 12:42 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-17 21:37 - 2023-09-17 21:48 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Office
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\AddIns
2023-09-17 21:27 - 2023-09-17 21:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-17 21:27 - 2023-09-17 21:27 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-17 21:11 - 2023-10-02 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\CrashDumps
2023-09-17 21:11 - 2023-09-17 21:14 - 000000000 ____D C:\ProgramData\Windhawk
2023-09-17 21:11 - 2023-09-17 21:11 - 000003562 _____ C:\Windows\system32\Tasks\WindhawkUpdateTask
2023-09-17 21:11 - 2023-09-17 21:11 - 000003000 _____ C:\Windows\system32\Tasks\WindhawkRunUITask
2023-09-17 21:11 - 2023-09-17 21:11 - 000001824 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windhawk.lnk
2023-09-17 21:10 - 2023-09-26 10:24 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Temp
2023-09-17 21:09 - 2023-09-17 21:11 - 000000000 ____D C:\Program Files\Windhawk
2023-09-17 21:08 - 2023-09-17 21:09 - 129469224 _____ (Ramen Software) C:\Users\justc\Downloads\windhawk_setup.exe
2023-09-17 20:55 - 2023-09-17 21:34 - 000000000 ___HD C:\$WINDOWS.~BT
2023-09-17 19:45 - 2023-09-17 19:45 - 000000000 ____D C:\Users\justc\AppData\Local\ElevatedDiagnostics
2023-09-17 19:17 - 2023-09-17 19:22 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\MMC
2023-09-17 17:45 - 2023-09-19 23:29 - 000000000 ____D C:\Windows\Panther
2023-09-17 17:33 - 2023-09-17 17:38 - 000000000 ____D C:\Users\justc\Documents\malwarebytes license key
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagwrn.xml
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagerr.xml
2023-09-17 17:09 - 2023-09-17 17:09 - 000000000 ____D C:\Users\justc\AppData\Local\mbam
2023-09-17 17:08 - 2023-09-17 17:08 - 000000000 ____D C:\Users\justc\Tracing
2023-09-17 17:07 - 2023-09-17 17:07 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5 (1).exe
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-17 17:06 - 2023-09-17 17:06 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5.exe
2023-09-17 16:54 - 2023-09-17 16:54 - 000000000 ___HD C:\$Windows.~WS
2023-09-17 16:49 - 2023-09-17 16:49 - 000000000 _SHDL C:\Documents and Settings
2023-09-17 16:46 - 2023-10-02 13:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-17 16:46 - 2023-10-02 01:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-17 16:46 - 2023-10-02 01:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-17 16:46 - 2023-09-30 19:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-17 16:46 - 2023-09-28 12:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-17 16:46 - 2023-09-18 08:05 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-17 16:46 - 2023-09-18 08:05 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____D C:\Windows\ServiceProfiles
2023-09-17 16:46 - 2023-09-17 16:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-17 16:43 - 2023-09-17 17:08 - 000000000 ____D C:\ESD
2023-09-17 16:21 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-17 16:12 - 2023-09-17 16:12 - 000000000 ____H C:\Users\justc\Documents\Default.rdp
2023-09-17 16:09 - 2023-09-17 16:09 - 000000000 ____D C:\Users\justc\AppData\Local\OneDrive
2023-09-17 15:58 - 2023-09-17 15:58 - 000002888 _____ C:\Users\justc\Desktop\Child support portal pin.odt
2023-09-17 15:50 - 2023-09-17 15:58 - 000000000 ____D C:\Windows\system32\MRT
2023-09-17 15:46 - 2023-09-17 15:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-17 14:55 - 2023-09-17 14:55 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPool.lnk
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Users\Public\Documents\Memir Games
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Program Files (x86)\ipool
2023-09-17 14:54 - 2023-09-17 14:54 - 007933240 _____ (Stratician ) C:\Users\justc\Downloads\setup2302.exe
2023-09-17 14:53 - 2023-09-17 14:53 - 000000000 ____D C:\Users\Public\Documents\Stratician Online
2023-09-17 14:52 - 2023-09-17 14:52 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSnooker.lnk
2023-09-17 14:52 - 2023-09-17 14:52 - 000000000 ____D C:\Program Files (x86)\iSnooker
2023-09-17 14:51 - 2023-09-17 14:51 - 032390920 _____ (Stratician ) C:\Users\justc\Downloads\setup2528.exe
2023-09-17 14:36 - 2023-09-27 17:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Users\justc\AppData\Local\Google
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Program Files\Google
2023-09-17 14:35 - 2023-10-02 13:46 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-17 14:35 - 2023-09-18 18:41 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B}
2023-09-17 14:35 - 2023-09-18 18:41 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F}
2023-09-17 14:35 - 2023-09-17 14:35 - 001372712 _____ (Google LLC) C:\Users\justc\Downloads\ChromeSetup.exe
2023-09-17 14:22 - 2023-09-17 15:08 - 000000000 ____D C:\Users\justc\AppData\Local\Comms
2023-09-17 14:10 - 2023-09-17 20:06 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Spelling
2023-09-17 14:08 - 2023-09-29 12:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001
2023-09-17 14:08 - 2023-09-20 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\PlaceholderTileLogoFolder
2023-09-17 14:08 - 2023-09-17 14:08 - 000000000 ___HD C:\OneDriveTemp
2023-09-17 14:07 - 2023-10-02 11:22 - 000000000 ___RD C:\Users\justc\OneDrive
2023-09-17 14:07 - 2023-09-17 14:07 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-17 14:05 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Local\AMD
2023-09-17 14:05 - 2023-10-02 09:48 - 000000000 ____D C:\Users\justc\AppData\Local\Packages
2023-09-17 14:05 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Adobe
2023-09-17 14:05 - 2023-10-01 00:17 - 000000000 ____D C:\Users\justc\AppData\Local\D3DSCache
2023-09-17 14:05 - 2023-09-26 23:46 - 000000000 ____D C:\ProgramData\Packages
2023-09-17 14:05 - 2023-09-23 09:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-17 14:05 - 2023-09-21 22:28 - 000000000 ____D C:\Users\justc\AppData\Local\ConnectedDevicesPlatform
2023-09-17 14:05 - 2023-09-17 20:06 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Crypto
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ___RD C:\Users\justc\3D Objects
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Vault
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Network
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\LocalLow\AMD
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\VirtualStore
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\Publishers
2023-09-17 14:00 - 2023-10-02 01:23 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\SystemCertificates
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Windows\system32\AMD
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Program Files\AMD
2023-09-17 14:00 - 2020-10-29 16:31 - 000107560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2023-09-17 13:59 - 2023-10-02 11:24 - 000000000 ____D C:\Users\justc
2023-09-17 13:59 - 2023-09-28 19:29 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows
2023-09-17 13:59 - 2023-09-19 14:51 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Credentials
2023-09-17 13:59 - 2023-09-17 13:59 - 000000020 ___SH C:\Users\justc\ntuser.ini
2023-09-17 13:59 - 2023-09-17 13:59 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Protect
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 064809072 _____ C:\Windows\system32\amd_comgr.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 053684848 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000760432 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000496752 _____ C:\Windows\system32\GameManager64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000493168 _____ C:\Windows\system32\dgtrayicon.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000456304 _____ C:\Windows\system32\atieah64.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000432752 _____ C:\Windows\system32\EEURestart.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000380016 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000351856 _____ C:\Windows\SysWOW64\atieah32.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000339568 _____ C:\Windows\system32\clinfo.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000135792 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000134768 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000125552 _____ C:\Windows\system32\atidxx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000120432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107632 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001686016 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001365368 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000546800 _____ C:\Windows\system32\amdmiracast.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000489584 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000466544 _____ C:\Windows\system32\amdlogum.exe
2023-09-17 13:59 - 2020-10-29 16:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000380016 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-09-17 13:59 - 2020-10-29 15:29 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-09-17 13:54 - 2023-10-02 01:31 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 14:10 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-02 13:46 - 2023-05-05 08:27 - 000000000 ____D C:\Windows\SystemTemp
2023-10-02 01:31 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-10-02 01:23 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-02 00:05 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-01 19:42 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-01 19:26 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-10-01 19:23 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-10-01 19:05 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-10-01 07:36 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-29 14:04 - 2019-12-07 05:14 - 000000554 _____ C:\Windows\win.ini
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\Offline Web Pages
2023-09-28 12:45 - 2019-12-07 05:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-09-28 12:23 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-24 15:49 - 2023-05-05 08:22 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ProjectedFSLib.dll
2023-09-17 22:57 - 2019-12-07 05:14 - 000000000 __RSD C:\Windows\Media
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\MsDtc
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\appcompat
2023-09-17 17:45 - 2019-12-07 05:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-09-17 17:21 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2023-09-17 16:51 - 2019-12-07 05:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-17 16:08 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-17 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by justc (02-10-2023 14:13:20)
Running from C:\Users\justc\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3516 (X64) (2023-09-17 20:49:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2215749033-445842302-415398914-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2215749033-445842302-415398914-503 - Limited - Disabled)
Guest (S-1-5-21-2215749033-445842302-415398914-501 - Limited - Disabled)
justc (S-1-5-21-2215749033-445842302-415398914-1001 - Administrator - Enabled) => C:\Users\justc
WDAGUtilityAccount (S-1-5-21-2215749033-445842302-415398914-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {F4F8BE4F-D893-2EB2-F208-1A2FF1A396CA}
FW: Bitdefender Firewall (Enabled) {CCC33F6A-92FC-2FEA-D957-B31A0F70D1B1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Amazon Music (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Amazon Amazon Music) (Version: 9.4.3.2420 - Amazon.com Services LLC)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.259 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 27.0.20.105 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 26.0.2.1 - Bitdefender)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version:  - )
CPUID CPU-Z 2.08 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.08 - CPUID, Inc.)
DiskCheckup (HKLM-x32\...\DiskCheckup_is1) (Version: 3.5.1004.0 - PassMark Software)
FileZilla 3.65.0 (HKLM-x32\...\FileZilla Client) (Version: 3.65.0 - Tim Kosse)
Gmail (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\ec710934cdfffbee268692b010a82ad8) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Google Drive (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\b4857df16d6bf9d14b9f21735bbf7cef) (Version: 1.0 - Google\Chrome)
iPool version 2.3.02 (01) (HKLM-x32\...\{BE5FCCBF-5CBB-487E-AC94-882028E1448C}_is1) (Version: 2.3.02 (01) - Stratician)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Messenger (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 197.0.521392868 - Facebook, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Sheets (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\fcad59d48b6d7f9ac4f8bbdef83897fc) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\8b71f6b19323d84d678abe6631527c30) (Version: 1.0 - Google\Chrome)
SnookerQ version 0.1.710 (HKLM-x32\...\{45190E74-5CE1-4CF3-9F65-D73F7E69F658}_is1) (Version: 0.1.710 - SnookerQ Inc.)
Verizon Cloud (HKLM\...\{048202BC-F4E7-4AB2-A130-EC887A3C9675}) (Version: 23.9.0.17 - Verizon Wireless)
Windhawk v1.3.1 (HKLM-x32\...\Windhawk) (Version: 1.3.1 - Ramen Software)
YouTube (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\254b4d2813518435f94a19dffc5552cc) (Version: 1.0 - Google\Chrome)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-20] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2309.1001.0_x64__8wekyb3d8bbwe [2023-09-25] (Microsoft Corporation) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.920.900_x64__8wekyb3d8bbwe [2023-10-01] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-19] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-09-28] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2215749033-445842302-415398914-1001_Classes\CLSID\{00654f73-86a8-425c-b3a0-038200133493} -> [Verizon Cloud] => C:\Users\justc\Verizon Cloud [2023-10-02 11:24]
CustomCLSID: HKU\S-1-5-21-2215749033-445842302-415398914-1001_Classes\CLSID\{84ff2f8e-2440-1caf-3148-f3d0fdd19ec8}\localserver32 -> C:\Program Files\Verizon Cloud\Verizon Cloud.exe (Verizon Data Services LLC -> Verizon)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SncrOverlays (Cloud)] -> {DC39D95E-101B-4B3B-BF18-D1B4D6584A79} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Paused)] -> {DC20B35F-DF4A-4783-B48E-7EB2496E5858} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2023-09-17 21:14 - 2023-09-17 21:10 - 001989632 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libc++.dll
2023-09-17 21:14 - 2023-09-17 21:10 - 000207872 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libunwind.dll
2023-09-17 21:14 - 2023-09-17 21:14 - 000107008 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-volume-control_906859.dll
2023-09-17 22:57 - 2010-08-23 09:09 - 000019456 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2023-10-01 18:55 - 2020-04-02 12:15 - 002266624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtCore4.dll
2023-10-01 18:55 - 2020-04-02 12:25 - 006267392 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtGui4.dll
2023-10-01 18:55 - 2020-04-02 12:16 - 000802816 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtNetwork4.dll
2023-06-20 13:00 - 2023-06-20 13:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\justc\Desktop\coreftplite64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Desktop\SnookerQSetup-20230923-0.1.710.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (2).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (3).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (4).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe:BDU [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-2215749033-445842302-415398914-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2023-09-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2023-09-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-09-28 13:11 - 2023-09-28 13:11 - 000000030 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2215749033-445842302-415398914-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\justc\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\FB_IMG_1695310969664.jpg
DNS Servers: 206.225.75.225 - 206.225.75.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\StartupApproved\Run: => "com.messenger"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C4710974-CC66-4DAC-97DC-46ECFBC87C84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{741555FC-DBAA-4C45-A05A-1E7ED50921DE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9C70B3D9-4163-45F2-BB1E-80A218AB6FA5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A098CECC-0C8E-43DF-8F81-DD6FEC47E2DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A53BB836-73A3-46B6-AE43-0F6BB347CCC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D40E672E-77C1-474E-AE8D-25E049463306}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C519C431-D7FA-47F7-B31C-A3773756A330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3529C841-0699-48F1-9392-62FCDB29338F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC1A9CE4-27CB-413A-B441-DF41E6BF490B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F27A253-A690-40F8-A867-F8101C5EBC94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{698331DC-2151-4F02-A95A-6AFC66526A05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{28E51699-9D8B-4A31-BA74-9502484D2128}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{56C4A4C8-5687-4973-8290-AFE65B4933B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A2FD3422-AB33-44A9-A28B-4F37BC2EE2D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{50AC0D2F-C593-4FA9-8A8A-96F1C34A2769}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E0E182FE-304E-47F5-BB65-265475E3F851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{63C41ED2-E777-4D45-BD43-094C58BBC865}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{22B4A548-0BF6-4BDB-B1D8-28349A3EBCC1}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{AE3179F4-1077-4F2B-B6D6-D4D02C5E96D4}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{7AAF1ACB-7D2B-4512-8601-3ED45AD199C9}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{1A2B3F20-2182-4AA3-9B76-397614D71878}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{C1B756DA-5FC9-4230-8BB9-E5442F9F7837}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{4DED4035-696D-4339-8855-7585E7EAE911}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

02-10-2023 02:24:05 KpRm

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/02/2023 12:48:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x3650
Faulting application start time: 0x01d9f54fcc2328ed
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 780b34e3-b393-4f31-8b6f-905028b53de9
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 12:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x2934
Faulting application start time: 0x01d9f54f0f0cd3f2
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 0128cbe3-2d0d-458d-818e-c1a2e9b6ea22
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 12:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x2ce8
Faulting application start time: 0x01d9f54ab367fccc
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 7b9a846f-a71d-4d7e-89d7-ce2c2f6e21b9
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 11:44:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 6.16.0.10662 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4598

Start Time: 01d9f54715f17fd8

Termination Time: 4294967295

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: ce3a7024-a81f-44e3-867c-0bf1221114ae

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/02/2023 11:44:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 6.16.0.10662 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1934

Start Time: 01d9f5470ee74fdc

Termination Time: 4294967295

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: 3691cc42-0727-4a1c-b05b-766598319a76

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/02/2023 01:02:59 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
The system cannot find the file specified.
.

Error: (10/01/2023 07:42:12 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (10/01/2023 07:33:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.3516, time stamp: 0xbf6d7543
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x4478
Faulting application start time: 0x01d9f4b917d3cc66
Faulting application path: C:\Windows\explorer.exe
Faulting module path: C:\Windows\System32\ucrtbase.dll
Report Id: d6784a37-8dad-4d7e-a3ff-fa16f9d0c008
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (10/02/2023 01:31:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Error: (10/02/2023 01:31:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\justc\AppData\Local\Temp\ehdrv.sys

Error: (10/02/2023 01:31:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Error: (10/02/2023 01:31:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\justc\AppData\Local\Temp\ehdrv.sys

Error: (10/02/2023 01:31:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Error: (10/02/2023 01:31:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\justc\AppData\Local\Temp\ehdrv.sys

Error: (10/02/2023 01:31:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Error: (10/02/2023 01:31:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\justc\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2023-09-26 23:38:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Users\justc\Downloads\AutoLogger.zip; file:_C:\Users\justc\Desktop\AutoLogger.exe; file:_C:\Users\justc\Downloads\AutoLogger.zip->AutoLogger.exe; webfile:_C:\Users\justc\Downloads\AutoLogger.zip|https://tools.safezone.cc/drongo/AutoLogger/AutoLogger.zip|pid:11360,ProcessStart:133402595159320135
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:38:05
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:38:05
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\RuntimeBroker.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:37:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\justc\Desktop\AutoLogger.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:37:51
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\justc\Desktop\AutoLogger.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Event[0]:

Date: 2023-09-26 10:29:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.397.1595.0
Previous security intelligence Version: 1.397.1128.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.23080.2005
Previous Engine Version: 1.1.23080.2005
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2023-09-26 10:29:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.397.1595.0
Previous security intelligence Version: 1.397.1128.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.23080.2005
Previous Engine Version: 1.1.23080.2005
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2023-09-26 10:26:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1128.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2023-09-26 10:26:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1128.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2023-10-02 14:00:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windhawk\Engine\1.3.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 4.3.0 08/10/2016
Motherboard: Dell Inc. 03PYWR
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 46%
Total physical RAM: 15297.18 MB
Available physical RAM: 8171.26 MB
Total Virtual: 17601.18 MB
Available Virtual: 9090.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.65 GB) (Free:873.76 GB) (Model: WD Blue SA510 2.5 1000GB) NTFS
Drive e: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{856a1e7d-aa4b-48b9-9ea4-b0bba75d5bc8}\ () (Fixed) (Total:0.75 GB) (Free:0.28 GB) NTFS
\\?\Volume{29ef0c2e-dd39-4f66-9048-d5dd6009a5c3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Malnutrition · Oct 2, 2023

Frst is incomplete

jUstcAllmEdOc · Oct 2, 2023

Malnutrition said:
Frst is incomplete

Strange, I hit 'select all' copied it. I'm running it again. I already got rid of the .txt

jUstcAllmEdOc · Oct 2, 2023

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023

Code:

Ran by justc (administrator) on DESKTOP-OKFJGL4 (Dell Inc. Inspiron 24-3455) (02-10-2023 15:55:43)
Running from C:\Users\justc\Desktop\FRST64.exe
Loaded Profiles: justc
Platform: Microsoft Windows 10 Home Version 22H2 19045.3516 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259_0\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdwtxag.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Program Files\Verizon Cloud\Verizon Cloud.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Verizon Data Services LLC -> Verizon) C:\Program Files\Verizon Cloud\Verizon Cloud.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Bitdefender SRL -> AnchorFree Inc.) C:\Program Files\Bitdefender\Bitdefender VPN\Hydra.Sdk.Windows.Service.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Verizon Data Services LLC -> Verizon) C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Amazon.com Services LLC -> Amazon.com Services LLC) C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235440 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1062424 2023-09-14] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2586640 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [com.verizon.verizoncloud] => C:\Program Files\Verizon Cloud\Verizon Cloud.exe [8991568 2023-08-25] (Verizon Data Services LLC -> Verizon)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [com.messenger] => C:\Users\justc\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (No File)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [Amazon Music Helper] => C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107496 2023-04-12] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3242272 2023-09-27] (Google LLC -> Google LLC)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MX340 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA5.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX340 series: C:\Windows\system32\CNMLMA5.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX340 series: C:\Windows\system32\CNCF2Lk.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7C773FC8-3237-4148-9B0B-4358A3960877} - System32\Tasks\Amazon Music Helper => C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107496 2023-04-12] (Amazon.com Services LLC -> Amazon.com Services LLC)
Task: {B5673D04-8BD3-45A4-8ADE-237CE62BC243} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259_0\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {38E68DA7-BDC1-45BC-B6F1-E1340C9BF565} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {93365B83-1068-4600-A7E2-0FA633A6FC88} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "331ffa93-1f39-4a84-927a-41c6fb770b18" --version "6.16.10662" --silent
Task: {BBBE75CE-C415-4859-B21E-6762426C71B1} - System32\Tasks\CCleanerSkipUAC - justc => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4EC19EEF-BD4F-457C-B099-18AED5C8ED68} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.exe [5329280 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
Task: {6EA4340F-4DCB-4548-8010-72A3DDCAED67} - System32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-17] (Google LLC -> Google LLC)
Task: {8A99C8CB-E11D-414D-AAE3-C816090ED3FF} - System32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-17] (Google LLC -> Google LLC)
Task: {E5EAE20A-AF40-4737-B2E6-D8834FFED2DC} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2215749033-445842302-415398914-1001 => C:\Users\justc\AppData\Local\Programs\Messenger\MessengerHelper.exe [2265336 2023-09-28] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {D521675D-8F95-43CD-B315-9FA40D55AE56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FB92B1-FEB1-41DC-8A5F-C6F4D1962BA0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A636F8D-8343-48C2-8703-6C5231D4A8D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A49083BF-7448-42A3-9649-32DE1D6A76DD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {07E94C3F-2761-421D-8832-06510B21C5ED} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7666593B-5016-485B-B8DC-427AB9403CC3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130824 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDA65BBA-3279-4AFD-A9DE-FB3351CA4145} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130824 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {16F7FE9F-3E7B-421D-8E20-2ED726C9B4E8} - System32\Tasks\VerizonCloud\APMPublisherTask => C:\Program Files\Verizon Cloud\Verizon Cloud.exe [8991568 2023-08-25] (Verizon Data Services LLC -> Verizon)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 206.225.75.225 206.225.75.226
Tcpip\..\Interfaces\{2f15d8f0-b3d3-43cd-9cdd-a6a029120f11}: [NameServer] 198.51.100.1
Tcpip\..\Interfaces\{2f15d8f0-b3d3-43cd-9cdd-a6a029120f11}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{732b5a0e-6a0a-43bc-9969-18d77e06b00a}: [DhcpNameServer] 206.225.75.225 206.225.75.226

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-02]
Edge HomePage: Default -> hxxps://besthomepageever.com/
Edge StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
Edge NewTab: Default ->  Not-active:"chrome-extension://pnjcioekgpbcdgcnklcnmihpgjjimgoc/newTab.html"
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Avira Safe Shopping) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-01]
Edge Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2023-09-26]
Edge Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
Edge Extension: (Picture-in-Picture Everywhere) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmnlinjalaieggoebkmamaphjghpafhn [2023-09-17]
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-09-23]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-10-01]
Edge Extension: (URL Safety) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ennmhlikbaeahooaiaeanhcdddgibkoi [2023-09-29]
Edge Extension: (Browsec VPN - Free VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjnehcbecaggobjholekjijaaekbnlgj [2023-09-29]
Edge Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2023-09-20]
Edge Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-19]
Edge Extension: (Office - Enable Copy and Paste) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2023-09-29]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-20]
Edge Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
Edge Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
Edge Extension: (Edge relevant text changes) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-19]
Edge Extension: (ZenMate Free VPN – Best VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2023-09-20]
Edge Extension: (Microsoft Outlook) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkpalkknhlklpbflpcpkepmmbnmfailf [2023-09-20]
Edge Extension: (Tubi Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\loiiabknhcakflegiolohkabmacjicbc [2023-09-21]
Edge Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
Edge Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-09-23]
Edge Extension: (UltraWide Streaming: custom fullscreen ratios) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ofkcbakkpjefjndcmbkokadbmmaimnlp [2023-09-20]
Edge Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-09-29]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-26]
Edge Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-28]
Edge Profile: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-10-02]
Edge HomePage: Profile 1 -> hxxps://besthomepageever.com/
Edge StartupUrls: Profile 1 -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
Edge Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
Edge Extension: (Picture-in-Picture Everywhere) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cmnlinjalaieggoebkmamaphjghpafhn [2023-09-17]
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-09-17]
Edge Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2023-09-17]
Edge Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
Edge Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
Edge Extension: (ZenMate Free VPN – Best VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2023-09-17]
Edge Extension: (Norton Password Manager) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2023-09-17]
Edge Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
Edge Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-09-17]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-17]
Edge Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-17]
Edge Extension: (Best Homepage Ever UK - New Tab Quick Launch) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-09-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default [2023-10-02]
CHR Notifications: Default -> hxxps://pchelpforum.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://besthomepageever.com/
CHR StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
CHR NewTab: Default ->  Active:"chrome-extension://omdkehkdnojcndhhilglklegbakenkgb/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-09-26]
CHR Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
CHR Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-23]
CHR Extension: (URL Safety) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennmhlikbaeahooaiaeanhcdddgibkoi [2023-09-29]
CHR Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2023-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2023-09-17]
CHR Extension: (Office - Enable Copy and Paste) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2023-09-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
CHR Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-10-01]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-01]
CHR Extension: (Sea Foam) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lahipjfggmgneaopcckkaipmoandaboo [2023-09-17]
CHR Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-17]
CHR Extension: (Best Homepage Ever - New Tab Quick Launch) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb [2023-10-02]
CHR Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-26]
CHR Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-28]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-02]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-02]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-02]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [439856 2023-06-07] (Bitdefender SRL -> AnchorFree Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [474672 2023-08-18] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncHelper.exe [3511720 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\OneDriveUpdaterService.exe [3849128 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 VCUpdateSvc; C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe [54608 2023-08-25] (Verizon Data Services LLC -> Verizon)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6205488 2023-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\Windows\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [522136 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55872 2023-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [574872 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 15:55 - 2023-10-02 15:57 - 000034227 _____ C:\Users\justc\Desktop\FRST.txt
2023-10-02 15:54 - 2023-10-02 15:54 - 002382848 _____ (Farbar) C:\Users\justc\Downloads\FRST64 (1).exe
2023-10-02 15:50 - 2023-10-02 15:50 - 000000000 ____D C:\Users\justc\Verizon Cloud
2023-10-02 15:48 - 2023-10-02 15:48 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-02 14:32 - 2023-10-02 14:32 - 002382848 _____ (Farbar) C:\Users\justc\Desktop\FRST64.exe
2023-10-02 14:01 - 2023-10-02 15:56 - 000000000 ____D C:\FRST
2023-10-02 12:08 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Roaming\SnookerQ
2023-10-02 12:06 - 2023-10-02 12:06 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 12:05 - 2023-10-02 12:05 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe
2023-10-02 09:43 - 2023-10-02 09:43 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\HTML Help
2023-10-02 09:40 - 2023-10-02 09:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\CoreFTP
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64)
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Program Files\CoreFTP
2023-10-02 02:26 - 2023-10-02 02:26 - 000000000 ____D C:\Users\justc\AppData\Local\OO Software
2023-10-02 02:23 - 2023-10-02 02:23 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-10-02 02:22 - 2023-10-02 02:22 - 000000000 ____D C:\KPRM
2023-10-02 01:27 - 2023-10-02 02:23 - 000000000 ____D C:\Users\justc\AppData\Local\ESET
2023-10-01 19:39 - 2023-10-01 19:39 - 000000000 ____D C:\Users\justc\AppData\Local\CEF
2023-10-01 19:33 - 2023-10-02 01:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\ZHP
2023-10-01 19:19 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Comments.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Aliases.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000004 _____ C:\Users\justc\advanced_ip_scanner_MAC.bin
2023-10-01 19:06 - 2023-10-01 19:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\Program Files\CPUID
2023-10-01 19:01 - 2023-10-02 15:49 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 19:01 - 2023-10-02 15:48 - 000003416 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-01 19:01 - 2023-10-01 19:01 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-01 19:01 - 2023-10-01 19:01 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - justc
2023-10-01 19:01 - 2023-10-01 19:01 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-01 19:01 - 2023-10-01 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\Atom
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\.atom
2023-10-01 18:57 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Local\atom
2023-10-01 18:57 - 2023-10-01 18:58 - 000000000 ____D C:\Users\justc\AppData\Local\SquirrelTemp
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Program Files\AnyDesk
2023-10-01 18:55 - 2023-10-01 18:55 - 000001848 _____ C:\Windows\system32\Tasks\Amazon Music Helper
2023-10-01 18:55 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2023-10-01 18:54 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Local\Amazon Music
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:51 - 2023-10-01 18:53 - 000000000 ____D C:\Users\justc\AppData\Local\Innovative Solutions
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\ProductData
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Local\Adobe
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\ProgramData\Adobe
2023-10-01 18:48 - 2023-10-01 19:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-10-01 18:47 - 2023-10-01 19:39 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\Program Files\7-Zip
2023-10-01 18:44 - 2023-10-02 01:25 - 000000000 ____D C:\Program Files (x86)\360
2023-10-01 18:42 - 2023-10-01 18:42 - 000000000 ____D C:\Users\justc\AppData\Local\Patch_My_PC,_LLC
2023-10-01 02:01 - 2023-10-01 02:01 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-10-01 01:13 - 2023-10-01 01:13 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-10-01 00:32 - 2023-10-01 00:32 - 000710972 _____ C:\ProgramData\cl.1696134161.bdinstall.v2.bin
2023-10-01 00:32 - 2023-10-01 00:32 - 000120408 _____ C:\ProgramData\cl.kit.1696134156.bdinstall.v2.bin
2023-10-01 00:26 - 2023-10-01 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2023-10-01 00:24 - 2023-10-01 00:24 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender
2023-10-01 00:04 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (3).exe
2023-10-01 00:04 - 2023-10-01 00:04 - 000009988 _____ C:\ProgramData\uninstalltool.1696133085.bdinstall.v2.bin
2023-10-01 00:03 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (2).exe
2023-09-30 19:29 - 2023-09-30 19:29 - 000000000 ____D C:\Windows\system32\Tasks\Meta
2023-09-30 19:28 - 2023-09-30 19:28 - 076637736 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.196.0.0.4.210.exe
2023-09-30 19:26 - 2023-09-30 19:26 - 002904424 _____ (Opera Software) C:\Users\justc\Downloads\OperaSetup.exe
2023-09-30 18:49 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (1).exe
2023-09-30 18:48 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool.exe
2023-09-30 16:26 - 2023-09-30 16:26 - 000000000 ____D C:\Users\justc\Desktop\Missy.Mikes business cards
2023-09-29 16:41 - 2023-09-29 16:42 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form (1).pdf
2023-09-29 16:39 - 2023-09-29 16:39 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form.pdf
2023-09-29 08:38 - 2023-09-29 08:38 - 000000000 ____D C:\PUB
2023-09-29 08:37 - 2023-09-29 08:50 - 000000054 _____ C:\Windows\Lic.xxx
2023-09-29 08:36 - 2023-09-29 08:36 - 000176760 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2023-09-29 08:36 - 2023-09-29 08:36 - 000000000 ____D C:\ProgramData\MicroWorld
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (4).exe
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (3).exe
2023-09-29 08:32 - 2023-09-29 08:32 - 015012420 _____ C:\Users\justc\Downloads\avz5.zip
2023-09-29 08:28 - 2023-09-29 08:28 - 000000396 _____ C:\Users\justc\Downloads\avzfix.txt
2023-09-29 08:20 - 2023-09-29 08:20 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (2).exe
2023-09-29 08:18 - 2023-09-29 08:19 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (1).exe
2023-09-29 07:54 - 2023-09-29 07:54 - 000000000 ____D C:\Users\justc\AppData\Local\ToastNotificationManagerCompat
2023-09-28 22:23 - 2023-09-28 22:23 - 000000000 ____D C:\Windows\ABR
2023-09-28 22:15 - 2023-09-28 22:15 - 018320588 _____ C:\Users\justc\Downloads\AutoLogger (1).zip
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis.exe
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis (1).exe
2023-09-28 16:03 - 2023-09-28 16:03 - 001029415 _____ C:\Users\justc\Downloads\RegSeeker47.zip
2023-09-28 13:11 - 2023-09-28 13:11 - 000000000 ____D C:\ProgramData\Hydra Windows SDK
2023-09-28 12:58 - 2023-09-28 12:58 - 000000121 _____ C:\Users\justc\Downloads\backup_codes.txt
2023-09-28 11:29 - 2023-09-28 11:29 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-09-28 10:57 - 2023-09-28 10:57 - 000000000 ___HD C:\$WinREAgent
2023-09-27 22:43 - 2023-09-27 22:43 - 000092200 _____ C:\ProgramData\agent.update.1695869008.bdinstall.v2.bin
2023-09-27 22:42 - 2023-09-27 22:42 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_windows_439a9349-ed46-4358-a035-c15a69ffedf2.exe
2023-09-27 22:19 - 2023-09-27 22:19 - 000213860 _____ C:\ProgramData\vpn.1695867536.bdinstall.v2.bin
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2023-09-27 22:19 - 2021-09-16 05:55 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\bdvpn_netfilter.sys
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Gemma
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Atc
2023-09-27 22:08 - 2023-09-28 19:48 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-27 22:08 - 2023-09-27 22:08 - 000000000 ____D C:\Windows\system32\elambkup
2023-09-27 22:07 - 2023-09-27 22:07 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender Security App
2023-09-27 22:05 - 2023-10-01 00:42 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-27 22:05 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-27 22:00 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-09-27 21:59 - 2023-09-27 22:43 - 000003854 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-27 21:57 - 2023-09-27 22:43 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-27 21:57 - 2023-09-27 21:57 - 000143364 _____ C:\ProgramData\agent.1695866221.bdinstall.v2.bin
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\Users\justc\AppData\Local\Bitdefender
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-27 19:47 - 2023-09-27 19:47 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_avfree.exe
2023-09-26 22:00 - 2023-09-26 22:00 - 001789560 _____ () C:\Users\justc\Downloads\Everything-1.4.1.1024.x86-Setup.exe
2023-09-26 20:32 - 2023-09-26 20:32 - 000000000 ____D C:\Users\justc\Documents\Custom Office Templates
2023-09-26 18:41 - 2023-09-27 17:54 - 000000000 ____D C:\Program Files\HijackThis
2023-09-26 17:16 - 2023-09-26 17:16 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2023-09-26 17:16 - 2023-09-26 17:16 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\MSBuild
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-09-26 10:05 - 2023-09-26 10:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Geek Uninstaller
2023-09-26 10:05 - 2023-09-26 10:05 - 002961151 _____ C:\Users\justc\Downloads\geek.zip
2023-09-25 17:05 - 2023-09-25 17:05 - 005252911 _____ C:\Users\justc\Downloads\Fw_ more piks, couldn't find none of rusty and bian younger.. tryin to make sure all the kids and g kids and g g kids are in.eml
2023-09-24 16:35 - 2023-09-24 16:35 - 000175687 _____ C:\Users\justc\Downloads\HarrellRaeleigh.pdf
2023-09-24 16:32 - 2023-09-24 16:32 - 022152410 _____ C:\Users\justc\Downloads\champion power washer manual.pdf
2023-09-24 16:30 - 2023-09-24 16:30 - 000000000 ____D C:\Users\justc\AppData\LocalLow\webviewdata
2023-09-24 16:13 - 2023-09-24 16:13 - 000000000 ____D C:\ProgramData\VerizonCloud
2023-09-24 16:12 - 2023-10-01 11:43 - 000000000 ____D C:\Users\justc\AppData\Local\VerizonCloud-Data
2023-09-24 16:12 - 2023-09-24 16:13 - 000000000 ____D C:\Windows\system32\Tasks\VerizonCloud
2023-09-24 16:12 - 2023-09-24 16:12 - 000000000 ____D C:\Users\justc\AppData\Local\IsolatedStorage
2023-09-24 15:49 - 2023-09-24 15:49 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000002521 _____ C:\Users\Public\Desktop\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000000000 ____D C:\Program Files\Verizon Cloud
2023-09-24 15:37 - 2023-09-24 15:48 - 028643328 _____ C:\Users\justc\Downloads\pc-vzcloud-install.msi
2023-09-24 14:16 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Desktop\Pool.Snooker (2).zip
2023-09-21 21:48 - 2023-09-21 21:48 - 000000721 _____ C:\Users\justc\Downloads\ATT00001
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\Users\justc\AppData\Roaming\CDTPL
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\ProgramData\CDTPL
2023-09-21 20:32 - 2023-09-21 20:33 - 087778968 _____ (SysTools Software Pvt Ltd ) C:\Users\justc\Downloads\pst-converter.exe
2023-09-21 07:33 - 2023-09-21 07:33 - 000002967 _____ C:\Users\justc\Downloads\ATT00001.htm
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\system32\RTCOM
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files\Waves
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-09-20 09:42 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Windows\system32\SRSLabs
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Program Files\Realtek
2023-09-20 09:42 - 2017-06-19 04:19 - 005762544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2023-09-20 09:42 - 2017-06-19 04:19 - 003685872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2023-09-20 09:42 - 2017-06-19 04:19 - 003545984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003541896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003213808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 001373792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000706472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000692504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000545808 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000460424 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000399448 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000355480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000232696 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000225480 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000220120 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000176456 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000174608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000161928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000144168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000120696 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000097952 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000094152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000032384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013245712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013110360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 012129784 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxVoiceAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007181592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007104872 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 003795400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2023-09-20 09:42 - 2017-06-19 04:18 - 002320104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002218480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002058864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001991768 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001804920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001613696 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001530848 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001444232 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001233064 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001185168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001017424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000759192 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000742512 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000723208 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000693008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000517448 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000457992 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000453824 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000342264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000339112 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000283904 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264952 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264880 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000263928 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000212240 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000131008 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2023-09-20 09:39 - 2017-10-01 20:13 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker.zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (2).zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (1).zip
2023-09-19 14:49 - 2023-10-01 23:40 - 000000000 ____D C:\Users\justc\AppData\Local\Messenger
2023-09-19 14:49 - 2023-10-01 23:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000002333 _____ C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\Local\messenger-updater
2023-09-19 14:48 - 2023-09-19 14:49 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225 (1).exe
2023-09-19 14:48 - 2023-09-19 14:48 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225.exe
2023-09-19 14:34 - 2023-09-19 14:34 - 000000089 _____ C:\Users\justc\Downloads\recovery_codes.txt
2023-09-19 12:51 - 2023-09-19 12:51 - 000136344 _____ C:\Users\justc\Downloads\163217533609.JPEG
2023-09-19 10:16 - 2023-09-19 10:16 - 000006876 _____ C:\Users\justc\Downloads\start2.bin
2023-09-19 09:27 - 2023-10-01 00:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-18 17:13 - 2023-09-18 17:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\InputMethod
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\UProof
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Proof
2023-09-17 23:01 - 2023-09-17 23:01 - 000000000 ___HD C:\ProgramData\CanonIJScan
2023-09-17 23:00 - 2023-09-17 23:01 - 000000000 ____D C:\Users\justc\AppData\Roaming\Canon
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\STRING
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\CanonIJ Uninstaller Information
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Program Files\CanonBJ
2023-09-17 22:56 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2023-09-17 22:55 - 2023-09-17 22:55 - 032939648 _____ C:\Users\justc\Downloads\mp68-win-mx340-1_06-ea24.exe
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\Canon
2023-09-17 22:48 - 2023-09-17 22:49 - 047823992 _____ C:\Users\justc\Downloads\mpnx_3_1-win-3_14-ej.exe
2023-09-17 21:37 - 2023-10-02 09:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Word
2023-09-17 21:37 - 2023-09-29 12:42 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-17 21:37 - 2023-09-29 12:42 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-17 21:37 - 2023-09-17 21:48 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Office
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\AddIns
2023-09-17 21:27 - 2023-09-17 21:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-17 21:27 - 2023-09-17 21:27 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-17 21:11 - 2023-10-02 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\CrashDumps
2023-09-17 21:11 - 2023-09-17 21:14 - 000000000 ____D C:\ProgramData\Windhawk
2023-09-17 21:10 - 2023-09-26 10:24 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Temp
2023-09-17 21:09 - 2023-10-02 14:45 - 000000000 ____D C:\Program Files\Windhawk
2023-09-17 21:08 - 2023-09-17 21:09 - 129469224 _____ (Ramen Software) C:\Users\justc\Downloads\windhawk_setup.exe
2023-09-17 20:55 - 2023-09-17 21:34 - 000000000 ___HD C:\$WINDOWS.~BT
2023-09-17 19:45 - 2023-09-17 19:45 - 000000000 ____D C:\Users\justc\AppData\Local\ElevatedDiagnostics
2023-09-17 19:17 - 2023-09-17 19:22 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\MMC
2023-09-17 17:45 - 2023-09-19 23:29 - 000000000 ____D C:\Windows\Panther
2023-09-17 17:33 - 2023-09-17 17:38 - 000000000 ____D C:\Users\justc\Documents\malwarebytes license key
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagwrn.xml
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagerr.xml
2023-09-17 17:09 - 2023-09-17 17:09 - 000000000 ____D C:\Users\justc\AppData\Local\mbam
2023-09-17 17:08 - 2023-09-17 17:08 - 000000000 ____D C:\Users\justc\Tracing
2023-09-17 17:07 - 2023-09-17 17:07 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5 (1).exe
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-17 17:06 - 2023-09-17 17:06 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5.exe
2023-09-17 16:54 - 2023-09-17 16:54 - 000000000 ___HD C:\$Windows.~WS
2023-09-17 16:49 - 2023-09-17 16:49 - 000000000 _SHDL C:\Documents and Settings
2023-09-17 16:46 - 2023-10-02 15:45 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-17 16:46 - 2023-10-02 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-17 16:46 - 2023-10-02 15:31 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-17 16:46 - 2023-09-30 19:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-17 16:46 - 2023-09-28 12:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-17 16:46 - 2023-09-18 08:05 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-17 16:46 - 2023-09-18 08:05 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____D C:\Windows\ServiceProfiles
2023-09-17 16:46 - 2023-09-17 16:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-17 16:43 - 2023-09-17 17:08 - 000000000 ____D C:\ESD
2023-09-17 16:21 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-17 16:12 - 2023-09-17 16:12 - 000000000 ____H C:\Users\justc\Documents\Default.rdp
2023-09-17 16:09 - 2023-09-17 16:09 - 000000000 ____D C:\Users\justc\AppData\Local\OneDrive
2023-09-17 15:58 - 2023-09-17 15:58 - 000002888 _____ C:\Users\justc\Desktop\Child support portal pin.odt
2023-09-17 15:50 - 2023-09-17 15:58 - 000000000 ____D C:\Windows\system32\MRT
2023-09-17 15:46 - 2023-09-17 15:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-17 14:55 - 2023-09-17 14:55 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPool.lnk
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Users\Public\Documents\Memir Games
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Program Files (x86)\ipool
2023-09-17 14:54 - 2023-09-17 14:54 - 007933240 _____ (Stratician ) C:\Users\justc\Downloads\setup2302.exe
2023-09-17 14:53 - 2023-09-17 14:53 - 000000000 ____D C:\Users\Public\Documents\Stratician Online
2023-09-17 14:52 - 2023-09-17 14:52 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSnooker.lnk
2023-09-17 14:52 - 2023-09-17 14:52 - 000000000 ____D C:\Program Files (x86)\iSnooker
2023-09-17 14:51 - 2023-09-17 14:51 - 032390920 _____ (Stratician ) C:\Users\justc\Downloads\setup2528.exe
2023-09-17 14:36 - 2023-09-27 17:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Users\justc\AppData\Local\Google
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Program Files\Google
2023-09-17 14:35 - 2023-10-02 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-17 14:35 - 2023-09-18 18:41 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B}
2023-09-17 14:35 - 2023-09-18 18:41 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F}
2023-09-17 14:35 - 2023-09-17 14:35 - 001372712 _____ (Google LLC) C:\Users\justc\Downloads\ChromeSetup.exe
2023-09-17 14:22 - 2023-09-17 15:08 - 000000000 ____D C:\Users\justc\AppData\Local\Comms
2023-09-17 14:10 - 2023-09-17 20:06 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Spelling
2023-09-17 14:08 - 2023-09-29 12:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001
2023-09-17 14:08 - 2023-09-20 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\PlaceholderTileLogoFolder
2023-09-17 14:08 - 2023-09-17 14:08 - 000000000 ___HD C:\OneDriveTemp
2023-09-17 14:07 - 2023-10-02 15:49 - 000000000 ___RD C:\Users\justc\OneDrive
2023-09-17 14:07 - 2023-09-17 14:07 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-17 14:05 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Local\AMD
2023-09-17 14:05 - 2023-10-02 09:48 - 000000000 ____D C:\Users\justc\AppData\Local\Packages
2023-09-17 14:05 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Adobe
2023-09-17 14:05 - 2023-10-01 00:17 - 000000000 ____D C:\Users\justc\AppData\Local\D3DSCache
2023-09-17 14:05 - 2023-09-26 23:46 - 000000000 ____D C:\ProgramData\Packages
2023-09-17 14:05 - 2023-09-23 09:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-17 14:05 - 2023-09-21 22:28 - 000000000 ____D C:\Users\justc\AppData\Local\ConnectedDevicesPlatform
2023-09-17 14:05 - 2023-09-17 20:06 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Crypto
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ___RD C:\Users\justc\3D Objects
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Vault
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Network
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\LocalLow\AMD
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\VirtualStore
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\Publishers
2023-09-17 14:00 - 2023-10-02 15:45 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\SystemCertificates
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Windows\system32\AMD
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Program Files\AMD
2023-09-17 14:00 - 2020-10-29 16:31 - 000107560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2023-09-17 13:59 - 2023-10-02 15:50 - 000000000 ____D C:\Users\justc
2023-09-17 13:59 - 2023-09-28 19:29 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows
2023-09-17 13:59 - 2023-09-19 14:51 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Credentials
2023-09-17 13:59 - 2023-09-17 13:59 - 000000020 ___SH C:\Users\justc\ntuser.ini
2023-09-17 13:59 - 2023-09-17 13:59 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Protect
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 064809072 _____ C:\Windows\system32\amd_comgr.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 053684848 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000760432 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000496752 _____ C:\Windows\system32\GameManager64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000493168 _____ C:\Windows\system32\dgtrayicon.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000456304 _____ C:\Windows\system32\atieah64.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000432752 _____ C:\Windows\system32\EEURestart.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000380016 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000351856 _____ C:\Windows\SysWOW64\atieah32.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000339568 _____ C:\Windows\system32\clinfo.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000135792 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000134768 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000125552 _____ C:\Windows\system32\atidxx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000120432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107632 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001686016 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001365368 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000546800 _____ C:\Windows\system32\amdmiracast.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000489584 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000466544 _____ C:\Windows\system32\amdlogum.exe
2023-09-17 13:59 - 2020-10-29 16:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000380016 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-09-17 13:59 - 2020-10-29 15:29 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-09-17 13:54 - 2023-10-02 15:53 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 15:53 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-10-02 15:47 - 2023-05-05 08:27 - 000000000 ____D C:\Windows\SystemTemp
2023-10-02 15:47 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-02 15:45 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-02 00:05 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-01 19:42 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-01 19:26 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-10-01 19:23 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-10-01 19:05 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-10-01 07:36 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-29 14:04 - 2019-12-07 05:14 - 000000554 _____ C:\Windows\win.ini
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\Offline Web Pages
2023-09-28 12:45 - 2019-12-07 05:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-09-28 12:23 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-24 15:49 - 2023-05-05 08:22 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ProjectedFSLib.dll
2023-09-17 22:57 - 2019-12-07 05:14 - 000000000 __RSD C:\Windows\Media
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\MsDtc
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\appcompat
2023-09-17 17:45 - 2019-12-07 05:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-09-17 17:21 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2023-09-17 16:51 - 2019-12-07 05:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-17 16:08 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-17 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by justc (administrator) on DESKTOP-OKFJGL4 (Dell Inc. Inspiron 24-3455) (02-10-2023 15:55:43)
Running from C:\Users\justc\Desktop\FRST64.exe
Loaded Profiles: justc
Platform: Microsoft Windows 10 Home Version 22H2 19045.3516 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259_0\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdwtxag.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Program Files\Verizon Cloud\Verizon Cloud.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Verizon Data Services LLC -> Verizon) C:\Program Files\Verizon Cloud\Verizon Cloud.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Bitdefender SRL -> AnchorFree Inc.) C:\Program Files\Bitdefender\Bitdefender VPN\Hydra.Sdk.Windows.Service.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Verizon Data Services LLC -> Verizon) C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Amazon.com Services LLC -> Amazon.com Services LLC) C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235440 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1062424 2023-09-14] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2586640 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [com.verizon.verizoncloud] => C:\Program Files\Verizon Cloud\Verizon Cloud.exe [8991568 2023-08-25] (Verizon Data Services LLC -> Verizon)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [com.messenger] => C:\Users\justc\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (No File)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [Amazon Music Helper] => C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107496 2023-04-12] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3242272 2023-09-27] (Google LLC -> Google LLC)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MX340 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA5.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX340 series: C:\Windows\system32\CNMLMA5.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX340 series: C:\Windows\system32\CNCF2Lk.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe [2023-09-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7C773FC8-3237-4148-9B0B-4358A3960877} - System32\Tasks\Amazon Music Helper => C:\Users\justc\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107496 2023-04-12] (Amazon.com Services LLC -> Amazon.com Services LLC)
Task: {B5673D04-8BD3-45A4-8ADE-237CE62BC243} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259_0\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {38E68DA7-BDC1-45BC-B6F1-E1340C9BF565} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {93365B83-1068-4600-A7E2-0FA633A6FC88} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "331ffa93-1f39-4a84-927a-41c6fb770b18" --version "6.16.10662" --silent
Task: {BBBE75CE-C415-4859-B21E-6762426C71B1} - System32\Tasks\CCleanerSkipUAC - justc => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4EC19EEF-BD4F-457C-B099-18AED5C8ED68} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.exe [5329280 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
Task: {6EA4340F-4DCB-4548-8010-72A3DDCAED67} - System32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-17] (Google LLC -> Google LLC)
Task: {8A99C8CB-E11D-414D-AAE3-C816090ED3FF} - System32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-17] (Google LLC -> Google LLC)
Task: {E5EAE20A-AF40-4737-B2E6-D8834FFED2DC} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2215749033-445842302-415398914-1001 => C:\Users\justc\AppData\Local\Programs\Messenger\MessengerHelper.exe [2265336 2023-09-28] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {D521675D-8F95-43CD-B315-9FA40D55AE56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FB92B1-FEB1-41DC-8A5F-C6F4D1962BA0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A636F8D-8343-48C2-8703-6C5231D4A8D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A49083BF-7448-42A3-9649-32DE1D6A76DD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {07E94C3F-2761-421D-8832-06510B21C5ED} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7666593B-5016-485B-B8DC-427AB9403CC3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130824 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDA65BBA-3279-4AFD-A9DE-FB3351CA4145} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130824 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {16F7FE9F-3E7B-421D-8E20-2ED726C9B4E8} - System32\Tasks\VerizonCloud\APMPublisherTask => C:\Program Files\Verizon Cloud\Verizon Cloud.exe [8991568 2023-08-25] (Verizon Data Services LLC -> Verizon)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 206.225.75.225 206.225.75.226
Tcpip\..\Interfaces\{2f15d8f0-b3d3-43cd-9cdd-a6a029120f11}: [NameServer] 198.51.100.1
Tcpip\..\Interfaces\{2f15d8f0-b3d3-43cd-9cdd-a6a029120f11}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{732b5a0e-6a0a-43bc-9969-18d77e06b00a}: [DhcpNameServer] 206.225.75.225 206.225.75.226

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-02]
Edge HomePage: Default -> hxxps://besthomepageever.com/
Edge StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
Edge NewTab: Default ->  Not-active:"chrome-extension://pnjcioekgpbcdgcnklcnmihpgjjimgoc/newTab.html"
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Avira Safe Shopping) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-01]
Edge Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2023-09-26]
Edge Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
Edge Extension: (Picture-in-Picture Everywhere) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmnlinjalaieggoebkmamaphjghpafhn [2023-09-17]
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-09-23]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-10-01]
Edge Extension: (URL Safety) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ennmhlikbaeahooaiaeanhcdddgibkoi [2023-09-29]
Edge Extension: (Browsec VPN - Free VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjnehcbecaggobjholekjijaaekbnlgj [2023-09-29]
Edge Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2023-09-20]
Edge Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-19]
Edge Extension: (Office - Enable Copy and Paste) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2023-09-29]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-20]
Edge Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
Edge Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
Edge Extension: (Edge relevant text changes) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-19]
Edge Extension: (ZenMate Free VPN – Best VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2023-09-20]
Edge Extension: (Microsoft Outlook) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkpalkknhlklpbflpcpkepmmbnmfailf [2023-09-20]
Edge Extension: (Tubi Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\loiiabknhcakflegiolohkabmacjicbc [2023-09-21]
Edge Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
Edge Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-09-23]
Edge Extension: (UltraWide Streaming: custom fullscreen ratios) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ofkcbakkpjefjndcmbkokadbmmaimnlp [2023-09-20]
Edge Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2023-09-29]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-26]
Edge Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-28]
Edge Profile: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-10-02]
Edge HomePage: Profile 1 -> hxxps://besthomepageever.com/
Edge StartupUrls: Profile 1 -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
Edge Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
Edge Extension: (Picture-in-Picture Everywhere) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cmnlinjalaieggoebkmamaphjghpafhn [2023-09-17]
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-09-17]
Edge Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2023-09-17]
Edge Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
Edge Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
Edge Extension: (ZenMate Free VPN – Best VPN for Edge) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\kepdippgcikacmcdaijnponnfgljfbea [2023-09-17]
Edge Extension: (Norton Password Manager) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2023-09-17]
Edge Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
Edge Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-09-17]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-17]
Edge Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-17]
Edge Extension: (Best Homepage Ever UK - New Tab Quick Launch) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pnjcioekgpbcdgcnklcnmihpgjjimgoc [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-09-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default [2023-10-02]
CHR Notifications: Default -> hxxps://pchelpforum.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://besthomepageever.com/
CHR StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
CHR NewTab: Default ->  Active:"chrome-extension://omdkehkdnojcndhhilglklegbakenkgb/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-09-26]
CHR Extension: (Hulu PIP) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnnojbahbfmbhhpkcoihncbojdlhbnj [2023-09-17]
CHR Extension: (uBlock Origin) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-23]
CHR Extension: (URL Safety) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennmhlikbaeahooaiaeanhcdddgibkoi [2023-09-29]
CHR Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2023-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2023-09-17]
CHR Extension: (Office - Enable Copy and Paste) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2023-09-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-17]
CHR Extension: (Netflix Picture in Picture now for Prime & D+) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkmakgpojigahjdalffbkimpnpabelio [2023-09-17]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-10-01]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-01]
CHR Extension: (Sea Foam) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lahipjfggmgneaopcckkaipmoandaboo [2023-09-17]
CHR Extension: (Paramount Plus Picture In Picture) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfmgdailbkanbdajodjgmgncbeflcnci [2023-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-17]
CHR Extension: (Best Homepage Ever - New Tab Quick Launch) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb [2023-10-02]
CHR Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-09-26]
CHR Extension: (Hulu Ad Skipper | Ad Blocker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgpdfnkeeppfohmophlpcfmciioeenig [2023-09-28]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-02]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-02]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-02]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [439856 2023-06-07] (Bitdefender SRL -> AnchorFree Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [474672 2023-08-18] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncHelper.exe [3511720 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.189.0910.0001\OneDriveUpdaterService.exe [3849128 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-09-14] (Bitdefender SRL -> Bitdefender)
R2 VCUpdateSvc; C:\Program Files\Verizon Cloud\VerizonCloudUpdater.exe [54608 2023-08-25] (Verizon Data Services LLC -> Verizon)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-14] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6205488 2023-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\Windows\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [522136 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55872 2023-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [574872 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 15:55 - 2023-10-02 15:57 - 000034227 _____ C:\Users\justc\Desktop\FRST.txt
2023-10-02 15:54 - 2023-10-02 15:54 - 002382848 _____ (Farbar) C:\Users\justc\Downloads\FRST64 (1).exe
2023-10-02 15:50 - 2023-10-02 15:50 - 000000000 ____D C:\Users\justc\Verizon Cloud
2023-10-02 15:48 - 2023-10-02 15:48 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-02 14:32 - 2023-10-02 14:32 - 002382848 _____ (Farbar) C:\Users\justc\Desktop\FRST64.exe
2023-10-02 14:01 - 2023-10-02 15:56 - 000000000 ____D C:\FRST
2023-10-02 12:08 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Roaming\SnookerQ
2023-10-02 12:06 - 2023-10-02 12:06 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe
2023-10-02 12:05 - 2023-10-02 12:05 - 107353130 _____ (SnookerQ Inc. ) C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe
2023-10-02 09:43 - 2023-10-02 09:43 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\HTML Help
2023-10-02 09:40 - 2023-10-02 09:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\CoreFTP
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64)
2023-10-02 09:38 - 2023-10-02 09:38 - 000000000 ____D C:\Program Files\CoreFTP
2023-10-02 02:26 - 2023-10-02 02:26 - 000000000 ____D C:\Users\justc\AppData\Local\OO Software
2023-10-02 02:23 - 2023-10-02 02:23 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-10-02 02:22 - 2023-10-02 02:22 - 000000000 ____D C:\KPRM
2023-10-02 01:27 - 2023-10-02 02:23 - 000000000 ____D C:\Users\justc\AppData\Local\ESET
2023-10-01 19:39 - 2023-10-01 19:39 - 000000000 ____D C:\Users\justc\AppData\Local\CEF
2023-10-01 19:33 - 2023-10-02 01:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\ZHP
2023-10-01 19:19 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Comments.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000015 _____ C:\Users\justc\advanced_ip_scanner_Aliases.bin
2023-10-01 19:07 - 2023-10-01 19:07 - 000000004 _____ C:\Users\justc\advanced_ip_scanner_MAC.bin
2023-10-01 19:06 - 2023-10-01 19:06 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-10-01 19:03 - 2023-10-01 19:03 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-10-01 19:02 - 2023-10-01 19:02 - 000000000 ____D C:\Program Files\CPUID
2023-10-01 19:01 - 2023-10-02 15:49 - 000000000 ____D C:\Program Files\CCleaner
2023-10-01 19:01 - 2023-10-02 15:48 - 000003416 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-01 19:01 - 2023-10-01 19:01 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-01 19:01 - 2023-10-01 19:01 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - justc
2023-10-01 19:01 - 2023-10-01 19:01 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-01 19:01 - 2023-10-01 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\AppData\Roaming\Atom
2023-10-01 18:58 - 2023-10-01 18:59 - 000000000 ____D C:\Users\justc\.atom
2023-10-01 18:57 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Local\atom
2023-10-01 18:57 - 2023-10-01 18:58 - 000000000 ____D C:\Users\justc\AppData\Local\SquirrelTemp
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2023-10-01 18:56 - 2023-10-01 19:19 - 000000000 ____D C:\Program Files\AnyDesk
2023-10-01 18:55 - 2023-10-01 18:55 - 000001848 _____ C:\Windows\system32\Tasks\Amazon Music Helper
2023-10-01 18:55 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2023-10-01 18:54 - 2023-10-01 18:55 - 000000000 ____D C:\Users\justc\AppData\Local\Amazon Music
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:51 - 2023-10-01 18:53 - 000000000 ____D C:\Users\justc\AppData\Local\Innovative Solutions
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\ProductData
2023-10-01 18:51 - 2023-10-01 18:51 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Local\Adobe
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2023-10-01 18:50 - 2023-10-01 18:50 - 000000000 ____D C:\ProgramData\Adobe
2023-10-01 18:48 - 2023-10-01 19:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-10-01 18:47 - 2023-10-01 19:39 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-10-01 18:46 - 2023-10-01 18:46 - 000000000 ____D C:\Program Files\7-Zip
2023-10-01 18:44 - 2023-10-02 01:25 - 000000000 ____D C:\Program Files (x86)\360
2023-10-01 18:42 - 2023-10-01 18:42 - 000000000 ____D C:\Users\justc\AppData\Local\Patch_My_PC,_LLC
2023-10-01 02:01 - 2023-10-01 02:01 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-10-01 02:01 - 2023-10-01 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-10-01 01:13 - 2023-10-01 01:13 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-10-01 00:32 - 2023-10-01 00:32 - 000710972 _____ C:\ProgramData\cl.1696134161.bdinstall.v2.bin
2023-10-01 00:32 - 2023-10-01 00:32 - 000120408 _____ C:\ProgramData\cl.kit.1696134156.bdinstall.v2.bin
2023-10-01 00:26 - 2023-10-01 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2023-10-01 00:24 - 2023-10-01 00:24 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender
2023-10-01 00:04 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (3).exe
2023-10-01 00:04 - 2023-10-01 00:04 - 000009988 _____ C:\ProgramData\uninstalltool.1696133085.bdinstall.v2.bin
2023-10-01 00:03 - 2023-10-01 00:04 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (2).exe
2023-09-30 19:29 - 2023-09-30 19:29 - 000000000 ____D C:\Windows\system32\Tasks\Meta
2023-09-30 19:28 - 2023-09-30 19:28 - 076637736 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.196.0.0.4.210.exe
2023-09-30 19:26 - 2023-09-30 19:26 - 002904424 _____ (Opera Software) C:\Users\justc\Downloads\OperaSetup.exe
2023-09-30 18:49 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool (1).exe
2023-09-30 18:48 - 2023-09-30 18:49 - 043134544 _____ C:\Users\justc\Downloads\Bitdefender_2023_Uninstall_Tool.exe
2023-09-30 16:26 - 2023-09-30 16:26 - 000000000 ____D C:\Users\justc\Desktop\Missy.Mikes business cards
2023-09-29 16:41 - 2023-09-29 16:42 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form (1).pdf
2023-09-29 16:39 - 2023-09-29 16:39 - 000029018 _____ C:\Users\justc\Downloads\8th Grade Athlete Recognition Night Form.pdf
2023-09-29 08:38 - 2023-09-29 08:38 - 000000000 ____D C:\PUB
2023-09-29 08:37 - 2023-09-29 08:50 - 000000054 _____ C:\Windows\Lic.xxx
2023-09-29 08:36 - 2023-09-29 08:36 - 000176760 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2023-09-29 08:36 - 2023-09-29 08:36 - 000000000 ____D C:\ProgramData\MicroWorld
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (4).exe
2023-09-29 08:33 - 2023-09-29 08:34 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (3).exe
2023-09-29 08:32 - 2023-09-29 08:32 - 015012420 _____ C:\Users\justc\Downloads\avz5.zip
2023-09-29 08:28 - 2023-09-29 08:28 - 000000396 _____ C:\Users\justc\Downloads\avzfix.txt
2023-09-29 08:20 - 2023-09-29 08:20 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (2).exe
2023-09-29 08:18 - 2023-09-29 08:19 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\justc\Downloads\mwav (1).exe
2023-09-29 07:54 - 2023-09-29 07:54 - 000000000 ____D C:\Users\justc\AppData\Local\ToastNotificationManagerCompat
2023-09-28 22:23 - 2023-09-28 22:23 - 000000000 ____D C:\Windows\ABR
2023-09-28 22:15 - 2023-09-28 22:15 - 018320588 _____ C:\Users\justc\Downloads\AutoLogger (1).zip
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis.exe
2023-09-28 22:09 - 2023-09-28 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\justc\Downloads\HijackThis (1).exe
2023-09-28 16:03 - 2023-09-28 16:03 - 001029415 _____ C:\Users\justc\Downloads\RegSeeker47.zip
2023-09-28 13:11 - 2023-09-28 13:11 - 000000000 ____D C:\ProgramData\Hydra Windows SDK
2023-09-28 12:58 - 2023-09-28 12:58 - 000000121 _____ C:\Users\justc\Downloads\backup_codes.txt
2023-09-28 11:29 - 2023-09-28 11:29 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-09-28 10:57 - 2023-09-28 10:57 - 000000000 ___HD C:\$WinREAgent
2023-09-27 22:43 - 2023-09-27 22:43 - 000092200 _____ C:\ProgramData\agent.update.1695869008.bdinstall.v2.bin
2023-09-27 22:42 - 2023-09-27 22:42 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_windows_439a9349-ed46-4358-a035-c15a69ffedf2.exe
2023-09-27 22:19 - 2023-09-27 22:19 - 000213860 _____ C:\ProgramData\vpn.1695867536.bdinstall.v2.bin
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2023-09-27 22:19 - 2023-09-27 22:19 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2023-09-27 22:19 - 2021-09-16 05:55 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\bdvpn_netfilter.sys
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Gemma
2023-09-27 22:11 - 2023-09-27 22:11 - 000000000 ____D C:\ProgramData\Atc
2023-09-27 22:08 - 2023-09-28 19:48 - 000000000 ____D C:\ProgramData\BDLogging
2023-09-27 22:08 - 2023-09-27 22:08 - 000000000 ____D C:\Windows\system32\elambkup
2023-09-27 22:07 - 2023-09-27 22:07 - 000000000 ____D C:\Users\justc\AppData\Roaming\Bitdefender Security App
2023-09-27 22:05 - 2023-10-01 00:42 - 000000000 ____D C:\ProgramData\Bitdefender
2023-09-27 22:05 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Bitdefender
2023-09-27 22:00 - 2023-10-01 00:24 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-09-27 21:59 - 2023-09-27 22:43 - 000003854 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-09-27 21:57 - 2023-09-27 22:43 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-09-27 21:57 - 2023-09-27 21:57 - 000143364 _____ C:\ProgramData\agent.1695866221.bdinstall.v2.bin
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\Users\justc\AppData\Local\Bitdefender
2023-09-27 21:57 - 2023-09-27 21:57 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-09-27 19:47 - 2023-09-27 19:47 - 014026096 _____ C:\Users\justc\Downloads\bitdefender_avfree.exe
2023-09-26 22:00 - 2023-09-26 22:00 - 001789560 _____ () C:\Users\justc\Downloads\Everything-1.4.1.1024.x86-Setup.exe
2023-09-26 20:32 - 2023-09-26 20:32 - 000000000 ____D C:\Users\justc\Documents\Custom Office Templates
2023-09-26 18:41 - 2023-09-27 17:54 - 000000000 ____D C:\Program Files\HijackThis
2023-09-26 17:16 - 2023-09-26 17:16 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2023-09-26 17:16 - 2023-09-26 17:16 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files\MSBuild
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-09-26 10:41 - 2023-09-26 10:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-09-26 10:05 - 2023-09-26 10:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Geek Uninstaller
2023-09-26 10:05 - 2023-09-26 10:05 - 002961151 _____ C:\Users\justc\Downloads\geek.zip
2023-09-25 17:05 - 2023-09-25 17:05 - 005252911 _____ C:\Users\justc\Downloads\Fw_ more piks, couldn't find none of rusty and bian younger.. tryin to make sure all the kids and g kids and g g kids are in.eml
2023-09-24 16:35 - 2023-09-24 16:35 - 000175687 _____ C:\Users\justc\Downloads\HarrellRaeleigh.pdf
2023-09-24 16:32 - 2023-09-24 16:32 - 022152410 _____ C:\Users\justc\Downloads\champion power washer manual.pdf
2023-09-24 16:30 - 2023-09-24 16:30 - 000000000 ____D C:\Users\justc\AppData\LocalLow\webviewdata
2023-09-24 16:13 - 2023-09-24 16:13 - 000000000 ____D C:\ProgramData\VerizonCloud
2023-09-24 16:12 - 2023-10-01 11:43 - 000000000 ____D C:\Users\justc\AppData\Local\VerizonCloud-Data
2023-09-24 16:12 - 2023-09-24 16:13 - 000000000 ____D C:\Windows\system32\Tasks\VerizonCloud
2023-09-24 16:12 - 2023-09-24 16:12 - 000000000 ____D C:\Users\justc\AppData\Local\IsolatedStorage
2023-09-24 15:49 - 2023-09-24 15:49 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000002521 _____ C:\Users\Public\Desktop\Verizon Cloud.lnk
2023-09-24 15:49 - 2023-09-24 15:49 - 000000000 ____D C:\Program Files\Verizon Cloud
2023-09-24 15:37 - 2023-09-24 15:48 - 028643328 _____ C:\Users\justc\Downloads\pc-vzcloud-install.msi
2023-09-24 14:16 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Desktop\Pool.Snooker (2).zip
2023-09-21 21:48 - 2023-09-21 21:48 - 000000721 _____ C:\Users\justc\Downloads\ATT00001
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\Users\justc\AppData\Roaming\CDTPL
2023-09-21 20:34 - 2023-09-21 20:34 - 000000000 ____D C:\ProgramData\CDTPL
2023-09-21 20:32 - 2023-09-21 20:33 - 087778968 _____ (SysTools Software Pvt Ltd ) C:\Users\justc\Downloads\pst-converter.exe
2023-09-21 07:33 - 2023-09-21 07:33 - 000002967 _____ C:\Users\justc\Downloads\ATT00001.htm
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\system32\RTCOM
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files\Waves
2023-09-20 09:44 - 2023-09-20 09:44 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-09-20 09:42 - 2023-09-20 09:44 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Windows\system32\SRSLabs
2023-09-20 09:42 - 2023-09-20 09:42 - 000000000 ____D C:\Program Files\Realtek
2023-09-20 09:42 - 2017-06-19 04:19 - 005762544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2023-09-20 09:42 - 2017-06-19 04:19 - 003685872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2023-09-20 09:42 - 2017-06-19 04:19 - 003545984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003541896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 003213808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 001373792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000706472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000692504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000545808 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000460424 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000399448 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000355480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000333272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000232696 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000225480 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000220120 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000176456 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000174608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000161928 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000144168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000120696 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000097952 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000094152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2023-09-20 09:42 - 2017-06-19 04:19 - 000032384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013245712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 013110360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 012129784 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxVoiceAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007181592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 007104872 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 003795400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2023-09-20 09:42 - 2017-06-19 04:18 - 002320104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002218480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 002058864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001991768 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001804920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001613696 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001530848 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001444232 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001233064 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001185168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 001017424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000759192 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000742512 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000723208 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000693008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000517448 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000457992 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000453824 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000342264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000339112 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000283904 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264952 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000264880 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000263928 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000212240 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2023-09-20 09:42 - 2017-06-19 04:18 - 000131008 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2023-09-20 09:39 - 2017-10-01 20:13 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker.zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (2).zip
2023-09-20 00:15 - 2023-09-20 00:16 - 012339253 _____ C:\Users\justc\Downloads\Pool.Snooker (1).zip
2023-09-19 14:49 - 2023-10-01 23:40 - 000000000 ____D C:\Users\justc\AppData\Local\Messenger
2023-09-19 14:49 - 2023-10-01 23:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000002333 _____ C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Messenger
2023-09-19 14:49 - 2023-09-19 14:49 - 000000000 ____D C:\Users\justc\AppData\Local\messenger-updater
2023-09-19 14:48 - 2023-09-19 14:49 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225 (1).exe
2023-09-19 14:48 - 2023-09-19 14:48 - 076276840 _____ (Facebook, Inc.) C:\Users\justc\Downloads\Messenger.195.0.0.4.225.exe
2023-09-19 14:34 - 2023-09-19 14:34 - 000000089 _____ C:\Users\justc\Downloads\recovery_codes.txt
2023-09-19 12:51 - 2023-09-19 12:51 - 000136344 _____ C:\Users\justc\Downloads\163217533609.JPEG
2023-09-19 10:16 - 2023-09-19 10:16 - 000006876 _____ C:\Users\justc\Downloads\start2.bin
2023-09-19 09:27 - 2023-10-01 00:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-18 17:13 - 2023-09-18 17:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\InputMethod
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\UProof
2023-09-18 13:14 - 2023-09-18 13:14 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Proof
2023-09-17 23:01 - 2023-09-17 23:01 - 000000000 ___HD C:\ProgramData\CanonIJScan
2023-09-17 23:00 - 2023-09-17 23:01 - 000000000 ____D C:\Users\justc\AppData\Roaming\Canon
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX340 series
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2023-09-17 22:57 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\STRING
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Windows\system32\CanonIJ Uninstaller Information
2023-09-17 22:56 - 2023-09-17 22:56 - 000000000 ____D C:\Program Files\CanonBJ
2023-09-17 22:56 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2023-09-17 22:55 - 2023-09-17 22:55 - 032939648 _____ C:\Users\justc\Downloads\mp68-win-mx340-1_06-ea24.exe
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-09-17 22:49 - 2023-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\Canon
2023-09-17 22:48 - 2023-09-17 22:49 - 047823992 _____ C:\Users\justc\Downloads\mpnx_3_1-win-3_14-ej.exe
2023-09-17 21:37 - 2023-10-02 09:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Word
2023-09-17 21:37 - 2023-09-29 12:42 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-17 21:37 - 2023-09-29 12:42 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-17 21:37 - 2023-09-17 21:48 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Office
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-17 21:37 - 2023-09-17 21:37 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\AddIns
2023-09-17 21:27 - 2023-09-17 21:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-17 21:27 - 2023-09-17 21:27 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-17 21:11 - 2023-10-02 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\CrashDumps
2023-09-17 21:11 - 2023-09-17 21:14 - 000000000 ____D C:\ProgramData\Windhawk
2023-09-17 21:10 - 2023-09-26 10:24 - 000000000 ____D C:\Users\justc\AppData\LocalLow\Temp
2023-09-17 21:09 - 2023-10-02 14:45 - 000000000 ____D C:\Program Files\Windhawk
2023-09-17 21:08 - 2023-09-17 21:09 - 129469224 _____ (Ramen Software) C:\Users\justc\Downloads\windhawk_setup.exe
2023-09-17 20:55 - 2023-09-17 21:34 - 000000000 ___HD C:\$WINDOWS.~BT
2023-09-17 19:45 - 2023-09-17 19:45 - 000000000 ____D C:\Users\justc\AppData\Local\ElevatedDiagnostics
2023-09-17 19:17 - 2023-09-17 19:22 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\MMC
2023-09-17 17:45 - 2023-09-19 23:29 - 000000000 ____D C:\Windows\Panther
2023-09-17 17:33 - 2023-09-17 17:38 - 000000000 ____D C:\Users\justc\Documents\malwarebytes license key
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagwrn.xml
2023-09-17 17:27 - 2023-09-17 21:34 - 000001908 _____ C:\Windows\diagerr.xml
2023-09-17 17:09 - 2023-09-17 17:09 - 000000000 ____D C:\Users\justc\AppData\Local\mbam
2023-09-17 17:08 - 2023-09-17 17:08 - 000000000 ____D C:\Users\justc\Tracing
2023-09-17 17:07 - 2023-09-17 17:07 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5 (1).exe
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-17 17:07 - 2023-09-17 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-17 17:06 - 2023-09-17 17:06 - 002606880 _____ (Malwarebytes) C:\Users\justc\Downloads\MBSetup-5.5.exe
2023-09-17 16:54 - 2023-09-17 16:54 - 000000000 ___HD C:\$Windows.~WS
2023-09-17 16:49 - 2023-09-17 16:49 - 000000000 _SHDL C:\Documents and Settings
2023-09-17 16:46 - 2023-10-02 15:45 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-17 16:46 - 2023-10-02 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-17 16:46 - 2023-10-02 15:31 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-17 16:46 - 2023-09-30 19:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-17 16:46 - 2023-09-28 12:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-17 16:46 - 2023-09-18 08:05 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-17 16:46 - 2023-09-18 08:05 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-17 16:46 - 2023-09-17 16:46 - 000000000 ____D C:\Windows\ServiceProfiles
2023-09-17 16:46 - 2023-09-17 16:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-17 16:43 - 2023-09-17 17:08 - 000000000 ____D C:\ESD
2023-09-17 16:21 - 2023-10-01 19:19 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-09-17 16:12 - 2023-09-17 16:12 - 000000000 ____H C:\Users\justc\Documents\Default.rdp
2023-09-17 16:09 - 2023-09-17 16:09 - 000000000 ____D C:\Users\justc\AppData\Local\OneDrive
2023-09-17 15:58 - 2023-09-17 15:58 - 000002888 _____ C:\Users\justc\Desktop\Child support portal pin.odt
2023-09-17 15:50 - 2023-09-17 15:58 - 000000000 ____D C:\Windows\system32\MRT
2023-09-17 15:46 - 2023-09-17 15:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-17 14:55 - 2023-09-17 14:55 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPool.lnk
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Users\Public\Documents\Memir Games
2023-09-17 14:55 - 2023-09-17 14:55 - 000000000 ____D C:\Program Files (x86)\ipool
2023-09-17 14:54 - 2023-09-17 14:54 - 007933240 _____ (Stratician ) C:\Users\justc\Downloads\setup2302.exe
2023-09-17 14:53 - 2023-09-17 14:53 - 000000000 ____D C:\Users\Public\Documents\Stratician Online
2023-09-17 14:52 - 2023-09-17 14:52 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSnooker.lnk
2023-09-17 14:52 - 2023-09-17 14:52 - 000000000 ____D C:\Program Files (x86)\iSnooker
2023-09-17 14:51 - 2023-09-17 14:51 - 032390920 _____ (Stratician ) C:\Users\justc\Downloads\setup2528.exe
2023-09-17 14:36 - 2023-09-27 17:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Users\justc\AppData\Local\Google
2023-09-17 14:36 - 2023-09-17 14:36 - 000000000 ____D C:\Program Files\Google
2023-09-17 14:35 - 2023-10-02 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-17 14:35 - 2023-09-18 18:41 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{DE2B8264-B4FC-4FEF-AF29-8679B6F43F3B}
2023-09-17 14:35 - 2023-09-18 18:41 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6BCD498D-EAE8-4972-BEBF-73EDBE3A0D6F}
2023-09-17 14:35 - 2023-09-17 14:35 - 001372712 _____ (Google LLC) C:\Users\justc\Downloads\ChromeSetup.exe
2023-09-17 14:22 - 2023-09-17 15:08 - 000000000 ____D C:\Users\justc\AppData\Local\Comms
2023-09-17 14:10 - 2023-09-17 20:06 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Spelling
2023-09-17 14:08 - 2023-09-29 12:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2215749033-445842302-415398914-1001
2023-09-17 14:08 - 2023-09-20 12:48 - 000000000 ____D C:\Users\justc\AppData\Local\PlaceholderTileLogoFolder
2023-09-17 14:08 - 2023-09-17 14:08 - 000000000 ___HD C:\OneDriveTemp
2023-09-17 14:07 - 2023-10-02 15:49 - 000000000 ___RD C:\Users\justc\OneDrive
2023-09-17 14:07 - 2023-09-17 14:07 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-17 14:05 - 2023-10-02 12:08 - 000000000 ____D C:\Users\justc\AppData\Local\AMD
2023-09-17 14:05 - 2023-10-02 09:48 - 000000000 ____D C:\Users\justc\AppData\Local\Packages
2023-09-17 14:05 - 2023-10-01 18:50 - 000000000 ____D C:\Users\justc\AppData\Roaming\Adobe
2023-09-17 14:05 - 2023-10-01 00:17 - 000000000 ____D C:\Users\justc\AppData\Local\D3DSCache
2023-09-17 14:05 - 2023-09-26 23:46 - 000000000 ____D C:\ProgramData\Packages
2023-09-17 14:05 - 2023-09-23 09:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-17 14:05 - 2023-09-21 22:28 - 000000000 ____D C:\Users\justc\AppData\Local\ConnectedDevicesPlatform
2023-09-17 14:05 - 2023-09-17 20:06 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Crypto
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ___RD C:\Users\justc\3D Objects
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Vault
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Network
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\LocalLow\AMD
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\VirtualStore
2023-09-17 14:05 - 2023-09-17 14:05 - 000000000 ____D C:\Users\justc\AppData\Local\Publishers
2023-09-17 14:00 - 2023-10-02 15:45 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\SystemCertificates
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Windows\system32\AMD
2023-09-17 14:00 - 2023-09-17 14:00 - 000000000 ____D C:\Program Files\AMD
2023-09-17 14:00 - 2020-10-29 16:31 - 000107560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2023-09-17 13:59 - 2023-10-02 15:50 - 000000000 ____D C:\Users\justc
2023-09-17 13:59 - 2023-09-28 19:29 - 000000000 ____D C:\Users\justc\AppData\Roaming\Microsoft\Windows
2023-09-17 13:59 - 2023-09-19 14:51 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Credentials
2023-09-17 13:59 - 2023-09-17 13:59 - 000000020 ___SH C:\Users\justc\ntuser.ini
2023-09-17 13:59 - 2023-09-17 13:59 - 000000000 ___SD C:\Users\justc\AppData\Roaming\Microsoft\Protect
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001783920 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001374320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 001085360 _____ C:\Windows\system32\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000944208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-09-17 13:59 - 2020-10-29 16:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 064809072 _____ C:\Windows\system32\amd_comgr.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 053684848 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000760432 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000496752 _____ C:\Windows\system32\GameManager64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000493168 _____ C:\Windows\system32\dgtrayicon.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000456304 _____ C:\Windows\system32\atieah64.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000432752 _____ C:\Windows\system32\EEURestart.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000380016 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000351856 _____ C:\Windows\SysWOW64\atieah32.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000339568 _____ C:\Windows\system32\clinfo.exe
2023-09-17 13:59 - 2020-10-29 16:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000135792 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000134768 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000125552 _____ C:\Windows\system32\atidxx64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000120432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107632 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2023-09-17 13:59 - 2020-10-29 16:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001686016 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 001365368 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000546800 _____ C:\Windows\system32\amdmiracast.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000489584 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000466544 _____ C:\Windows\system32\amdlogum.exe
2023-09-17 13:59 - 2020-10-29 16:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000380016 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-09-17 13:59 - 2020-10-29 16:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-09-17 13:59 - 2020-10-29 15:29 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2023-09-17 13:59 - 2020-10-29 15:29 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-09-17 13:54 - 2023-10-02 15:53 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-02 15:53 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-10-02 15:47 - 2023-05-05 08:27 - 000000000 ____D C:\Windows\SystemTemp
2023-10-02 15:47 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-02 15:45 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-02 00:05 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-01 19:42 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-01 19:26 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-10-01 19:23 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-10-01 19:05 - 2019-12-07 05:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-10-01 07:36 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-29 14:04 - 2019-12-07 05:14 - 000000554 _____ C:\Windows\win.ini
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2023-09-28 22:04 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\Offline Web Pages
2023-09-28 12:45 - 2019-12-07 05:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-09-28 12:23 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-28 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-24 15:49 - 2023-05-05 08:22 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ProjectedFSLib.dll
2023-09-17 22:57 - 2019-12-07 05:14 - 000000000 __RSD C:\Windows\Media
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\MsDtc
2023-09-17 20:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-17 19:01 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-17 19:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\appcompat
2023-09-17 17:45 - 2019-12-07 05:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-09-17 17:21 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2023-09-17 16:51 - 2019-12-07 05:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-17 16:08 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-17 13:57 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by justc (02-10-2023 15:59:58)
Running from C:\Users\justc\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3516 (X64) (2023-09-17 20:49:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2215749033-445842302-415398914-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2215749033-445842302-415398914-503 - Limited - Disabled)
Guest (S-1-5-21-2215749033-445842302-415398914-501 - Limited - Disabled)
justc (S-1-5-21-2215749033-445842302-415398914-1001 - Administrator - Enabled) => C:\Users\justc
WDAGUtilityAccount (S-1-5-21-2215749033-445842302-415398914-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {F4F8BE4F-D893-2EB2-F208-1A2FF1A396CA}
FW: Bitdefender Firewall (Enabled) {CCC33F6A-92FC-2FEA-D957-B31A0F70D1B1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Amazon Music (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Amazon Amazon Music) (Version: 9.4.3.2420 - Amazon.com Services LLC)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.259 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 27.0.20.105 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 26.0.2.1 - Bitdefender)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version:  - )
CPUID CPU-Z 2.08 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.08 - CPUID, Inc.)
DiskCheckup (HKLM-x32\...\DiskCheckup_is1) (Version: 3.5.1004.0 - PassMark Software)
FileZilla 3.65.0 (HKLM-x32\...\FileZilla Client) (Version: 3.65.0 - Tim Kosse)
Gmail (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\ec710934cdfffbee268692b010a82ad8) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.132 - Google LLC)
Google Drive (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\b4857df16d6bf9d14b9f21735bbf7cef) (Version: 1.0 - Google\Chrome)
iPool version 2.3.02 (01) (HKLM-x32\...\{BE5FCCBF-5CBB-487E-AC94-882028E1448C}_is1) (Version: 2.3.02 (01) - Stratician)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Messenger (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 197.0.521392868 - Facebook, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Sheets (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\fcad59d48b6d7f9ac4f8bbdef83897fc) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\8b71f6b19323d84d678abe6631527c30) (Version: 1.0 - Google\Chrome)
Verizon Cloud (HKLM\...\{048202BC-F4E7-4AB2-A130-EC887A3C9675}) (Version: 23.9.0.17 - Verizon Wireless)
YouTube (HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\254b4d2813518435f94a19dffc5552cc) (Version: 1.0 - Google\Chrome)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-20] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2309.1001.0_x64__8wekyb3d8bbwe [2023-09-25] (Microsoft Corporation) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.920.900_x64__8wekyb3d8bbwe [2023-10-01] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-19] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-09-28] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2215749033-445842302-415398914-1001_Classes\CLSID\{00654f73-86a8-425c-b3a0-038200133493} -> [Verizon Cloud] => C:\Users\justc\Verizon Cloud [2023-10-02 15:50]
CustomCLSID: HKU\S-1-5-21-2215749033-445842302-415398914-1001_Classes\CLSID\{84ff2f8e-2440-1caf-3148-f3d0fdd19ec8}\localserver32 -> C:\Program Files\Verizon Cloud\Verizon Cloud.exe (Verizon Data Services LLC -> Verizon)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SncrOverlays (Cloud)] -> {DC39D95E-101B-4B3B-BF18-D1B4D6584A79} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Paused)] -> {DC20B35F-DF4A-4783-B48E-7EB2496E5858} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon Cloud\Sncr.Cloud.Windows.Extensions.dll [2023-08-25] (Verizon Data Services LLC -> Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2023-09-17 22:57 - 2010-08-23 09:09 - 000019456 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.DLL
2023-09-17 22:56 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2023-10-01 18:55 - 2020-04-02 12:15 - 002266624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtCore4.dll
2023-10-01 18:55 - 2020-04-02 12:25 - 006267392 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtGui4.dll
2023-10-01 18:55 - 2020-04-02 12:16 - 000802816 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\justc\AppData\Local\Amazon Music\QtNetwork4.dll
2023-06-20 13:00 - 2023-06-20 13:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\justc\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (2).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (3).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (4).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe:BDU [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-2215749033-445842302-415398914-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2023-09-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2023-09-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-09-28 13:11 - 2023-10-02 15:44 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2215749033-445842302-415398914-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\justc\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\FB_IMG_1695310969664.jpg
DNS Servers: 206.225.75.225 - 206.225.75.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\StartupApproved\Run: => "com.messenger"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

02-10-2023 02:24:05 KpRm

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/02/2023 03:44:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (10/02/2023 03:43:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d830346-3ced-4167-82d9-58a850152846}

Error: (10/02/2023 02:49:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 25.9.2023.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3f60

Start Time: 01d9f560eef7a8f5

Termination Time: 4294967295

Application Path: C:\Users\justc\Desktop\FRST64.exe

Report Id: 94c81d2e-c485-48af-92ef-216ae6f9a9a8

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/02/2023 02:47:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 25.9.2023.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3b94

Start Time: 01d9f560d7522c40

Termination Time: 4294967295

Application Path: C:\Users\justc\Desktop\FRST64.exe

Report Id: 33c12e90-3db2-4427-a0e5-a7c62d700d5b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/02/2023 12:48:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x3650
Faulting application start time: 0x01d9f54fcc2328ed
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 780b34e3-b393-4f31-8b6f-905028b53de9
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 12:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x2934
Faulting application start time: 0x01d9f54f0f0cd3f2
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 0128cbe3-2d0d-458d-818e-c1a2e9b6ea22
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 12:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: snookerq.exe, version: 0.0.0.0, time stamp: 0x650f5faf
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x2ce8
Faulting application start time: 0x01d9f54ab367fccc
Faulting application path: C:\Program Files (x86)\SnookerQ\snookerq.exe
Faulting module path: C:\Program Files (x86)\SnookerQ\OpenAL32.dll
Report Id: 7b9a846f-a71d-4d7e-89d7-ce2c2f6e21b9
Faulting package full name:
Faulting package-relative application ID:

Error: (10/02/2023 11:44:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 6.16.0.10662 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4598

Start Time: 01d9f54715f17fd8

Termination Time: 4294967295

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: ce3a7024-a81f-44e3-867c-0bf1221114ae

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle


System errors:
=============
Error: (10/02/2023 03:43:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AfVpnService service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/02/2023 03:43:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/02/2023 03:43:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Bitdefender Agent RedLine Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (10/02/2023 03:43:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Waves Audio Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/02/2023 03:43:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Verizon Cloud Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/02/2023 03:43:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ProductAgentService service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/02/2023 03:43:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/02/2023 03:43:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AtherosSvc service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
================
Date: 2023-09-26 23:38:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Users\justc\Downloads\AutoLogger.zip; file:_C:\Users\justc\Desktop\AutoLogger.exe; file:_C:\Users\justc\Downloads\AutoLogger.zip->AutoLogger.exe; webfile:_C:\Users\justc\Downloads\AutoLogger.zip|https://tools.safezone.cc/drongo/AutoLogger/AutoLogger.zip|pid:11360,ProcessStart:133402595159320135
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:38:05
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:38:05
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\RuntimeBroker.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:37:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\justc\Desktop\AutoLogger.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

Date: 2023-09-26 23:37:51
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0[/URL]
Name: Trojan:Script/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\justc\Desktop\AutoLogger.exe; process:_pid:8452,ProcessStart:133402593126878071; process:_pid:9684,ProcessStart:133402592130541598
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\justc\Desktop\AutoLogger.exe
Security intelligence Version: AV: 1.397.1626.0, AS: 1.397.1626.0, NIS: 1.397.1626.0
Engine Version: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Event[0]:

Date: 2023-09-26 10:29:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.397.1595.0
Previous security intelligence Version: 1.397.1128.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.23080.2005
Previous Engine Version: 1.1.23080.2005
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2023-09-26 10:29:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.397.1595.0
Previous security intelligence Version: 1.397.1128.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.23080.2005
Previous Engine Version: 1.1.23080.2005
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2023-09-26 10:26:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1128.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2023-09-26 10:26:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1128.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2023-10-02 15:48:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\266693960119962704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-10-02 15:47:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\266693960119962704\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 4.3.0 08/10/2016
Motherboard: Dell Inc. 03PYWR
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 41%
Total physical RAM: 15297.18 MB
Available physical RAM: 8897.68 MB
Total Virtual: 17601.18 MB
Available Virtual: 10510.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.65 GB) (Free:874.71 GB) (Model: WD Blue SA510 2.5 1000GB) NTFS
Drive e: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{856a1e7d-aa4b-48b9-9ea4-b0bba75d5bc8}\ () (Fixed) (Total:0.75 GB) (Free:0.28 GB) NTFS
\\?\Volume{29ef0c2e-dd39-4f66-9048-d5dd6009a5c3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Malnutrition · Oct 3, 2023

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

start::
CreateRestorePoint:
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3242272 2023-09-27] (Google LLC -> Google LLC)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
C:\ProgramData\ProductData
C:\ProgramData\360Quarant
C:\Program Files (x86)\360
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ShortcutWithArgument: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
AlternateDataStreams: C:\Users\justc\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (2).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (3).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (4).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe:BDU [0]
emptytemp:
Reboot:
End::

jUstcAllmEdOc · Oct 3, 2023

Malnutrition said:

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

start::
CreateRestorePoint:
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3242272 2023-09-27] (Google LLC -> Google LLC)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
C:\ProgramData\ProductData
C:\ProgramData\360Quarant
C:\Program Files (x86)\360
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ShortcutWithArgument: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
AlternateDataStreams: C:\Users\justc\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (2).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (3).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (4).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe:BDU [0]
emptytemp:
Reboot:
End::

Again, no where to attach.
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by justc (03-10-2023 08:22:11) Run:1
Running from C:\Users\justc\Desktop
Loaded Profiles: justc
Boot Mode: Normal
==============================================

fixlist content:
*****************
start::
CreateRestorePoint:
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2215749033-445842302-415398914-1001\...\Run: [GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3242272 2023-09-27] (Google LLC -> Google LLC)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
2023-10-01 18:51 - 2023-10-02 01:05 - 000000000 ____D C:\ProgramData\IObit
2023-10-01 18:51 - 2023-10-01 23:41 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IObit
2023-10-01 18:50 - 2023-10-01 23:41 - 000000000 ____D C:\Program Files (x86)\IObit
2023-10-01 18:50 - 2023-10-01 19:13 - 000000000 ____D C:\Users\justc\AppData\Roaming\IObit
C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
C:\ProgramData\ProductData
C:\ProgramData\360Quarant
C:\Program Files (x86)\360
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ShortcutWithArgument: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
AlternateDataStreams: C:\Users\justc\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (2).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (3).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\mwav (4).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe:BDU [0]
emptytemp:
Reboot:
End::
*****************

Restore point was successfully created.
"HKU\S-1-5-21-2215749033-445842302-415398914-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A" => removed successfully
"HKU\S-1-5-21-2215749033-445842302-415398914-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B364DB4262BB88E80B8C959641DD7ACE" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz154 => removed successfully
cpuz154 => service removed successfully
HKLM\System\CurrentControlSet\Services\AscFileFilter => removed successfully
AscFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => removed successfully
AscRegistryFilter => service removed successfully

"C:\ProgramData\IObit" folder move:

Could not move "C:\ProgramData\IObit" => Scheduled to move on reboot.

"C:\Users\justc\AppData\LocalLow\IObit" folder move:

Could not move "C:\Users\justc\AppData\LocalLow\IObit" => Scheduled to move on reboot.

"C:\Program Files (x86)\IObit" folder move:

Could not move "C:\Program Files (x86)\IObit" => Scheduled to move on reboot.

"C:\Users\justc\AppData\Roaming\IObit" folder move:

Could not move "C:\Users\justc\AppData\Roaming\IObit" => Scheduled to move on reboot.

"C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}" folder move:

Could not move "C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}" => Scheduled to move on reboot.

"C:\ProgramData\ProductData" folder move:

Could not move "C:\ProgramData\ProductData" => Scheduled to move on reboot.

"C:\ProgramData\360Quarant" folder move:

Could not move "C:\ProgramData\360Quarant" => Scheduled to move on reboot.

"C:\Program Files (x86)\360" folder move:

Could not move "C:\Program Files (x86)\360" => Scheduled to move on reboot.

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMP => removed successfully
C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk => Shortcut argument removed successfully
C:\Users\justc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk => Shortcut argument removed successfully
"C:\Users\justc\Desktop\FRST64.exe" => ":BDU" ADS not found.
C:\Users\justc\Downloads\HijackThis (1).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\HijackThis.exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\mwav (1).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\mwav (2).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\mwav (3).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\mwav (4).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710 (1).exe => ":BDU" ADS removed successfully
C:\Users\justc\Downloads\SnookerQSetup-20230923-0.1.710.exe => ":BDU" ADS removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8547112 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2604868 B
Edge => 0 B
Chrome => 334229704 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9648 B
NetworkService => 9648 B
justc => -3068634 B

RecycleBin => 753 B
EmptyTemp: => 329.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-10-2023 08:25:12)

C:\ProgramData\IObit => Is moved successfully
C:\Users\justc\AppData\LocalLow\IObit => Is moved successfully
C:\Program Files (x86)\IObit => Is moved successfully
C:\Users\justc\AppData\Roaming\IObit => Is moved successfully
C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610} => Is moved successfully
C:\ProgramData\ProductData => Is moved successfully
C:\ProgramData\360Quarant => Is moved successfully
C:\Program Files (x86)\360 => Is moved successfully

==== End of Fixlog 08:25:12 ====

Malnutrition · Oct 3, 2023

Any issues to speak of?

jUstcAllmEdOc · Oct 3, 2023

Malnutrition said:
Any issues to speak of?

Seems okay, the cursor still moves randomly, for a few seconds, after coming off sleep or shutdown. But, it's probably a glitch of some type. PC's as snappy as it has been, since I added 1tb ssd awhile back.

Malnutrition · Oct 3, 2023

Might just need a new mouse, there is no malware.

We will clean all the tools we used...

Download KpRM
Save to Desktop
Check Delete Tools'
Check Delete Restore points.
Create Restore point.
Click delete quarantines.
Then click run.

I suggest:
Ublock Origin
O&O Shutup Ten
O&O App Buster

Malnutrition · Oct 3, 2023

You happy to call this solved then?

jUstcAllmEdOc · Oct 3, 2023

Malnutrition said:
Might just need a new mouse, there is no malware.

We will clean all the tools we used...

Download KpRM
Save to Desktop
Check Delete Tools'
Check Delete Restore points.
Create Restore point.
Click delete quarantines.
Then click run.

I suggest:
Ublock Origin
O&O Shutup Ten
O&O App Buster

Ok, ty for all your time. Very much appreciated. have a great day.

Malnutrition · Oct 3, 2023

Marked as solved.

And here are a couple more tools you can use to scan whenever.

Dr web cure it.
Emsisioft emergency kit.

https://free.drweb.com/cureit/

Emsisoft - Emergency Kit: Free Portable Malware Scan and Removal

Emsisoft Emergency Kit is the ultimate free anti-malware and antivirus tool to scan, detect and remove viruses, keyloggers and other malware threats.

www.emsisoft.com

Malnutrition

Malnurished Admin

jUstcAllmEdOc

Malnutrition

Malnurished Admin

jUstcAllmEdOc

Malnutrition

Malnurished Admin

jUstcAllmEdOc

jUstcAllmEdOc

Malnutrition

Malnurished Admin

jUstcAllmEdOc

Malnutrition

Malnurished Admin

jUstcAllmEdOc

Malnutrition

Malnurished Admin

Malnutrition

Malnurished Admin

jUstcAllmEdOc

Malnutrition

Malnurished Admin

Emsisoft - Emergency Kit: Free Portable Malware Scan and Removal

Search

Search

Solved Am I Infected?

We value your privacy