| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im TaskbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.05.2023, 07:14
| #1 |
 |  Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Wie im Titel beschrieben, ich habe gemerkt, das wenn ich mein Start Menü aufmache, wird einen Icon sichtbar namen "App Explorer", da ich dumm bin und dachte dass es etwas automatisch mit dem Acer Laptop installiert wurde, habe ich drauf geklickt. Was dann passiert ist, ein File Explorer Fenster aufmachte wo C:\Windows\System32 Folder auftauchte und im Taskbar plötzlich eine neue Icon erscheinte, namens "Pokki". Was mich wundert ist, ich habe Malwarebytes bezahlte Version ganze zeit installiert auf meinem Rechner, scan durchgeführt, keine Beschwerden whatsoever. Für jede hilfe wäre ich sehr dankbar! Hier sind meine log files: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-05-2023
Ran by pFramework (administrator) on LAPTOP-PPRL8U8T (Acer Aspire VN7-592G) (04-05-2023 08:00:25)
Running from C:\Users\pFramework\Downloads\FRST64.exe
Loaded Profiles: pFramework
Platform: Microsoft Windows 10 Home Version 21H2 19044.2846 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe ->) (Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(explorer.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\pFramework\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxEM.exe
(Intel(R) Software Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (David Carpenter -> ) C:\Program Files\Everything\Everything.exe <2>
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxCUIService.exe
(services.exe ->) (Intel(R) Smart Sound Technology -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16704512 2016-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1471488 2016-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1859936 2016-01-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [629248 2015-11-13] () [File not signed]
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [64864 2015-09-01] (Acer Incorporated -> Acer Incorporated)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel(R) Software Products -> Intel Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Run: [f.lux] => C:\Users\pFramework\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel(R) Software Products -> Intel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.63\Installer\chrmstp.exe [2023-05-03] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0395FDBD-1BE1-4D1D-9714-9EEB0A5CFBB2} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {134D0AD7-410B-4DE6-9CCC-74A203FED35C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {19C5C4BD-F90D-46D2-B38C-015FF285CFF3} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2766240 2016-03-10] (Acer Incorporated -> Acer Incorporated)
Task: {27F5A967-FD59-4CC6-830B-41F870AFECFF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {2A63B5CE-850D-4C9C-B935-01C4145A7F19} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DC811B9-6C84-4D51-BB29-59789BEFBB06} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {2EE516ED-39C8-45CD-9B48-55A1E88E789E} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {316F3713-617A-458C-93C5-37C7F8C6EF2D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {346B6755-C4B1-419C-8CC6-C31FFC37D045} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5249688 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {66FC75DD-3097-4C27-ABA9-581D26C4F73A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {6926C9EE-B6D6-48EA-802C-58E8FA943447} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-28] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6A9A52E2-AFD0-446C-8DD3-A82A9E42D9E1} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {7922684A-22EC-4011-8D00-A39D8E9F4B31} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [421792 2016-03-10] (Acer Incorporated -> Acer Incorporated)
Task: {8C94F510-819D-4CAE-911C-672D292451E3} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {8E4F1074-6926-4A14-8064-9BE252765221} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8F06D709-444C-4E10-8294-58F3ACC1BFAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {900E89CC-B16D-4228-8139-B224AFA746DC} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-01-20] (Acer Incorporated -> )
Task: {906CB5A9-53CA-4F1C-AA7A-981F021F8596} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /promptsetupoffice (No File)
Task: {93C25E00-419D-4136-A487-F5E3CD96E326} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2018-05-28] (Acer Incorporated -> )
Task: {9D56C8FF-C913-4D08-8FFD-264879AF4AF9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F871861-06EA-40CD-AA63-86F5BEAE0170} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-04-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB79698D-960C-4EAF-BCBE-978CC921379B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1831064 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {ADC6B5B5-704B-40FF-8CC2-B2BB32B095F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {C3095AAE-8077-4DC2-8B5C-2FD284704555} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-01-20] (Acer Incorporated -> Acer Incorporated)
Task: {C4CA6AA6-6F03-4F27-A1CE-7868D9716CEF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {CA3361EC-D630-412F-8158-0372B74F3330} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAE6A3C0-938F-4169-8992-7048518FEB90} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {E7934BDC-E434-4413-B114-7CF6596BE63B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [64864 2015-09-01] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{05004525-b0b0-4ada-8c17-46c76686a06b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1aaf088e-4132-4970-8cfb-315d61a2cb06}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97f1c026-3a90-4f67-8ca2-484d0d6e73e5}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\pFramework\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-22]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: pupjjm2v.default-1541776576795
FF ProfilePath: C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795 [2023-05-04]
FF Notifications: Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795 -> hxxps://kanbanflow.com; hxxps://calendar.google.com; hxxps://www.chess.com; hxxps://cloud.bruckner.cc; hxxps://kiwiirc.com; hxxps://mail.protonmail.com; hxxps://bumble.com; hxxps://lichess.org; hxxps://www.lieferando.at
FF Extension: (Facebook Container) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\@contain-facebook.xpi [2022-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\ciscowebexstart1@cisco.com.xpi [2022-07-24]
FF Extension: (German dictionary (de_AT)) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\de_AT@dicts.j3e.de.xpi [2023-04-17]
FF Extension: (uBlock Origin) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\uBlock0@raymondhill.net.xpi [2023-05-04]
FF Extension: (Image Block X) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{0035bf10-3f36-4d60-b92d-08c1a8b060a6}.xpi [2020-12-01]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-03-14]
FF Extension: (Open image in a new tab) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{7276f3bb-de56-4b5a-b940-88b62731d409}.xpi [2020-12-26]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2306182556-4118131229-1320853839-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\pFramework\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-10] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default [2023-04-16]
CHR Notifications: Default -> hxxps://tinder.com
CHR Extension: (Google Docs Offline) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-16]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-08-31] (Acer Incorporated -> Acer Incorporated)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] (Dolby Laboratories, Inc. -> )
R2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14288 2021-09-12] (Microsoft Corporation -> Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-23] (Malwarebytes Inc. -> Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-10] (Acer Incorporated -> Acer Incorporated)
R2 RealSenseDCMSR300; C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe [3891440 2016-07-05] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-05-01] (Malwarebytes Inc. -> Malwarebytes)
R3 nika6audio; C:\WINDOWS\System32\Drivers\nika6audio.sys [375720 2015-09-10] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 nika6usb; C:\WINDOWS\system32\DRIVERS\nika6usb.sys [93536 2015-09-10] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 niks2m3dfu; C:\WINDOWS\System32\drivers\niks2m3dfu.sys [40472 2018-09-18] (Native Instruments GmbH -> Native Instruments GmbH)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 TASCAM_US122144; C:\WINDOWS\System32\Drivers\tascusb2.sys [409664 2010-06-18] (Ploytec GmbH -> TASCAM)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [223000 2018-11-08] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [138432 2017-10-16] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-04 08:00 - 2023-05-04 08:01 - 000027211 _____ C:\Users\pFramework\Downloads\FRST.txt
2023-05-04 07:59 - 2023-05-04 08:00 - 000000000 ____D C:\FRST
2023-05-04 07:59 - 2023-05-04 07:59 - 002382848 _____ (Farbar) C:\Users\pFramework\Downloads\FRST64.exe
2023-05-02 19:12 - 2023-05-02 19:12 - 074920656 _____ (Obsidian) C:\Users\pFramework\Downloads\Obsidian.1.2.7.exe
2023-05-01 09:09 - 2023-05-01 09:09 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-04-29 11:01 - 2023-04-29 11:01 - 000000134 _____ C:\Users\pFramework\Downloads\AAC128.pls
2023-04-28 21:40 - 2023-04-28 21:40 - 000000033 _____ C:\Users\pFramework\Desktop\I LIKE TO PROGRAM IN THE EVENING.txt
2023-04-28 19:34 - 2023-04-28 19:34 - 022199671 _____ C:\Users\pFramework\Downloads\SAFe Product Owner_Product Manager Workbook (6.0).pdf
2023-04-23 19:59 - 2023-05-03 21:11 - 000000000 ____D C:\Users\pFramework\AppData\Local\Malwarebytes
2023-04-22 23:34 - 2023-04-22 23:34 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-2.pdf
2023-04-22 22:21 - 2023-04-22 22:21 - 000099060 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432796600-1.pdf
2023-04-22 10:30 - 2023-04-22 10:30 - 005152699 _____ C:\Users\pFramework\Downloads\Philosophize This! - The Podcast Transcripts by Stephen West - Final.pdf
2023-04-22 10:01 - 2023-04-22 10:01 - 000099060 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432796600.pdf
2023-04-21 10:17 - 2023-04-21 10:17 - 000099049 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432799100.pdf
2023-04-19 10:12 - 2023-04-19 10:12 - 000099059 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432789500.pdf
2023-04-17 10:12 - 2023-04-17 10:12 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1-2.pdf
2023-04-17 09:47 - 2023-04-17 09:47 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1-1.pdf
2023-04-17 04:06 - 2023-04-17 09:34 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1.pdf
2023-04-17 03:58 - 2023-04-17 03:58 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200.pdf
2023-04-11 21:53 - 2023-04-11 21:53 - 000000000 ___HD C:\$WinREAgent
2023-04-07 11:41 - 2023-04-07 11:41 - 001256848 _____ C:\Users\pFramework\Downloads\659704E7.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-04 07:55 - 2019-03-21 02:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-04 07:52 - 2022-01-22 22:38 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\obsidian
2023-05-04 07:52 - 2021-04-17 16:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-04 07:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-03 23:23 - 2018-12-04 23:37 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Everything
2023-05-03 23:13 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-03 21:39 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-03 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-03 21:12 - 2023-01-17 10:02 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-03 21:12 - 2020-06-09 22:18 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-03 08:31 - 2020-03-25 16:10 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-03 08:31 - 2020-03-25 16:10 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-02 19:12 - 2022-01-22 22:39 - 000000000 ____D C:\Users\pFramework\Documents\pframework
2023-05-02 19:10 - 2021-04-17 16:37 - 001757410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-02 19:10 - 2021-04-17 15:17 - 000774144 _____ C:\WINDOWS\system32\perfh019.dat
2023-05-02 19:10 - 2021-04-17 15:17 - 000152908 _____ C:\WINDOWS\system32\perfc019.dat
2023-05-02 19:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-02 19:04 - 2021-04-17 15:50 - 000000000 ____D C:\Users\pFramework
2023-05-02 19:04 - 2018-11-09 17:04 - 000000000 __SHD C:\Users\pFramework\IntelGraphicsProfiles
2023-05-02 19:03 - 2021-04-17 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-02 19:03 - 2021-04-17 16:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-02 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-05-02 19:03 - 2018-11-09 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-01 23:24 - 2021-01-11 23:27 - 000000000 ____D C:\Users\pFramework\AppData\Local\Spotify
2023-05-01 20:15 - 2021-01-11 23:26 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Spotify
2023-05-01 18:23 - 2018-11-10 02:19 - 000000000 ____D C:\Users\pFramework\.VirtualBox
2023-05-01 16:32 - 2019-02-01 20:36 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Signal
2023-05-01 09:08 - 2022-03-05 11:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-01 09:08 - 2018-11-09 17:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-01 01:14 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-01 01:14 - 2018-12-15 20:21 - 000000000 ____D C:\Users\pFramework\AppData\Local\Everything
2023-04-29 23:50 - 2019-01-18 11:37 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\foobar2000
2023-04-29 15:59 - 2018-11-11 00:42 - 000003286 _____ C:\Users\pFramework\AppData\Roaming\ConEmu.xml
2023-04-29 11:22 - 2020-11-19 20:26 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\vlc
2023-04-29 00:53 - 2018-11-09 23:45 - 000000996 _____ C:\Users\Public\Desktop\ConEmu (x64).lnk
2023-04-29 00:53 - 2018-11-09 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConEmu
2023-04-29 00:53 - 2018-11-09 23:45 - 000000000 ____D C:\Program Files\ConEmu
2023-04-28 21:44 - 2019-01-18 18:45 - 000000881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2023-04-28 21:44 - 2019-01-18 18:45 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Notepad++
2023-04-28 12:47 - 2018-11-09 17:16 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-25 00:05 - 2021-04-17 16:33 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-25 00:05 - 2021-04-17 16:33 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-21 19:11 - 2018-11-09 21:38 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-16 23:52 - 2018-11-09 17:16 - 000000000 ____D C:\Users\pFramework\AppData\LocalLow\Mozilla
2023-04-15 09:19 - 2018-11-09 16:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-13 13:08 - 2022-10-13 22:18 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-04-13 13:08 - 2022-10-13 22:18 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-04-12 08:18 - 2021-04-17 16:24 - 000463456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-12 00:14 - 2021-04-17 15:07 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-11 22:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-11 22:01 - 2021-04-17 16:25 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-11 21:52 - 2018-11-10 01:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-11 21:49 - 2018-11-10 01:08 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-10 15:22 - 2019-02-01 17:10 - 000000000 ____D C:\Users\pFramework\Documents\Image-Line
2023-04-10 11:26 - 2021-04-17 16:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-06 09:03 - 2021-04-17 16:33 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-06 09:03 - 2021-04-17 16:33 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2018-11-11 00:42 - 2023-04-29 15:59 - 000003286 _____ () C:\Users\pFramework\AppData\Roaming\ConEmu.xml
2021-07-30 05:47 - 2021-07-30 05:47 - 000003584 _____ () C:\Users\pFramework\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-12-18 19:00 - 2021-12-18 19:06 - 000000128 _____ () C:\Users\pFramework\AppData\Local\PUTTY.RND
2019-07-14 02:57 - 2022-02-06 05:08 - 000007599 _____ () C:\Users\pFramework\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2023
Ran by pFramework (04-05-2023 08:01:43)
Running from C:\Users\pFramework\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2846 (X64) (2021-04-17 14:33:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2306182556-4118131229-1320853839-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2306182556-4118131229-1320853839-503 - Limited - Disabled)
Guest (S-1-5-21-2306182556-4118131229-1320853839-501 - Limited - Disabled)
pFramework (S-1-5-21-2306182556-4118131229-1320853839-1001 - Administrator - Enabled) => C:\Users\pFramework
WDAGUtilityAccount (S-1-5-21-2306182556-4118131229-1320853839-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
Ableton Live 10 Suite (HKLM\...\{3AFBB4AE-59CA-414C-8264-BA833986EE54}) (Version: 10.0.0.0 - Ableton)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3003 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.001.20143 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.10.2002.1 - Acer Incorporated)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{6B1CA233-E631-B665-98E5-0F50F6E5567B}) (Version: 10.1.22000.194 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
BabasChess (HKLM-x32\...\{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312}) (Version: 3.9.12275 - RRaf)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ConEmu 221218.x64 (HKLM\...\{185976B2-0DC5-44A4-A764-660810ABE996}) (Version: 11.221.2180 - ConEmu-Maximus5)
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.5.3.31 - Dolby Laboratories, Inc.)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3013 - Acer Incorporated)
Edison (HKLM-x32\...\Edison) (Version: - Image-Line)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
f.lux (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Flux) (Version: - f.lux Software LLC)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
foobar2000 v1.4.1 (HKLM-x32\...\foobar2000) (Version: 1.4.1 - Peter Pawlowski)
Git (HKLM\...\Git_is1) (Version: 2.34.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\GitHubDesktop) (Version: 2.9.12 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.63 - Google LLC)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7EEC6C54-5441-472A-8792-A5185CC17DF1}) (Version: 11.0.0.1169 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{846DE3C3-F079-4E2D-AE25-74D2B62B1D9F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{D622E3AC-0583-4CEC-9455-8B9139C7B4A2}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) RealSense(TM) Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.32 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{96CDD845-6C53-4DFB-B26F-A711FA439E1E}) (Version: 30.100.1519.07 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera ACPI driver (HKLM\...\{E5C644CF-EB52-11E5-99FA-2C44FD873B55}) (Version: 1.4.35.12599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): dptf_com (HKLM\...\{244F1EC0-42CE-11E6-867B-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): dptf_com (HKLM\...\{DDC3F200-EB52-11E5-9911-2C44FD873B55}) (Version: 2.3.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): Intel® RealSense™ 3D camera ACPI driver (HKLM\...\{168D8B51-42CE-11E6-9DA6-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{1699722E-42CE-11E6-B0D9-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{DCE15A30-EB52-11E5-911B-2C44FD873B55}) (Version: 2.3.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ 3D camera SR300 IO module (HKLM\...\{1C53D0CF-42CE-11E6-B3F3-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ 3D camera SR300 IO module (HKLM\...\{D78D858F-EB52-11E5-8799-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Source Provider (HKLM\...\{192DD8B0-42CE-11E6-84DD-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Source Provider (HKLM\...\{DAA525CF-EB52-11E5-8085-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Virtual Driver (HKLM\...\{1B67C321-42CE-11E6-B787-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera Virtual Bus Enumerator (HKLM\...\{2046B5E1-42CE-11E6-ADBD-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Depth Camera Manager Service (HKLM\...\{1699722E-42CE-11E6-BC68-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Depth Camera Manager Service (HKLM\...\{D78D858F-EB52-11E5-921B-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{1F644521-42CE-11E6-B7B9-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{DBFA2E80-EB52-11E5-A1A0-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{19A0498F-42CE-11E6-B1BB-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{D78D858F-EB52-11E5-9A19-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{61955A92-F53E-41AC-BD4A-19E2C1BFE1EE}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Core (HKLM-x32\...\{2753F08D-D7B1-4EA8-8281-9195852470CE}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Core (HKLM-x32\...\{CF126854-F66E-44E1-B3AA-FFD788B81C7F}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Dummy Core (HKLM-x32\...\{418491FB-C405-444A-A8CC-DD1CFD9D6528}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): User Notification Tool files and components (HKLM-x32\...\{177C65C8-34ED-4A13-B1CE-7527D5E496BE}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_core_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_core_v4_4.0.2.171617) (Version: 4.0.2.171617 - Intel Corporation)
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.2.26.6137) (Version: 3.2.26.6137 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
IrfanView 4.52 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.52 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.64 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30139 (HKLM\...\{A6BCA173-4218-4099-B36C-E12B3EE27B5D}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30139 (HKLM-x32\...\{3521C75E-6E25-47A6-9831-17EE6AAF01E2}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.66.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.63.5026 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{19C24049-4283-4867-90F7-CE1E06FE02B8}) (Version: 2.11.47.9733 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{03C7AB0B-BE45-43A6-8BB4-6B002B0B3270}) (Version: 2.11.47.9733 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 112.0.2 (x64 en-US)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{62E2BF70-2E1C-3975-31BA-25CDFFE6C448}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.3.1.406 - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.7.3.89 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.11.3.17 - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.0.1.14 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Obsidian (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 0.13.19 - Obsidian)
OpenOffice 4.1.7 (HKLM-x32\...\{A09D951F-4BA3-4383-97B3-D1B91835E779}) (Version: 4.17.9800 - Apache Software Foundation)
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Oracle VM VirtualBox 5.2.22 (HKLM\...\{85307853-1C18-4D00-AA0B-B561502BD7C0}) (Version: 5.2.22 - Oracle Corporation)
PyCharm Community Edition 2021.2.3 (HKLM-x32\...\PyCharm Community Edition 2021.2.3) (Version: 212.5457.59 - JetBrains s.r.o.)
Python 3.7.3 (32-bit) (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\{24ac8299-2abd-4ddd-8be3-031debb6093c}) (Version: 3.7.3150.0 - Python Software Foundation)
Python 3.7.3 Add to Path (32-bit) (HKLM-x32\...\{2DB1318D-E51C-419B-99D5-D15F7120BD09}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32\...\{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Development Libraries (32-bit) (HKLM-x32\...\{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Documentation (32-bit) (HKLM-x32\...\{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Executables (32-bit) (HKLM-x32\...\{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32\...\{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Standard Library (32-bit) (HKLM-x32\...\{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Test Suite (32-bit) (HKLM-x32\...\{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32\...\{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A28C27E4-A725-482A-9C65-61EDC0E4D583}) (Version: 3.7.6657.0 - Python Software Foundation)
QtSpim (HKLM-x32\...\{BF588941-3A73-421F-A619-CDABFF1ACBC7}) (Version: 9.1.20 - LarusStone)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10198 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version: - )
Rustup: the Rust toolchain installer (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Rustup) (Version: - )
SDK ARM Additions (HKLM-x32\...\{FE5E643B-E807-0503-3942-8B39D2ACA459}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{B50306AF-46B0-1C20-0DCD-F5630AD9935B}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{9D1A6B62-D3A1-C5C0-19B7-ED6329496784}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Signal 6.16.0 (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.16.0 - Signal Messenger, LLC)
Skype version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Spotify) (Version: 1.2.10.760.g52970952 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunderbolt(TM) Software (HKLM-x32\...\{B0E8A8CA-5A40-49C3-BE5E-9076664DB9AA}) (Version: 15.3.39.250 - Intel Corporation)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{CD47E25E-765D-DA92-EAF2-239DF75A5F0A}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{2EBC2F45-171A-8693-8A8D-902698C9309E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{BF1AD352-AF3B-2F11-583B-5F78359447F3}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{96C1C470-4078-7825-7C00-EA9467ADD303}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BB834924-45F6-9FBC-B802-05125C45F5ED}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{99FAD9E3-4997-95BE-E074-A8C0D16C5C57}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{09184AC0-ACEE-44D5-95F2-05EE6D27A5E8}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2019 (HKLM-x32\...\0f8025d2) (Version: 16.11.11 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{3751D1CF-9A44-43D2-B4BB-80FA6E7925A8}) (Version: 16.10.31213 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0916C6E1-6A0A-4887-9E00-D96FD44AFACE}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
V-Station 2.3 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.3 - Novation)
V-Station 2.6 (HKLM\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.6 - Novation)
Warzone 2100-4.0.1 (HKLM\...\Warzone 2100-4.0.1) (Version: 4.0.1 - Warzone 2100 Project)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.08 - Intel)
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{7A61ADCC-6FEA-3F77-BBA1-40348287BE1A}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{44B36ADE-2488-53DA-7F68-79E7405D6FA4}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{7A362C1E-DDAF-072E-A39D-39FF0DA115A1}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{4E89C5D3-3C9B-8289-3C4B-25463DB3A064}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{A5FA04AB-A369-2E08-B5C1-C7BAD82C9B38}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{B4A7994D-DBA1-8B4D-621A-03EE52CF838A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{D3B54AAA-2B64-5DE2-EA64-9900152E5282}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{39EDCC7D-7B63-5D99-C053-C8CDF02DC5ED}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{699180FA-06A2-0B6B-0DBA-EF5D85E720BA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{A34A6580-86EF-A26A-33A5-80E1919B7F75}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{084094EF-6AC9-480A-7CC1-04199047BBDD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{9DA29C3D-9E36-AC22-59C8-FFCF413DC068}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{9FA6A574-84C6-05AD-FB4D-1B673FDC50D6}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{3CEE8EB6-538E-DDA2-51A5-842ECE6CE1E8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{497B2D49-F5C2-CA3B-05FF-22ABF39F2873}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{8040F75E-CA6D-64AE-CE5E-A0943545482C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows IP Over USB (HKLM-x32\...\{8E78B421-D58E-C1E0-37F4-6D012DE26890}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{30AD20A4-1FFF-2632-4555-EFAF9D8A32CD}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{718C25EB-084C-6341-1C3E-589DA641C28F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DE05A4B4-7A6B-2ED1-B95E-6C5145CBD3CA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{0F1BAEE0-25AF-B83E-5D48-2FFCC68ECEEA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{154EEEB2-18D9-4FD5-EDE1-6D0B318FAC53}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{7A9E937D-9757-80CB-A6E3-F4AB6081AEA6}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows SDK (HKLM-x32\...\{9A378A57-CBEF-50B1-519C-C149B11A7290}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{FEA4198C-9496-4E35-B7F9-4730F13CE67C}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{20C00582-BD18-B599-CF98-61011567D747}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK ARM Desktop Tools (HKLM-x32\...\{39F1449E-B949-E5FE-CE44-064130C74F02}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK ARM Desktop Tools (HKLM-x32\...\{940042ED-CB90-8E03-BE68-DF8A76E661FD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{3DC4086C-B365-3DE4-878B-659DEB72904E}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{4BD2B107-B0D3-850C-7135-ACA153D30C78}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{78A593A3-BB3C-CCB9-2001-0C1BCFFAA42F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{452ABC9E-731E-71B2-8824-C5B2595370AF}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{C88797F9-0AD8-E022-5BBB-596BC78D4C76}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{EEDD4C6A-884C-6E3B-1E1E-47751EDC344C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{3511AC83-8494-1F8D-EC4C-525E1BF03857}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{6A96DEED-D0D8-6DD0-21BD-7D8F60714854}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C81D239D-863A-D4B4-3562-BC8D3D7C271E}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{3D5981B5-ABF0-1495-7FC3-102D1C75B9C8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{43B97408-EC80-6EE0-F6C2-40A444C16A8F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{86ADBBAE-77AE-FA26-7C17-802AE28AC316}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{2AC29D7B-F29F-34FA-4434-C5DF1F086264}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{71B5C92E-6053-EBB4-2568-F678C3552FA7}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{995DDD4F-928C-4EBA-9702-E7CD3F6A7A9D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{166BCCDD-48C1-8103-A7E7-0F3DE471223D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{9555AB64-6A00-776F-CA44-568E0E7B9632}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{B01759A2-7C09-6B7E-C38D-6F1105D4C682}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{170B023D-7C1B-2EF4-D3E9-B974A26752AC}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{54140689-B7DB-B9CF-537D-8FEB279410F9}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{5AAC125C-9E7D-5B5F-7484-3B64585AFE6B}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{224A2C9B-5304-BA73-072A-FED79CD1B7E4}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{238F56B7-7D14-F8EB-3F4D-8CFF18C19E2B}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7DD1F495-F1BF-6A30-620F-AC064DD302D8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{06E580FA-F3B2-08E9-4DC0-0AB55D985CBB}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{2E6C6299-BF5F-379D-55F2-8FD3367F5918}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{92BE26E2-3C1C-E7E6-DABB-723167A56336}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{155F6D7E-7739-DA9E-E385-E55E1CAE92EC}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{795E8F11-37DE-611E-921E-7D70BE09BF7B}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{F9BDEC71-9E56-CFBF-0AE8-E7AF032D07C7}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{1C966E96-8553-EF1E-A06F-A8174B3CAA60}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{540ADDB0-7A37-9B99-3568-FD1EA33D3B38}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{D9B8930E-E709-8F45-3A72-A862365AC0BC}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{193BDD23-87A7-389F-0C6A-68782ACB9684}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{6C305B4D-9289-EE9C-68DC-E499CEAB5773}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{5F56BF12-0818-B58A-5862-939784E12F8B}) (Version: 10.1.18362.1 - Microsoft Corporations) Hidden
Windows SDK EULA (HKLM-x32\...\{A50A075D-973C-1867-4228-738205D555C8}) (Version: 10.1.19041.685 - Microsoft Corporations) Hidden
Windows SDK EULA (HKLM-x32\...\{CB77D354-EF20-C5E8-9DC4-8AB9ED0EB990}) (Version: 10.1.22000.194 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{2D296649-CFBE-CF23-EA8E-E24554187B3F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{A5EF45C5-FA27-7E8F-1AE8-E3D39BAC779E}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{D14BCE14-F9BD-52CB-3E02-6BDA6F9D73BB}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{EDB04798-19BE-70E0-87EA-BFEE60BB6A4C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{2A8533B3-8D16-67E4-E729-5BB04EDD2FE4}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{C13D21F1-E9A3-FB93-18C4-B905FB47F122}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{FF9284BA-F21A-A314-A805-1A8D598D8858}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{0E2FEA3B-C853-DE2A-8A04-BB7D5BF010E0}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{8F21D4CD-9CB4-2648-EECC-60147DE7B32D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{B81315F5-A888-8D8A-E3C3-8B619A83D2B0}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{65E9398F-77A0-8681-026C-8CF092A71F11}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{8E9DD3FE-3338-8012-81C5-F3AA9B617BAE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{AFE744EA-5F8D-B009-4837-0E8C002F8B1F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{12ED94FA-ADBD-CC88-D3B4-D8226FC25810}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{1FBBD022-F751-FE7B-54DF-9FED23892B2F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{217E19C8-ACC0-C7ED-AB69-A30F3F96C625}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{2CFB2180-7C20-5470-4B8A-747512A6AB70}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{5FAF2ED2-CA24-0313-8CAF-C28DEE421200}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A7BAA72A-6A71-E0D9-6A24-2D591710959E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{1046B6ED-F966-5852-BEAA-C1EFF2720370}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{4AC6C7FB-D848-9D68-DCB0-1376083FEA3A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{A5174AE6-3704-EE0A-BEFF-21BC5275BA02}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{CEDD7BE6-97B5-9AE8-57C0-B390E0C4328F}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{D73BC31B-E6F3-BC8C-6F5A-8695A9F6E95F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{FF7D4409-CF59-34AE-BDC7-8A6146A9BA36}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{EEB786DE-05E3-62A6-44F6-D4692ACFA2D5}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{21514D7D-4124-E52E-8483-727380B855D7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{28837060-345A-67F9-78B6-BAABD4EA2278}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{FC5A59F8-6BEE-FBB4-C720-47C565A92798}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{BE83BDDF-6F6F-515F-4DF1-28F2352791F1}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{4CA7ABF1-DB68-0F9E-5AD9-58550198D0AC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{5248A17E-7E26-E32B-BEE1-D6B5322B658D}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{B62A26BB-90A0-82FB-2DDC-3157ADF07833}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.22000.194 (HKLM-x32\...\{1b45a8b2-a411-45ca-b322-d15ee6904559}) (Version: 10.1.22000.194 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{6EEDDD9D-BF7B-8229-92B4-89DFCF7481ED}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Team Extension SDK (HKLM-x32\...\{802E9CE7-413C-61A3-6699-896B587BA172}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Team Extension SDK (HKLM-x32\...\{CE7E4A6A-45A2-2968-4B34-D0D4CFCC0E1D}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5D60A4EF-6EDF-AAF4-F0F0-49FDD40176B8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F616EBF-DF09-A2DA-AB66-3A5341FA611C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{CC764523-CB6B-E329-223D-88941C9111EA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BAC94E25-2596-D023-62C5-3D156740293E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{81F2558C-62AF-D282-5E2D-23BCD5CAE40D}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{F9B97C20-1142-B9F6-13E6-5942FA6C2513}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{C9846E81-92F2-ED84-BE9C-74EC0286C905}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{AF8C6EE9-0285-D6F1-FCCC-E5F4E6F41F05}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{37BA566C-6B6C-B959-ADE9-5A56AAACA14C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{C9FDDDB2-8BBF-84A5-30F4-F78DE34EBB1C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{928D8F53-5675-F04A-5849-B583C7AB2240}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BBA772A8-7490-A5EE-295C-18B3E3185199}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WPT Redistributables (HKLM-x32\...\{40FA9688-629A-0BBA-3366-0A0D256F937C}) (Version: 10.1.22000.194 - Microsoft) Hidden
WPTx64 (DesktopEditions) (HKLM-x32\...\{95C34E32-1730-3A74-7A5C-67C969054758}) (Version: 10.1.22000.194 - Microsoft) Hidden
WPTx64 (OnecoreUAP) (HKLM-x32\...\{67820CB6-57A6-6F04-F64F-D56C383D702B}) (Version: 10.1.22000.194 - Microsoft) Hidden
X-Prog 4600 version 1.0 (HKLM-x32\...\X-Prog 4600_is1) (Version: 1.0 - G-Sonique)
Zoom (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-02-01 17:15 - 2018-12-30 09:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-09-11 23:51 - 2021-09-11 23:51 - 000279552 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2016-08-20 20:07 - 2016-01-23 04:54 - 001186352 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pFramework\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{13330717-A959-4786-B95A-4A8673EC2166}C:\users\pFramework\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pFramework\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2576982C-83A6-4BFA-848D-DDF68B23C85C}C:\users\pFramework\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pFramework\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD652D78-41A7-4019-B067-4B4877E1BDD2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5696ED2-236E-4867-AEAD-E7F325464B1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{73A597CC-E09D-45AE-AF8F-20033E4C7590}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D4186C92-69F5-4BED-9F3F-B42A7D5F29DF}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{C17056D4-F4AD-4E19-BF70-140FB3D7E421}C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe] => (Allow) C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe (Team Shinkansen) [File not signed]
FirewallRules: [TCP Query User{8BA17AED-D4F2-49F1-83FF-D54C1EA03242}C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe] => (Allow) C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe (Team Shinkansen) [File not signed]
FirewallRules: [{5977329B-E0A6-4881-8125-BDE4BC5FB900}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BBA2738-BE98-4983-8AA3-75161C059B9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EE24CB71-A39F-4C3E-9BBD-BA522AF68DE5}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{DCB5392B-1A84-421D-B4B5-9021DB38FD65}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{B62F40CB-7929-48F0-A97A-04DC4649F608}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D6E30277-C4C7-4D45-8534-4C1DF5397D14}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{26F3FB84-E6AD-4FD6-9B89-9600B78C0207}C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{514EA3F2-1119-4888-B2D3-ABFBD4362216}C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{32C25CCD-5056-4EBD-A810-2EC46D6BEF97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
FirewallRules: [{3E7E8EE2-6993-4394-BDE7-8AE0589C873C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
FirewallRules: [TCP Query User{D2E12B24-BF39-45AA-8769-90AA6C69BE9F}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{8617C8B3-390C-4F27-B609-B3D0D479135D}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [TCP Query User{CD8BB1B2-CEC9-4FAF-AE99-8A57ACD54140}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [UDP Query User{75F6BEEF-A658-4450-B5C4-858B9B3AE6E1}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [{656EFC77-842F-4157-B156-EC47CC7ED79F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{36D54879-CBAA-430B-B8BD-0DCED8822937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{E676610E-7882-4BAD-8614-01C9F7697808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trailer Park Boys Greasy Money\game.exe () [File not signed]
FirewallRules: [{2174F96E-DEB4-49BE-A9D7-F3824AB18769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trailer Park Boys Greasy Money\game.exe () [File not signed]
FirewallRules: [TCP Query User{F03F9268-E098-41BC-BCC2-749A04A581F0}C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3834B47-9D90-4FDF-A59D-8BDCA3B85B53}C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{B3D137BC-BEF4-4F64-83B7-62AAD8ABC953}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.64\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64E288B5-1D65-494C-A738-AA273AA3AD71}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2023 21:53:03 Windows Modules Installer
19-04-2023 16:52:01 Scheduled Checkpoint
28-04-2023 20:50:49 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/04/2023 07:56:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01a23790
Faulting process ID: 0x3cc0
Faulting application start time: 0x01d97e4d2e214aa0
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: cd36b9df-8338-4c68-aa61-4301c224c8de
Faulting package full name:
Faulting package-relative application ID:
Error: (05/04/2023 07:56:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/03/2023 09:16:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x016b3790
Faulting process ID: 0x3190
Faulting application start time: 0x01d97df3b30cd070
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 76d4c8f2-0dde-4b40-afb1-f60ebb4c8744
Faulting package full name:
Faulting package-relative application ID:
Error: (05/03/2023 09:16:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/03/2023 09:15:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00a43790
Faulting process ID: 0x6b0
Faulting application start time: 0x01d97df3b0ede489
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 4de8ed67-8a0d-40dc-bf2e-51124503c721
Faulting package full name:
Faulting package-relative application ID:
Error: (05/03/2023 09:15:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/03/2023 08:33:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01a33790
Faulting process ID: 0x3a90
Faulting application start time: 0x01d97d89314d3806
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 448ef004-7f93-43dc-9b93-ef20671b7c9e
Faulting package full name:
Faulting package-relative application ID:
Error: (05/03/2023 08:33:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
System errors:
=============
Error: (05/02/2023 07:03:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:53:57 on 02/05/2023 was unexpected.
Error: (04/28/2023 12:47:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.
Error: (04/24/2023 06:51:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:37:45 on 24/04/2023 was unexpected.
Error: (04/18/2023 10:45:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.
Error: (04/17/2023 03:53:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.
Error: (04/15/2023 01:12:45 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (04/13/2023 01:08:44 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PPRL8U8T)
Description: The server {D0582E3B-3126-4CAA-9155-AC37C912A489} did not register with DCOM within the required timeout.
Error: (04/13/2023 01:06:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Language Experience Service service terminated with the following error:
Language Experience Service is not a valid Win32 application.
Windows Defender:
================
Date: 2023-05-03 23:21:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2023-04-06 01:02:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.1443.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x8007045b
Error description: A system shutdown is in progress.
Date: 2023-03-29 01:06:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.642.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x8007045b
Error description: A system shutdown is in progress.
Date: 2023-03-21 01:35:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.385.50.0;1.385.50.0
Engine Version: 1.1.20100.6
Date: 2023-03-21 01:35:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.385.198.0;1.385.198.0
Engine Version: 1.1.20100.6
Date: 2023-03-14 00:17:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1133.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.
CodeIntegrity:
===============
Date: 2023-04-23 19:59:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-04-16 13:33:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 06/28/2016
Motherboard: Acer Aspire VN7-592G
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 36%
Total physical RAM: 16247.66 MB
Available physical RAM: 10340.99 MB
Total Virtual: 18679.66 MB
Available Virtual: 12433.7 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:476.02 GB) (Free:149.53 GB) (Model: SAMSUNG MZNLN512HCJH-00000) NTFS
Drive d: (Data) (Fixed) (Total:1863.02 GB) (Free:932.27 GB) (Model: ST2000LM003 HN-M201RAD) NTFS
\\?\Volume{71be9587-8339-46e1-bbd0-2a47694bf0fb}\ () (Fixed) (Total:0.8 GB) (Free:0.28 GB) NTFS
\\?\Volume{32fe2cca-8cfd-4666-bf84-397a2087b4bc}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5F045474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 5F045466)
Partition: GPT.
==================== End of Addition.txt =======================
|
|
04.05.2023, 08:22
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Störende, veraltete oder unnötige Programme deinstallieren
__________________Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ |
|
04.05.2023, 20:30
| #3 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar done. danke.
__________________ist es okay wenn ich vm virtualbox update und nicht deinstalliere? weil des brauche ich eigentlich die "app explorer" ikone ist noch immer präsent. Geändert von cosinus (04.05.2023 um 21:23 Uhr) Grund: Vollzitat entfernt |
|
04.05.2023, 21:23
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Ja Virtualbox muss aktualisiert werden wenn du das weiterhin nutzen willst. adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.05.2023, 22:28
| #5 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar danke, ja wurde was gefunden! hier den log Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-04-2023
# Duration: 00:00:02
# OS: Windows 10 (Build 19044.2846)
# Cleaned: 15
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Vladimir\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\Vladimir\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\HostAppService.exe
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3350 octets] - [04/05/2023 23:21:24]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Geändert von cosinus (04.05.2023 um 22:29 Uhr) Grund: Vollzitat entfernt |
|
04.05.2023, 22:30
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Bitte keine Vollzitate mehr! Was sollst du tun, wenn adwCleaner fündig wurde?
__________________ --> Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar |
|
05.05.2023, 00:02
| #7 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Also, ich hab zwei mal den adwCleaner durgeführt, nur das zweite log war mir unklar ob dabei sein soll. Sorry. Hier ist es: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-04-2023
# Duration: 00:00:07
# OS: Windows 10 (Build 19044.2846)
# Scanned: 32092
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
AdwCleaner[S00].txt - [3350 octets] - [04/05/2023 23:21:24]
AdwCleaner[C00].txt - [2724 octets] - [04/05/2023 23:23:37]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Geändert von pFramework (05.05.2023 um 00:22 Uhr) |
|
05.05.2023, 00:07
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Was soll das? Wieso schon wieder ein Vollzitat unten? Bitte meine Postings richtig lesen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2023, 00:17
| #9 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Es waren zwei Sätze in die vorletzte Nachricht von dir. Wollte definitiv kein ärger auslösen, meine Antwort hat sich auf deine ganze Nachricht bezogen, deswegen habe ich sie ganz zitiert, um den Konversation Thread nicht zu verlieren. Oder meinst du unten "vollzitat" das Zitieren-Feature von Forum überhaupt nicht verwenden egal ob nur teile zitiert werden? Tut mir leid, im jeden Fall, war nicht absichtlich, ich habe etwas falsch verstanden. Geändert von pFramework (05.05.2023 um 00:25 Uhr) |
|
05.05.2023, 01:05
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Was ist denn an "Vollzitat" nicht zu verstehen? Es ist einfach unsinnig, den kompletten Beitrag unter deinem als AW nochmal hinzuklatschen. Das bläht alles unnötig auf. Wenn dann zitiert man passagenweise. Bitte noch die vorinstallierten OEM/ACER Krempel deinstallieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2023, 06:59
| #11 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Getan. Hier die logs. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-05-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19044.2846)
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3350 octets] - [04/05/2023 23:21:24]
AdwCleaner[C00].txt - [2724 octets] - [04/05/2023 23:23:37]
AdwCleaner[S01].txt - [2082 octets] - [04/05/2023 23:27:11]
AdwCleaner[S02].txt - [2143 octets] - [05/05/2023 07:54:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-05-2023
# Duration: 00:00:07
# OS: Windows 10 (Build 19044.2846)
# Scanned: 32087
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [3350 octets] - [04/05/2023 23:21:24]
AdwCleaner[C00].txt - [2724 octets] - [04/05/2023 23:23:37]
AdwCleaner[S01].txt - [2082 octets] - [04/05/2023 23:27:11]
AdwCleaner[S02].txt - [2143 octets] - [05/05/2023 07:54:40]
AdwCleaner[C02].txt - [2396 octets] - [05/05/2023 07:55:48]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
|
|
05.05.2023, 08:09
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Dann jetzt neue FRST-Logs (FRST.txt und Addition.txt).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.05.2023, 12:18
| #13 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Hier die Logs. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-05-2023
Ran by pFramework (administrator) on LAPTOP-PPRL8U8T (Acer Aspire VN7-592G) (06-05-2023 13:13:12)
Running from C:\Users\pFramework\Downloads\FRST64.exe
Loaded Profiles: pFramework
Platform: Microsoft Windows 10 Home Version 21H2 19044.2846 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Users\pFramework\Downloads\adwcleaner.exe ->) (Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(explorer.exe ->) (David Carpenter -> ) C:\Program Files\Everything\Everything.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Software Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Users\pFramework\Downloads\adwcleaner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Smart Sound Technology -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16704512 2016-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1471488 2016-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1859936 2016-01-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [629248 2015-11-13] () [File not signed]
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel(R) Software Products -> Intel Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Run: [f.lux] => C:\Users\pFramework\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel(R) Software Products -> Intel Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {27F5A967-FD59-4CC6-830B-41F870AFECFF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {2A63B5CE-850D-4C9C-B935-01C4145A7F19} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DC811B9-6C84-4D51-BB29-59789BEFBB06} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {316F3713-617A-458C-93C5-37C7F8C6EF2D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {346B6755-C4B1-419C-8CC6-C31FFC37D045} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5249688 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {66FC75DD-3097-4C27-ABA9-581D26C4F73A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {6926C9EE-B6D6-48EA-802C-58E8FA943447} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-28] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8C94F510-819D-4CAE-911C-672D292451E3} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {8E4F1074-6926-4A14-8064-9BE252765221} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [363160 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8F06D709-444C-4E10-8294-58F3ACC1BFAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {906CB5A9-53CA-4F1C-AA7A-981F021F8596} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /promptsetupoffice (No File)
Task: {9D56C8FF-C913-4D08-8FFD-264879AF4AF9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F871861-06EA-40CD-AA63-86F5BEAE0170} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-04-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB79698D-960C-4EAF-BCBE-978CC921379B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1831064 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {ADC6B5B5-704B-40FF-8CC2-B2BB32B095F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-21] (Google Inc -> Google Inc.)
Task: {C3095AAE-8077-4DC2-8B5C-2FD284704555} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-01-20] (Acer Incorporated -> Acer Incorporated)
Task: {CA3361EC-D630-412F-8158-0372B74F3330} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAE6A3C0-938F-4169-8992-7048518FEB90} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {E7934BDC-E434-4413-B114-7CF6596BE63B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{05004525-b0b0-4ada-8c17-46c76686a06b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1aaf088e-4132-4970-8cfb-315d61a2cb06}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97f1c026-3a90-4f67-8ca2-484d0d6e73e5}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\pFramework\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-04]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: pupjjm2v.default-1541776576795
FF ProfilePath: C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795 [2023-05-06]
FF Notifications: Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795 -> hxxps://kanbanflow.com; hxxps://calendar.google.com; hxxps://www.chess.com; hxxps://cloud.bruckner.cc; hxxps://kiwiirc.com; hxxps://mail.protonmail.com; hxxps://bumble.com; hxxps://lichess.org; hxxps://www.lieferando.at
FF Extension: (Facebook Container) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\@contain-facebook.xpi [2022-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\ciscowebexstart1@cisco.com.xpi [2022-07-24]
FF Extension: (German dictionary (de_AT)) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\de_AT@dicts.j3e.de.xpi [2023-04-17]
FF Extension: (uBlock Origin) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\uBlock0@raymondhill.net.xpi [2023-05-04]
FF Extension: (Image Block X) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{0035bf10-3f36-4d60-b92d-08c1a8b060a6}.xpi [2020-12-01]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-03-14]
FF Extension: (Open image in a new tab) - C:\Users\pFramework\AppData\Roaming\Mozilla\Firefox\Profiles\pupjjm2v.default-1541776576795\Extensions\{7276f3bb-de56-4b5a-b940-88b62731d409}.xpi [2020-12-26]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin HKU\S-1-5-21-2306182556-4118131229-1320853839-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\pFramework\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-10] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default [2023-04-16]
CHR Notifications: Default -> hxxps://tinder.com
CHR Extension: (Google Docs Offline) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-16]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pFramework\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] (Dolby Laboratories, Inc. -> )
S2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] (David Carpenter -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14288 2021-09-12] (Microsoft Corporation -> Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-23] (Malwarebytes Inc. -> Malwarebytes)
R2 RealSenseDCMSR300; C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe [3891440 2016-07-05] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [805224 2023-04-17] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-05-05] (Malwarebytes Inc. -> Malwarebytes)
R3 nika6audio; C:\WINDOWS\System32\Drivers\nika6audio.sys [375720 2015-09-10] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 nika6usb; C:\WINDOWS\system32\DRIVERS\nika6usb.sys [93536 2015-09-10] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 niks2m3dfu; C:\WINDOWS\System32\drivers\niks2m3dfu.sys [40472 2018-09-18] (Native Instruments GmbH -> Native Instruments GmbH)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 TASCAM_US122144; C:\WINDOWS\System32\Drivers\tascusb2.sys [409664 2010-06-18] (Ploytec GmbH -> TASCAM)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [254664 2023-04-17] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265536 2023-04-17] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1061440 2023-04-17] (Oracle Corporation -> Oracle and/or its affiliates)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [138432 2017-10-16] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-05 07:50 - 2023-05-05 07:50 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-05-04 23:21 - 2023-05-04 23:23 - 000000000 ____D C:\AdwCleaner
2023-05-04 23:20 - 2023-05-04 23:21 - 008791352 _____ (Malwarebytes) C:\Users\pFramework\Downloads\adwcleaner.exe
2023-05-04 21:28 - 2023-05-04 21:28 - 000001153 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2023-05-04 21:28 - 2023-05-04 21:28 - 000000000 ____D C:\ProgramData\VirtualBox
2023-05-04 21:28 - 2023-05-04 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2023-05-04 21:28 - 2023-05-04 21:28 - 000000000 ____D C:\Program Files\Oracle
2023-05-04 21:28 - 2023-04-17 10:59 - 001061440 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxSup.sys
2023-05-04 21:27 - 2023-05-04 21:27 - 110628872 _____ (Oracle and/or its affiliates) C:\Users\pFramework\Downloads\VirtualBox-7.0.8-156879-Win.exe
2023-05-04 21:22 - 2023-05-04 21:22 - 000000337 _____ C:\UBT_UninstallLog.txt
2023-05-04 08:01 - 2023-05-04 08:12 - 000075873 _____ C:\Users\pFramework\Downloads\Addition.txt
2023-05-04 08:00 - 2023-05-06 13:13 - 000020872 _____ C:\Users\pFramework\Downloads\FRST.txt
2023-05-04 07:59 - 2023-05-06 13:13 - 000000000 ____D C:\FRST
2023-05-04 07:59 - 2023-05-04 07:59 - 002382848 _____ (Farbar) C:\Users\pFramework\Downloads\FRST64.exe
2023-05-02 19:12 - 2023-05-02 19:12 - 074920656 _____ (Obsidian) C:\Users\pFramework\Downloads\Obsidian.1.2.7.exe
2023-04-29 11:01 - 2023-04-29 11:01 - 000000134 _____ C:\Users\pFramework\Downloads\AAC128.pls
2023-04-28 21:40 - 2023-04-28 21:40 - 000000033 _____ C:\Users\pFramework\Desktop\I LIKE TO PROGRAM IN THE EVENING.txt
2023-04-28 19:34 - 2023-04-28 19:34 - 022199671 _____ C:\Users\pFramework\Downloads\SAFe Product Owner_Product Manager Workbook (6.0).pdf
2023-04-23 19:59 - 2023-05-06 13:11 - 000000000 ____D C:\Users\pFramework\AppData\Local\Malwarebytes
2023-04-22 23:34 - 2023-04-22 23:34 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-2.pdf
2023-04-22 22:21 - 2023-04-22 22:21 - 000099060 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432796600-1.pdf
2023-04-22 10:30 - 2023-04-22 10:30 - 005152699 _____ C:\Users\pFramework\Downloads\Philosophize This! - The Podcast Transcripts by Stephen West - Final.pdf
2023-04-22 10:01 - 2023-04-22 10:01 - 000099060 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432796600.pdf
2023-04-21 10:17 - 2023-04-21 10:17 - 000099049 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432799100.pdf
2023-04-19 10:12 - 2023-04-19 10:12 - 000099059 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432789500.pdf
2023-04-17 10:59 - 2023-04-17 10:59 - 000265536 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2023-04-17 10:59 - 2023-04-17 10:59 - 000254664 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2023-04-17 10:12 - 2023-04-17 10:12 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1-2.pdf
2023-04-17 09:47 - 2023-04-17 09:47 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1-1.pdf
2023-04-17 04:06 - 2023-04-17 09:34 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200-1.pdf
2023-04-17 03:58 - 2023-04-17 03:58 - 000099044 _____ C:\Users\pFramework\Downloads\pFramework_pFramework_725432843200.pdf
2023-04-11 21:53 - 2023-04-11 21:53 - 000000000 ___HD C:\$WinREAgent
2023-04-07 11:41 - 2023-04-07 11:41 - 001256848 _____ C:\Users\pFramework\Downloads\659704E7.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-06 13:13 - 2018-12-04 23:37 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Everything
2023-05-06 13:11 - 2021-04-17 16:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-06 13:11 - 2019-03-21 02:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-05 08:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-05 08:28 - 2020-11-19 20:26 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\vlc
2023-05-05 07:55 - 2021-04-17 16:37 - 001757410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-05 07:55 - 2021-04-17 15:17 - 000774144 _____ C:\WINDOWS\system32\perfh019.dat
2023-05-05 07:55 - 2021-04-17 15:17 - 000152908 _____ C:\WINDOWS\system32\perfc019.dat
2023-05-05 07:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-05 07:55 - 2018-11-09 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-05 07:55 - 2016-04-01 21:35 - 000000000 ____D C:\ProgramData\Acer
2023-05-05 07:55 - 2016-04-01 21:35 - 000000000 ____D C:\Program Files (x86)\Acer
2023-05-05 07:53 - 2018-11-09 17:04 - 000000000 __SHD C:\Users\pFramework\IntelGraphicsProfiles
2023-05-05 07:50 - 2021-04-17 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-05 07:50 - 2021-04-17 16:24 - 000434168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-05 07:50 - 2021-04-17 16:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-05 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-05-05 02:27 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-05 02:27 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-05 02:26 - 2021-04-17 15:50 - 000000000 ____D C:\Users\pFramework
2023-05-05 01:27 - 2021-01-11 23:27 - 000000000 ____D C:\Users\pFramework\AppData\Local\Spotify
2023-05-05 01:26 - 2021-01-11 23:26 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Spotify
2023-05-04 23:21 - 2018-11-10 02:19 - 000000000 ____D C:\Users\pFramework\.VirtualBox
2023-05-04 21:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-04 21:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-04 21:26 - 2019-02-24 05:55 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\IrfanView
2023-05-04 21:26 - 2019-02-24 05:55 - 000000000 ____D C:\Program Files (x86)\IrfanView
2023-05-04 21:22 - 2016-04-01 21:35 - 000000000 ____D C:\ProgramData\OEM
2023-05-04 21:22 - 2016-04-01 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2023-05-04 21:21 - 2018-11-09 16:36 - 000000000 ___HD C:\OEM
2023-05-04 07:52 - 2022-01-22 22:38 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\obsidian
2023-05-03 21:12 - 2023-01-17 10:02 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-03 21:12 - 2020-06-09 22:18 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-02 19:12 - 2022-01-22 22:39 - 000000000 ____D C:\Users\pFramework\Documents\pframework
2023-05-01 16:32 - 2019-02-01 20:36 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Signal
2023-05-01 09:08 - 2022-03-05 11:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-01 09:08 - 2018-11-09 17:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-01 01:14 - 2018-12-15 20:21 - 000000000 ____D C:\Users\pFramework\AppData\Local\Everything
2023-04-29 23:50 - 2019-01-18 11:37 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\foobar2000
2023-04-29 15:59 - 2018-11-11 00:42 - 000003286 _____ C:\Users\pFramework\AppData\Roaming\ConEmu.xml
2023-04-29 00:53 - 2018-11-09 23:45 - 000000996 _____ C:\Users\Public\Desktop\ConEmu (x64).lnk
2023-04-29 00:53 - 2018-11-09 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConEmu
2023-04-29 00:53 - 2018-11-09 23:45 - 000000000 ____D C:\Program Files\ConEmu
2023-04-28 21:44 - 2019-01-18 18:45 - 000000881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2023-04-28 21:44 - 2019-01-18 18:45 - 000000000 ____D C:\Users\pFramework\AppData\Roaming\Notepad++
2023-04-28 12:47 - 2018-11-09 17:16 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-25 00:05 - 2021-04-17 16:33 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-25 00:05 - 2021-04-17 16:33 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-21 19:11 - 2018-11-09 21:38 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-17 10:59 - 2018-11-10 02:19 - 000204224 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2023-04-16 23:52 - 2018-11-09 17:16 - 000000000 ____D C:\Users\pFramework\AppData\LocalLow\Mozilla
2023-04-15 09:19 - 2018-11-09 16:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-12 00:14 - 2021-04-17 15:07 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-12 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-11 22:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-11 22:01 - 2021-04-17 16:25 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-11 21:52 - 2018-11-10 01:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-11 21:49 - 2018-11-10 01:08 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-10 15:22 - 2019-02-01 17:10 - 000000000 ____D C:\Users\pFramework\Documents\Image-Line
2023-04-06 09:03 - 2021-04-17 16:33 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-06 09:03 - 2021-04-17 16:33 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2018-11-11 00:42 - 2023-04-29 15:59 - 000003286 _____ () C:\Users\pFramework\AppData\Roaming\ConEmu.xml
2021-07-30 05:47 - 2021-07-30 05:47 - 000003584 _____ () C:\Users\pFramework\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-12-18 19:00 - 2021-12-18 19:06 - 000000128 _____ () C:\Users\pFramework\AppData\Local\PUTTY.RND
2019-07-14 02:57 - 2022-02-06 05:08 - 000007599 _____ () C:\Users\pFramework\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2023
Ran by pFramework (06-05-2023 13:14:31)
Running from C:\Users\pFramework\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2846 (X64) (2021-04-17 14:33:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2306182556-4118131229-1320853839-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2306182556-4118131229-1320853839-503 - Limited - Disabled)
Guest (S-1-5-21-2306182556-4118131229-1320853839-501 - Limited - Disabled)
pFramework (S-1-5-21-2306182556-4118131229-1320853839-1001 - Administrator - Enabled) => C:\Users\pFramework
WDAGUtilityAccount (S-1-5-21-2306182556-4118131229-1320853839-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ableton Live 10 Suite (HKLM\...\{3AFBB4AE-59CA-414C-8264-BA833986EE54}) (Version: 10.0.0.0 - Ableton)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{6B1CA233-E631-B665-98E5-0F50F6E5567B}) (Version: 10.1.22000.194 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BabasChess (HKLM-x32\...\{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312}) (Version: 3.9.12275 - RRaf)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ConEmu 221218.x64 (HKLM\...\{185976B2-0DC5-44A4-A764-660810ABE996}) (Version: 11.221.2180 - ConEmu-Maximus5)
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.5.3.31 - Dolby Laboratories, Inc.)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3013 - Acer Incorporated)
Edison (HKLM-x32\...\Edison) (Version: - Image-Line)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
f.lux (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Flux) (Version: - f.lux Software LLC)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
foobar2000 v1.4.1 (HKLM-x32\...\foobar2000) (Version: 1.4.1 - Peter Pawlowski)
Git (HKLM\...\Git_is1) (Version: 2.34.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\GitHubDesktop) (Version: 2.9.12 - GitHub, Inc.)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7EEC6C54-5441-472A-8792-A5185CC17DF1}) (Version: 11.0.0.1169 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{846DE3C3-F079-4E2D-AE25-74D2B62B1D9F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{D622E3AC-0583-4CEC-9455-8B9139C7B4A2}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) RealSense(TM) Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.32 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{96CDD845-6C53-4DFB-B26F-A711FA439E1E}) (Version: 30.100.1519.07 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x64): Intel® RealSense™ 3D camera ACPI driver (HKLM\...\{E5C644CF-EB52-11E5-99FA-2C44FD873B55}) (Version: 1.4.35.12599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): dptf_com (HKLM\...\{244F1EC0-42CE-11E6-867B-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): dptf_com (HKLM\...\{DDC3F200-EB52-11E5-9911-2C44FD873B55}) (Version: 2.3.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x64): Intel® RealSense™ 3D camera ACPI driver (HKLM\...\{168D8B51-42CE-11E6-9DA6-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{1699722E-42CE-11E6-B0D9-2C44FD873B55}) (Version: 2.3.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{DCE15A30-EB52-11E5-911B-2C44FD873B55}) (Version: 2.3.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ 3D camera SR300 IO module (HKLM\...\{1C53D0CF-42CE-11E6-B3F3-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ 3D camera SR300 IO module (HKLM\...\{D78D858F-EB52-11E5-8799-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Source Provider (HKLM\...\{192DD8B0-42CE-11E6-84DD-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Source Provider (HKLM\...\{DAA525CF-EB52-11E5-8085-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera SR300 Virtual Driver (HKLM\...\{1B67C321-42CE-11E6-B787-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Camera Virtual Bus Enumerator (HKLM\...\{2046B5E1-42CE-11E6-ADBD-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Depth Camera Manager Service (HKLM\...\{1699722E-42CE-11E6-BC68-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x64): Intel® RealSense™ Depth Camera Manager Service (HKLM\...\{D78D858F-EB52-11E5-921B-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{1F644521-42CE-11E6-B7B9-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{DBFA2E80-EB52-11E5-A1A0-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{19A0498F-42CE-11E6-B1BB-2C44FD873B55}) (Version: 3.2.26.6137 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{D78D858F-EB52-11E5-9A19-2C44FD873B55}) (Version: 3.1.25.2599 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{61955A92-F53E-41AC-BD4A-19E2C1BFE1EE}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Core (HKLM-x32\...\{2753F08D-D7B1-4EA8-8281-9195852470CE}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Core (HKLM-x32\...\{CF126854-F66E-44E1-B3AA-FFD788B81C7F}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): Dummy Core (HKLM-x32\...\{418491FB-C405-444A-A8CC-DD1CFD9D6528}) (Version: 4.0.2.51617 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x86): User Notification Tool files and components (HKLM-x32\...\{177C65C8-34ED-4A13-B1CE-7527D5E496BE}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_core_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_core_v4_4.0.2.171617) (Version: 4.0.2.171617 - Intel Corporation)
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.2.26.6137) (Version: 3.2.26.6137 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.68 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30139 (HKLM\...\{A6BCA173-4218-4099-B36C-E12B3EE27B5D}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30139 (HKLM-x32\...\{3521C75E-6E25-47A6-9831-17EE6AAF01E2}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.66.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.63.5026 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{19C24049-4283-4867-90F7-CE1E06FE02B8}) (Version: 2.11.47.9733 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{03C7AB0B-BE45-43A6-8BB4-6B002B0B3270}) (Version: 2.11.47.9733 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 112.0.2 (x64 en-US)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{62E2BF70-2E1C-3975-31BA-25CDFFE6C448}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.3.1.406 - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.7.3.89 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.11.3.17 - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.0.1.14 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Obsidian (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 0.13.19 - Obsidian)
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Oracle VM VirtualBox 7.0.8 (HKLM\...\{2D9D28CD-84DE-4DC7-BAD2-CA5505324049}) (Version: 7.0.8 - Oracle and/or its affiliates)
PyCharm Community Edition 2021.2.3 (HKLM-x32\...\PyCharm Community Edition 2021.2.3) (Version: 212.5457.59 - JetBrains s.r.o.)
Python 3.7.3 (32-bit) (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\{24ac8299-2abd-4ddd-8be3-031debb6093c}) (Version: 3.7.3150.0 - Python Software Foundation)
Python 3.7.3 Add to Path (32-bit) (HKLM-x32\...\{2DB1318D-E51C-419B-99D5-D15F7120BD09}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32\...\{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Development Libraries (32-bit) (HKLM-x32\...\{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Documentation (32-bit) (HKLM-x32\...\{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Executables (32-bit) (HKLM-x32\...\{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32\...\{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Standard Library (32-bit) (HKLM-x32\...\{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Test Suite (32-bit) (HKLM-x32\...\{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32\...\{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A28C27E4-A725-482A-9C65-61EDC0E4D583}) (Version: 3.7.6657.0 - Python Software Foundation)
QtSpim (HKLM-x32\...\{BF588941-3A73-421F-A619-CDABFF1ACBC7}) (Version: 9.1.20 - LarusStone)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10198 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version: - )
Rustup: the Rust toolchain installer (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Rustup) (Version: - )
SDK ARM Additions (HKLM-x32\...\{FE5E643B-E807-0503-3942-8B39D2ACA459}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{B50306AF-46B0-1C20-0DCD-F5630AD9935B}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{9D1A6B62-D3A1-C5C0-19B7-ED6329496784}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Signal 6.16.0 (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.16.0 - Signal Messenger, LLC)
Skype version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\Spotify) (Version: 1.2.10.760.g52970952 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunderbolt(TM) Software (HKLM-x32\...\{B0E8A8CA-5A40-49C3-BE5E-9076664DB9AA}) (Version: 15.3.39.250 - Intel Corporation)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{CD47E25E-765D-DA92-EAF2-239DF75A5F0A}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{2EBC2F45-171A-8693-8A8D-902698C9309E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{BF1AD352-AF3B-2F11-583B-5F78359447F3}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{96C1C470-4078-7825-7C00-EA9467ADD303}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BB834924-45F6-9FBC-B802-05125C45F5ED}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{99FAD9E3-4997-95BE-E074-A8C0D16C5C57}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{09184AC0-ACEE-44D5-95F2-05EE6D27A5E8}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2019 (HKLM-x32\...\0f8025d2) (Version: 16.11.11 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{3751D1CF-9A44-43D2-B4BB-80FA6E7925A8}) (Version: 16.10.31213 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0916C6E1-6A0A-4887-9E00-D96FD44AFACE}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
V-Station 2.3 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.3 - Novation)
V-Station 2.6 (HKLM\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 2.6 - Novation)
Warzone 2100-4.0.1 (HKLM\...\Warzone 2100-4.0.1) (Version: 4.0.1 - Warzone 2100 Project)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.08 - Intel)
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{7A61ADCC-6FEA-3F77-BBA1-40348287BE1A}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{44B36ADE-2488-53DA-7F68-79E7405D6FA4}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{7A362C1E-DDAF-072E-A39D-39FF0DA115A1}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{4E89C5D3-3C9B-8289-3C4B-25463DB3A064}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{A5FA04AB-A369-2E08-B5C1-C7BAD82C9B38}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{B4A7994D-DBA1-8B4D-621A-03EE52CF838A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{D3B54AAA-2B64-5DE2-EA64-9900152E5282}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{39EDCC7D-7B63-5D99-C053-C8CDF02DC5ED}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{699180FA-06A2-0B6B-0DBA-EF5D85E720BA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{A34A6580-86EF-A26A-33A5-80E1919B7F75}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{084094EF-6AC9-480A-7CC1-04199047BBDD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{9DA29C3D-9E36-AC22-59C8-FFCF413DC068}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{9FA6A574-84C6-05AD-FB4D-1B673FDC50D6}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{3CEE8EB6-538E-DDA2-51A5-842ECE6CE1E8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{497B2D49-F5C2-CA3B-05FF-22ABF39F2873}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{8040F75E-CA6D-64AE-CE5E-A0943545482C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows IP Over USB (HKLM-x32\...\{8E78B421-D58E-C1E0-37F4-6D012DE26890}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{30AD20A4-1FFF-2632-4555-EFAF9D8A32CD}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{718C25EB-084C-6341-1C3E-589DA641C28F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DE05A4B4-7A6B-2ED1-B95E-6C5145CBD3CA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{0F1BAEE0-25AF-B83E-5D48-2FFCC68ECEEA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{154EEEB2-18D9-4FD5-EDE1-6D0B318FAC53}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{7A9E937D-9757-80CB-A6E3-F4AB6081AEA6}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows SDK (HKLM-x32\...\{9A378A57-CBEF-50B1-519C-C149B11A7290}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{FEA4198C-9496-4E35-B7F9-4730F13CE67C}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{20C00582-BD18-B599-CF98-61011567D747}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK ARM Desktop Tools (HKLM-x32\...\{39F1449E-B949-E5FE-CE44-064130C74F02}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK ARM Desktop Tools (HKLM-x32\...\{940042ED-CB90-8E03-BE68-DF8A76E661FD}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{3DC4086C-B365-3DE4-878B-659DEB72904E}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{4BD2B107-B0D3-850C-7135-ACA153D30C78}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{78A593A3-BB3C-CCB9-2001-0C1BCFFAA42F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{452ABC9E-731E-71B2-8824-C5B2595370AF}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{C88797F9-0AD8-E022-5BBB-596BC78D4C76}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{EEDD4C6A-884C-6E3B-1E1E-47751EDC344C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{3511AC83-8494-1F8D-EC4C-525E1BF03857}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{6A96DEED-D0D8-6DD0-21BD-7D8F60714854}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C81D239D-863A-D4B4-3562-BC8D3D7C271E}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{3D5981B5-ABF0-1495-7FC3-102D1C75B9C8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{43B97408-EC80-6EE0-F6C2-40A444C16A8F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{86ADBBAE-77AE-FA26-7C17-802AE28AC316}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{2AC29D7B-F29F-34FA-4434-C5DF1F086264}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{71B5C92E-6053-EBB4-2568-F678C3552FA7}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{995DDD4F-928C-4EBA-9702-E7CD3F6A7A9D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{166BCCDD-48C1-8103-A7E7-0F3DE471223D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{9555AB64-6A00-776F-CA44-568E0E7B9632}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{B01759A2-7C09-6B7E-C38D-6F1105D4C682}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{170B023D-7C1B-2EF4-D3E9-B974A26752AC}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{54140689-B7DB-B9CF-537D-8FEB279410F9}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{5AAC125C-9E7D-5B5F-7484-3B64585AFE6B}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{224A2C9B-5304-BA73-072A-FED79CD1B7E4}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{238F56B7-7D14-F8EB-3F4D-8CFF18C19E2B}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7DD1F495-F1BF-6A30-620F-AC064DD302D8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{06E580FA-F3B2-08E9-4DC0-0AB55D985CBB}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{2E6C6299-BF5F-379D-55F2-8FD3367F5918}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{92BE26E2-3C1C-E7E6-DABB-723167A56336}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{155F6D7E-7739-DA9E-E385-E55E1CAE92EC}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{795E8F11-37DE-611E-921E-7D70BE09BF7B}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{F9BDEC71-9E56-CFBF-0AE8-E7AF032D07C7}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{1C966E96-8553-EF1E-A06F-A8174B3CAA60}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{540ADDB0-7A37-9B99-3568-FD1EA33D3B38}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{D9B8930E-E709-8F45-3A72-A862365AC0BC}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{193BDD23-87A7-389F-0C6A-68782ACB9684}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{6C305B4D-9289-EE9C-68DC-E499CEAB5773}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{5F56BF12-0818-B58A-5862-939784E12F8B}) (Version: 10.1.18362.1 - Microsoft Corporations) Hidden
Windows SDK EULA (HKLM-x32\...\{A50A075D-973C-1867-4228-738205D555C8}) (Version: 10.1.19041.685 - Microsoft Corporations) Hidden
Windows SDK EULA (HKLM-x32\...\{CB77D354-EF20-C5E8-9DC4-8AB9ED0EB990}) (Version: 10.1.22000.194 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{2D296649-CFBE-CF23-EA8E-E24554187B3F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{A5EF45C5-FA27-7E8F-1AE8-E3D39BAC779E}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{D14BCE14-F9BD-52CB-3E02-6BDA6F9D73BB}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{EDB04798-19BE-70E0-87EA-BFEE60BB6A4C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{2A8533B3-8D16-67E4-E729-5BB04EDD2FE4}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{C13D21F1-E9A3-FB93-18C4-B905FB47F122}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{FF9284BA-F21A-A314-A805-1A8D598D8858}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{0E2FEA3B-C853-DE2A-8A04-BB7D5BF010E0}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{8F21D4CD-9CB4-2648-EECC-60147DE7B32D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{B81315F5-A888-8D8A-E3C3-8B619A83D2B0}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{65E9398F-77A0-8681-026C-8CF092A71F11}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{8E9DD3FE-3338-8012-81C5-F3AA9B617BAE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{AFE744EA-5F8D-B009-4837-0E8C002F8B1F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{12ED94FA-ADBD-CC88-D3B4-D8226FC25810}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{1FBBD022-F751-FE7B-54DF-9FED23892B2F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{217E19C8-ACC0-C7ED-AB69-A30F3F96C625}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{2CFB2180-7C20-5470-4B8A-747512A6AB70}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{5FAF2ED2-CA24-0313-8CAF-C28DEE421200}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A7BAA72A-6A71-E0D9-6A24-2D591710959E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{1046B6ED-F966-5852-BEAA-C1EFF2720370}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{4AC6C7FB-D848-9D68-DCB0-1376083FEA3A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{A5174AE6-3704-EE0A-BEFF-21BC5275BA02}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{CEDD7BE6-97B5-9AE8-57C0-B390E0C4328F}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{D73BC31B-E6F3-BC8C-6F5A-8695A9F6E95F}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{FF7D4409-CF59-34AE-BDC7-8A6146A9BA36}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{EEB786DE-05E3-62A6-44F6-D4692ACFA2D5}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{21514D7D-4124-E52E-8483-727380B855D7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{28837060-345A-67F9-78B6-BAABD4EA2278}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{FC5A59F8-6BEE-FBB4-C720-47C565A92798}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{BE83BDDF-6F6F-515F-4DF1-28F2352791F1}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{4CA7ABF1-DB68-0F9E-5AD9-58550198D0AC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{5248A17E-7E26-E32B-BEE1-D6B5322B658D}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{B62A26BB-90A0-82FB-2DDC-3157ADF07833}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.22000.194 (HKLM-x32\...\{1b45a8b2-a411-45ca-b322-d15ee6904559}) (Version: 10.1.22000.194 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{6EEDDD9D-BF7B-8229-92B4-89DFCF7481ED}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Team Extension SDK (HKLM-x32\...\{802E9CE7-413C-61A3-6699-896B587BA172}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
Windows Team Extension SDK (HKLM-x32\...\{CE7E4A6A-45A2-2968-4B34-D0D4CFCC0E1D}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5D60A4EF-6EDF-AAF4-F0F0-49FDD40176B8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F616EBF-DF09-A2DA-AB66-3A5341FA611C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{CC764523-CB6B-E329-223D-88941C9111EA}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BAC94E25-2596-D023-62C5-3D156740293E}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{81F2558C-62AF-D282-5E2D-23BCD5CAE40D}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{F9B97C20-1142-B9F6-13E6-5942FA6C2513}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{C9846E81-92F2-ED84-BE9C-74EC0286C905}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{AF8C6EE9-0285-D6F1-FCCC-E5F4E6F41F05}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{37BA566C-6B6C-B959-ADE9-5A56AAACA14C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{C9FDDDB2-8BBF-84A5-30F4-F78DE34EBB1C}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{928D8F53-5675-F04A-5849-B583C7AB2240}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BBA772A8-7490-A5EE-295C-18B3E3185199}) (Version: 10.1.22000.194 - Microsoft Corporation) Hidden
WPT Redistributables (HKLM-x32\...\{40FA9688-629A-0BBA-3366-0A0D256F937C}) (Version: 10.1.22000.194 - Microsoft) Hidden
WPTx64 (DesktopEditions) (HKLM-x32\...\{95C34E32-1730-3A74-7A5C-67C969054758}) (Version: 10.1.22000.194 - Microsoft) Hidden
WPTx64 (OnecoreUAP) (HKLM-x32\...\{67820CB6-57A6-6F04-F64F-D56C383D702B}) (Version: 10.1.22000.194 - Microsoft) Hidden
X-Prog 4600 version 1.0 (HKLM-x32\...\X-Prog 4600_is1) (Version: 1.0 - G-Sonique)
Zoom (HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2306182556-4118131229-1320853839-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\pFramework\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pFramework\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\pFramework\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\pFramework\Downloads\VirtualBox-7.0.8-156879-Win.exe:MBAM.Zone.Identifier [116]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\
HKU\S-1-5-21-2306182556-4118131229-1320853839-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{13330717-A959-4786-B95A-4A8673EC2166}C:\users\pFramework\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pFramework\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2576982C-83A6-4BFA-848D-DDF68B23C85C}C:\users\pFramework\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pFramework\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD652D78-41A7-4019-B067-4B4877E1BDD2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5696ED2-236E-4867-AEAD-E7F325464B1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{73A597CC-E09D-45AE-AF8F-20033E4C7590}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D4186C92-69F5-4BED-9F3F-B42A7D5F29DF}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{C17056D4-F4AD-4E19-BF70-140FB3D7E421}C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe] => (Allow) C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe (Team Shinkansen) [File not signed]
FirewallRules: [TCP Query User{8BA17AED-D4F2-49F1-83FF-D54C1EA03242}C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe] => (Allow) C:\users\pFramework\downloads\hakchi2-ce-3.9.1-portable\hakchi.exe (Team Shinkansen) [File not signed]
FirewallRules: [{5977329B-E0A6-4881-8125-BDE4BC5FB900}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BBA2738-BE98-4983-8AA3-75161C059B9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EE24CB71-A39F-4C3E-9BBD-BA522AF68DE5}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{DCB5392B-1A84-421D-B4B5-9021DB38FD65}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{B62F40CB-7929-48F0-A97A-04DC4649F608}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D6E30277-C4C7-4D45-8534-4C1DF5397D14}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{26F3FB84-E6AD-4FD6-9B89-9600B78C0207}C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{514EA3F2-1119-4888-B2D3-ABFBD4362216}C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.2.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{32C25CCD-5056-4EBD-A810-2EC46D6BEF97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
FirewallRules: [{3E7E8EE2-6993-4394-BDE7-8AE0589C873C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
FirewallRules: [TCP Query User{D2E12B24-BF39-45AA-8769-90AA6C69BE9F}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{8617C8B3-390C-4F27-B609-B3D0D479135D}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [TCP Query User{CD8BB1B2-CEC9-4FAF-AE99-8A57ACD54140}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [UDP Query User{75F6BEEF-A658-4450-B5C4-858B9B3AE6E1}C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mortalkombat_kompleteedition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [{656EFC77-842F-4157-B156-EC47CC7ED79F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{36D54879-CBAA-430B-B8BD-0DCED8822937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{E676610E-7882-4BAD-8614-01C9F7697808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trailer Park Boys Greasy Money\game.exe () [File not signed]
FirewallRules: [{2174F96E-DEB4-49BE-A9D7-F3824AB18769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trailer Park Boys Greasy Money\game.exe () [File not signed]
FirewallRules: [TCP Query User{F03F9268-E098-41BC-BCC2-749A04A581F0}C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3834B47-9D90-4FDF-A59D-8BDCA3B85B53}C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8371CDC7-2A01-487A-A68E-960881B1AD52}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
19-04-2023 16:52:01 Scheduled Checkpoint
28-04-2023 20:50:49 Scheduled Checkpoint
04-05-2023 21:21:27 Removed Acer Configuration Manager
05-05-2023 07:55:34 AdwCleaner_BeforeCleaning_05/05/2023_07:55:33
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/04/2023 09:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01013790
Faulting process ID: 0x844
Faulting application start time: 0x01d97ebd70c04e4c
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 7609455e-ea11-4d85-b6d5-cd9b98763ea2
Faulting package full name:
Faulting package-relative application ID:
Error: (05/04/2023 09:20:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/04/2023 07:56:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01a23790
Faulting process ID: 0x3cc0
Faulting application start time: 0x01d97e4d2e214aa0
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: cd36b9df-8338-4c68-aa61-4301c224c8de
Faulting package full name:
Faulting package-relative application ID:
Error: (05/04/2023 07:56:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/03/2023 09:16:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x016b3790
Faulting process ID: 0x3190
Faulting application start time: 0x01d97df3b30cd070
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 76d4c8f2-0dde-4b40-afb1-f60ebb4c8744
Faulting package full name:
Faulting package-relative application ID:
Error: (05/03/2023 09:16:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
Error: (05/03/2023 09:15:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00a43790
Faulting process ID: 0x6b0
Faulting application start time: 0x01d97df3b0ede489
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 4de8ed67-8a0d-40dc-bf2e-51124503c721
Faulting package full name:
Faulting package-relative application ID:
Error: (05/03/2023 09:15:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Amundsen.LSM.Load()
at Amundsen.Program.TimeIntervalElapsed(Boolean)
at Amundsen.Program.Main(System.String[])
System errors:
=============
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dolby DAX2 API Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) RealSense(TM) Depth Camera Manager Service SR300 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NIHardwareService service terminated unexpectedly. It has done this 1 time(s).
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel SST Parameter Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (05/05/2023 07:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Phone IP over USB Transport (IpOverUsbSvc) service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
================
Date: 2023-05-03 23:21:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2023-04-06 01:02:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.1443.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x8007045b
Error description: A system shutdown is in progress.
Date: 2023-03-29 01:06:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.642.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x8007045b
Error description: A system shutdown is in progress.
Date: 2023-03-21 01:35:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.385.50.0;1.385.50.0
Engine Version: 1.1.20100.6
Date: 2023-03-21 01:35:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.385.198.0;1.385.198.0
Engine Version: 1.1.20100.6
Date: 2023-03-14 00:17:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1133.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.
CodeIntegrity:
===============
Date: 2023-04-23 19:59:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-04-16 13:33:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 06/28/2016
Motherboard: Acer Aspire VN7-592G
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 29%
Total physical RAM: 16247.66 MB
Available physical RAM: 11435.71 MB
Total Virtual: 18679.66 MB
Available Virtual: 13521.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:476.02 GB) (Free:157.78 GB) (Model: SAMSUNG MZNLN512HCJH-00000) NTFS
Drive d: (Data) (Fixed) (Total:1863.02 GB) (Free:932.27 GB) (Model: ST2000LM003 HN-M201RAD) NTFS
\\?\Volume{71be9587-8339-46e1-bbd0-2a47694bf0fb}\ () (Fixed) (Total:0.8 GB) (Free:0.28 GB) NTFS
\\?\Volume{32fe2cca-8cfd-4666-bf84-397a2087b4bc}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5F045474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 5F045466)
Partition: GPT.
==================== End of Addition.txt =======================
|
|
06.05.2023, 20:01
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.05.2023, 21:43
| #15 |
| | Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar Done. Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 02-05-2023
Ran by pFramework (06-05-2023 22:37:50) Run:1
Running from C:\Users\pFramework\Downloads
Loaded Profiles: pFramework
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
emptytemp:
End::
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31590671 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 549349863 B
Windows/system/drivers => 355517942 B
Edge => 1358890 B
Chrome => 231805199 B
Firefox => 2661675634 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2709174 B
NetworkService => 174288486 B
pFramework => 471018680 B
RecycleBin => 1506119044 B
EmptyTemp: => 5.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:39:54 ====
|
|
| Themen zu Windows 10: "App Explorer" Icon präsent im Start Menü, öffnet aber "System32" Folder und startet eine "Pokki" Icon im Taskbar |
| adobe, adware, browser, cpu, defender, desktop, firefox, google, home, internet, internet explorer, mozilla, performance, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, udp, updates, windows |
Linear-Darstellung
