I'm getting daily pop ups that are unwanted, Ive searched the computer for key words to remove and tried malware/antivirus programmes, but cannot get rid of it. I'd be grateful for any steers on how to fix this.
Thank you.
The results of FRST are:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-01-2022 01
Ran by Richard (administrator) on DESKTOP-TPBF3NR (LENOVO 23252S4) (14-01-2022 17:41:42)
Running from C:\Users\Richard\Downloads
Loaded Profiles: Richard
Platform: Microsoft Windows 10 Home Version 20H2 19042.1466 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\Richard\anaconda3\Scripts\jupyter-notebook.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Discord Inc. -> Discord Inc.) C:\Users\Richard\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Richard\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python.exe <2>
(Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\pythonw.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed] C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed]
HKLM-x32\...\Run: [IMSS] => c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112191904 2021-12-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Discord] => C:\Users\Richard\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\MountPoints2: {35cdbbba-4c21-11eb-b71a-3c970ee47275} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E90C07C-55CA-4E90-A9FA-F9E6C1FA8A74} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1223A159-8720-451D-A810-3511D6CA16F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {134268DB-45B8-4957-89DA-CD40665F8170} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {432597B5-3547-4C91-A4B1-9B0A160E2E4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {440BC486-1A11-4792-A153-6B83B2783C8B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F6502F4-4FC9-4184-97D8-C99D8F17B167} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E54D055-5FD2-4285-9DD0-8B0B20226B64} - System32\Tasks\SVC Update => C:\Windows\explorer.exe "hxxps://destyy.com/w2S0D1" <==== ATTENTION
Task: {698B7430-D9E8-4AFC-9D8A-5D95D56FBAAA} - System32\Tasks\Duplicate Photos Fixer ProNotifier => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {7206183C-A7EE-4E19-8AC1-E2797F081D6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {86FBE6C1-F5EB-461B-939E-B8F533A5536F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112824 2021-07-11] (Lenovo -> Lenovo)
Task: {9C14F1DD-D373-4595-AA5F-1520E4EA1440} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [62136 2021-07-11] (Lenovo -> )
Task: {9D7329C6-1668-4399-A851-8604418D8445} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-28] (Google LLC -> Google LLC)
Task: {A2D0874B-102B-4236-8F1C-0AA192AC50CE} - System32\Tasks\Duplicate Photos Fixer Pro_updates => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DuplicatePhotosFixerPro.exe [8201992 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak)
Task: {AF1F2FA9-EC98-4325-A951-57FE00CFFAF8} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {B019B75D-2FA6-4539-8CCA-CFF6C70A45A8} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-442883875-2476310825-192517120-1001 => C:\Users\Richard\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {B80582D2-6A70-472C-8172-7D7076FC1DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-28] (Google LLC -> Google LLC)
Task: {C1696DA6-A81F-4E15-87A4-86B74D8FFCE3} - System32\Tasks\Duplicate Photos Fixer ProNotifier_trigger => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {C45EC75C-8A12-416B-968C-CBD2278B472F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {C6E17AD5-1EBA-4208-8541-8EA8A2DBC69A} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {E9906361-7D8F-4CE2-905C-CB5A434B312C} - System32\Tasks\Duplicate Photos Fixer ProNotifier_startup => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {F260BBA6-3A7B-425D-A227-4A4D07717D25} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d7898ae6-c9e3-4f0f-b12f-bc092ede047c}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.20,1]
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
Edge Notifications: Default -> hxxps://en.softonic.com; hxxps://www.hotdeals.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2022-01-14]
CHR Notifications: Default -> hxxps://209303103311267.webpush.freshchat.com; hxxps://aspireglobal.eu.webpush.freshchat.com; hxxps://calendar.google.com; hxxps://metro.co.uk; hxxps://oanda.secure.force.com; hxxps://secretldn.com; hxxps://uk.mail.yahoo.com; hxxps://uk.pcmag.com; hxxps://www.bristolpost.co.uk; hxxps://www.buyagift.co.uk; hxxps://www.facebook.com; hxxps://www.grandnational.org.uk; hxxps://www.hertfordshiremercury.co.uk; hxxps://www.lightinthebox.com; hxxps://www.marksandspencer.com; hxxps://www.myvouchercodes.co.uk; hxxps://www.netflix.com; hxxps://www.oliverstravels.com; hxxps://www.qmee.com; hxxps://www.topcashback.co.uk; hxxps://www.vouchercloud.com
CHR HomePage: Default -> hxxp://www.google.co.uk/ig
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/ig"
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-28]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-28]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-28]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-12-28]
CHR Extension: (Latest Deals) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehllaigpicpkadibmagdgblfdlfeeahf [2022-01-10]
CHR Extension: (TopCashback UK: Get Cashback & Vouchers) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekeeeebmbhkkjcaoicinbdjmklipppkj [2021-09-30]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Guardio Protection for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfpmkejnolcfklaaddjnckanhhgegla [2022-01-13]
CHR Extension: (SwagButton) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2021-12-29]
CHR Extension: (Digital-i's GB Research Support Tool) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpljhcpobhmhghhhampjeedlljpcocfp [2021-12-03]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2020-12-28]
CHR Extension: (Cookmate - formerly My CookBook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbehgakcmbdalmpdfjedahogegmgpba [2020-12-28]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-12-19]
CHR Extension: (Qmee) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2020-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-15]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-11] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182296 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159760 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo(Japan)Ltd. -> Lenovo)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 optousb; C:\Windows\system32\DRIVERS\optousb.sys [22656 2008-04-04] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\Windows\system32\DRIVERS\optovcm.sys [31744 2008-04-04] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 risdxc; C:\Windows\System32\drivers\risdxc64.sys [106496 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus Innovation Technology Inc. -> Sunplus)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167432 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43536 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-13 21:26 - 2022-01-13 21:26 - 000000000 ____D C:\Users\Richard\AppData\Local\mbam
2022-01-13 21:25 - 2022-01-13 21:25 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-13 21:25 - 2022-01-13 21:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-13 21:24 - 2022-01-13 21:24 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup-076886.076886-Consumer.exe
2022-01-13 21:24 - 2022-01-13 21:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-13 21:24 - 2022-01-13 21:24 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-13 21:05 - 2022-01-13 21:07 - 000052193 _____ C:\Users\Richard\Downloads\Addition.txt
2022-01-13 21:03 - 2022-01-14 17:42 - 000026990 _____ C:\Users\Richard\Downloads\FRST.txt
2022-01-13 21:03 - 2022-01-14 17:42 - 000000000 ____D C:\FRST
2022-01-13 21:03 - 2022-01-13 21:03 - 002311680 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2022-01-12 21:07 - 2022-01-13 22:09 - 000010274 _____ C:\Users\Richard\Untitled8.ipynb
2022-01-11 23:53 - 2022-01-11 23:53 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-11 23:53 - 2022-01-11 23:53 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-11 23:53 - 2022-01-11 23:53 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-11 23:45 - 2022-01-11 23:46 - 000000000 ___HD C:\$WinREAgent
2022-01-11 20:40 - 2022-01-12 21:04 - 000000000 ____D C:\ProgramData\AVG
2022-01-11 20:40 - 2022-01-11 20:40 - 000224072 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup.exe
2022-01-09 17:37 - 2022-01-11 21:55 - 000016469 _____ C:\Users\Richard\Untitled7.ipynb
2022-01-08 11:37 - 2022-01-08 13:15 - 000007976 _____ C:\Users\Richard\Untitled6.ipynb
2022-01-08 07:53 - 2022-01-08 07:53 - 000071399 _____ C:\Users\Richard\Downloads\parkrun-barcode-A2658876.pdf
2022-01-07 11:39 - 2022-01-07 11:43 - 000001144 _____ C:\Users\Richard\myfirstnotebook.ipynb
2022-01-07 11:04 - 2022-01-07 11:05 - 000000000 ____D C:\Program Files\Sublime Text 3
2022-01-07 10:38 - 2022-01-07 10:48 - 000000959 _____ C:\Users\Richard\Untitled5.ipynb
2022-01-06 18:12 - 2022-01-06 18:12 - 000000000 ____D C:\Users\Richard\Untitled Folder 1
2022-01-06 18:10 - 2022-01-06 18:10 - 000000000 ____D C:\Users\Richard\Mypythonstuff
2022-01-06 17:48 - 2022-01-06 17:48 - 000000000 ____D C:\Program Files\New folder
2022-01-06 17:46 - 2022-01-06 17:47 - 026580990 _____ C:\Users\Richard\Downloads\Complete-Python-3-Bootcamp-master (2).zip
2022-01-06 17:07 - 2022-01-14 17:27 - 000000000 ____D C:\Users\Richard\AppData\Roaming\discord
2022-01-06 17:07 - 2022-01-14 17:25 - 000000000 ____D C:\Users\Richard\AppData\Local\Discord
2022-01-06 17:07 - 2022-01-06 17:07 - 000002237 _____ C:\Users\Richard\Desktop\Discord.lnk
2022-01-06 17:07 - 2022-01-06 17:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-01-06 17:07 - 2022-01-06 17:07 - 000000000 ____D C:\Users\Richard\AppData\Local\SquirrelTemp
2022-01-06 17:06 - 2022-01-06 17:07 - 082973864 _____ (Discord Inc.) C:\Users\Richard\Downloads\DiscordSetup.exe
2022-01-04 16:11 - 2022-01-04 16:11 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-01-04 16:11 - 2022-01-04 16:11 - 000001038 _____ C:\Users\Richard\Desktop\Lightroom.lnk
2022-01-04 13:02 - 2022-01-04 13:02 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2022-01-04 13:02 - 2022-01-04 13:02 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-01-03 17:13 - 2022-01-03 17:13 - 000003584 _____ C:\Windows\system32\Tasks\SVC Update
2022-01-03 17:12 - 2010-12-06 02:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2022-01-03 07:57 - 2022-01-12 00:24 - 000000000 ____D C:\Program Files (x86)\Duplicate Photos Fixer Pro
2022-01-03 07:57 - 2022-01-09 16:44 - 000003306 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier
2022-01-03 07:57 - 2022-01-03 07:57 - 000003866 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer Pro_updates
2022-01-03 07:57 - 2022-01-03 07:57 - 000003374 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier_trigger
2022-01-03 07:57 - 2022-01-03 07:57 - 000003294 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier_startup
2022-01-03 07:57 - 2022-01-03 07:57 - 000001277 _____ C:\Users\Public\Desktop\Duplicate Photos Fixer Pro.lnk
2022-01-03 07:57 - 2022-01-03 07:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DPFXR
2022-01-03 07:57 - 2022-01-03 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photos Fixer Pro
2022-01-03 07:56 - 2022-01-03 07:56 - 010332632 _____ (Systweak Software ) C:\Users\Richard\Downloads\dpfsetupipg_googleadw-dpf_gads_uk_ext7.exe
2022-01-03 07:56 - 2022-01-03 07:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Systweak
2022-01-01 18:52 - 2022-01-01 18:52 - 010608968 _____ (Ursa Minor Ltd ) C:\Users\Richard\Downloads\CopyTransHEICforWindowsv1.009 (1).exe
2022-01-01 18:51 - 2022-01-01 18:52 - 000000000 ____D C:\Program Files\CopyTrans HEIC for Windows
2022-01-01 18:51 - 2022-01-01 18:52 - 000000000 ____D C:\Program Files (x86)\CopyTrans HEIC for Windows
2022-01-01 18:51 - 2022-01-01 18:51 - 000000000 ____D C:\ProgramData\WindSolutions
2022-01-01 18:50 - 2022-01-01 18:50 - 010608968 _____ (Ursa Minor Ltd ) C:\Users\Richard\Downloads\CopyTransHEICforWindowsv1.009.exe
2022-01-01 18:48 - 2022-01-01 18:48 - 023863280 _____ (SoftOrbits ) C:\Users\Richard\Downloads\HeicToJpg.exe
2022-01-01 18:46 - 2022-01-01 18:46 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-01 18:45 - 2022-01-01 18:46 - 000234272 _____ (AVAST Software) C:\Users\Richard\Downloads\avast_one_essential_setup_online.exe
2022-01-01 16:23 - 2022-01-01 16:23 - 000000000 ____D C:\Users\Richard\AppData\Local\Apple Computer
2022-01-01 16:22 - 2022-01-09 16:44 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Apple Computer
2022-01-01 16:21 - 2022-01-04 13:02 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-01-01 16:21 - 2022-01-01 16:21 - 000001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\Users\Richard\AppData\Local\Apple
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Apple Computer
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Apple
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\Program Files (x86)\QuickTime
2022-01-01 16:20 - 2022-01-01 16:20 - 041896256 _____ (Apple Inc.) C:\Users\Richard\Downloads\QuickTimeInstaller.exe
2022-01-01 16:20 - 2022-01-01 16:20 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Apple Computer
2021-12-29 23:20 - 2021-12-29 23:20 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2021-12-29 22:58 - 2021-12-29 22:58 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-12-29 22:57 - 2021-06-23 02:12 - 000167432 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2021-12-29 22:57 - 2021-06-23 02:12 - 000159760 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-12-29 22:57 - 2021-06-23 02:12 - 000043536 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys
2021-12-27 20:43 - 2021-12-27 20:43 - 000101983 _____ C:\Users\Richard\Downloads\1640637786.3373075_0852e919-4f48-4a1d-93a9-32beba3f7025.pdf
2021-12-23 21:21 - 2021-12-23 21:21 - 000000703 _____ C:\Users\Richard\Downloads\transcript.txt
2021-12-19 00:29 - 2021-12-19 00:29 - 000000000 ____D C:\Windows\SystemTemp
2021-12-18 20:18 - 2021-12-18 20:18 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-18 20:18 - 2021-12-18 20:18 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-18 20:18 - 2021-12-18 20:18 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-14 17:33 - 2020-12-28 22:49 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-14 17:14 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-14 16:58 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-14 16:50 - 2020-12-29 23:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-13 22:09 - 2021-04-11 14:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\jupyter
2022-01-13 22:09 - 2020-12-28 21:44 - 000000000 ____D C:\Users\Richard
2022-01-13 21:25 - 2019-12-07 09:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-01-13 21:23 - 2020-12-28 21:46 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2022-01-13 21:23 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-13 21:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-13 21:07 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2022-01-13 03:06 - 2021-04-05 19:45 - 000000000 ____D C:\Users\Richard\.conda
2022-01-12 21:07 - 2021-04-11 14:38 - 000000000 ____D C:\Users\Richard\.ipynb_checkpoints
2022-01-12 21:02 - 2021-04-05 19:46 - 000000043 _____ C:\Users\Richard\.condarc
2022-01-12 10:28 - 2020-12-28 21:35 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-12 00:26 - 2020-12-29 23:13 - 000000000 ___RD C:\Users\Richard\Creative Cloud Files
2022-01-12 00:24 - 2020-12-28 22:24 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2022-01-12 00:24 - 2020-12-28 22:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-12 00:24 - 2020-12-28 21:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-12 00:24 - 2020-11-18 23:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-12 00:24 - 2020-11-18 23:28 - 000460696 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-12 00:23 - 2019-12-07 09:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-01-11 23:55 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-11 23:42 - 2021-01-05 09:04 - 000000000 ____D C:\Windows\system32\MRT
2022-01-11 23:40 - 2021-01-05 09:04 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-09 19:26 - 2021-04-30 18:57 - 000000077 _____ C:\Users\Richard\myfile.txt
2022-01-07 21:04 - 2020-11-18 23:31 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-07 21:04 - 2020-11-18 23:31 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-07 20:29 - 2021-12-12 19:19 - 000000000 ____D C:\Windows\Minidump
2022-01-07 11:35 - 2021-07-04 10:39 - 000000000 ____D C:\Users\Richard\Python
2022-01-07 11:05 - 2021-04-11 14:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sublime Text 3
2022-01-07 11:05 - 2021-04-11 14:50 - 000000000 ____D C:\Users\Richard\AppData\Local\Sublime Text 3
2022-01-07 02:36 - 2020-12-28 22:50 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 02:36 - 2020-12-28 22:50 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 18:12 - 2021-04-05 19:37 - 000000000 ____D C:\Users\Richard\anaconda3
2022-01-06 10:49 - 2020-12-28 22:14 - 000000000 ____D C:\Users\Richard\AppData\Local\LenovoServiceBridge
2022-01-05 16:09 - 2021-12-11 13:04 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-442883875-2476310825-192517120-1001
2022-01-05 16:09 - 2020-12-28 21:49 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-442883875-2476310825-192517120-1001
2022-01-05 16:09 - 2020-12-28 21:44 - 000002385 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-04 16:11 - 2020-12-29 23:10 - 000000000 ____D C:\Program Files\Adobe
2022-01-04 09:11 - 2020-12-28 21:52 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2022-01-04 09:11 - 2020-11-18 23:32 - 000000000 ____D C:\ProgramData\Packages
2022-01-03 22:41 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-03 07:25 - 2020-12-28 21:49 - 000000000 ___RD C:\Users\Richard\OneDrive
2022-01-02 12:04 - 2020-12-29 22:23 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2021-12-29 23:21 - 2020-12-29 23:10 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-29 23:20 - 2020-12-29 23:10 - 000000000 ____D C:\ProgramData\Adobe
2021-12-29 23:20 - 2020-12-28 21:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-12-29 22:58 - 2021-01-20 22:17 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk
2021-12-29 22:58 - 2021-01-20 22:17 - 000001163 _____ C:\Users\Public\Desktop\Samsung DeX.lnk
2021-12-29 22:58 - 2020-12-28 22:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-29 22:45 - 2020-12-28 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-19 23:43 - 2020-12-28 22:31 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 14:04 - 2020-11-18 23:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-12-29 23:17 - 2020-12-29 23:17 - 000000000 _____ () C:\Users\Richard\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2022 01
Ran by Richard (14-01-2022 17:43:20)
Running from C:\Users\Richard\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1466 (X64) (2020-12-28 21:30:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-442883875-2476310825-192517120-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-442883875-2476310825-192517120-503 - Limited - Disabled)
Guest (S-1-5-21-442883875-2476310825-192517120-501 - Limited - Disabled)
Richard (S-1-5-21-442883875-2476310825-192517120-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-442883875-2476310825-192517120-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_1) (Version: 5.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_1) (Version: 23.1.0.143 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Amazon Kindle) (Version: 1.30.0.59056 - Amazon)
Anaconda3 2020.11 (Python 3.8.5 64-bit) (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Anaconda3 2020.11 (Python 3.8.5 64-bit)) (Version: 2020.11 - Anaconda, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1188.1 - AVG Technologies) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 1.0.1.0 - Ursa Minor Ltd)
Discord (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
Duplicate Photos Fixer Pro (HKLM-x32\...\Duplicate Photos Fixer Pro_is1) (Version: 1.3.1086.53 - Systweak Software) <==== ATTENTION
Evernote 10.26.5 (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.26.5 - Evernote Corporation)
Google Chrome (HKLM\...\{56CF9805-415B-3B7A-A1BD-DC14F7E8FAB6}) (Version: 97.0.4692.71 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{88540041-fd0c-4588-9b2f-251e29f7c5a1}) (Version: 18.40.4 - Intel Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0131 - Lenovo)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{AEB04E0E-0A28-4014-A96A-282E43B7227B}) (Version: 6.0.00.12211 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
Python 3.9.4 (64-bit) (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\{8a52f2bf-c3d0-4872-bc3d-61f6eab0cbf2}) (Version: 3.9.4150.0 - Python Software Foundation)
Python 3.9.4 Add to Path (64-bit) (HKLM\...\{B943A821-11D8-4FB4-B573-6D04DCC596AD}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Core Interpreter (64-bit) (HKLM\...\{1C17C2CE-B315-4C1C-885A-E37181C7368E}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Development Libraries (64-bit) (HKLM\...\{CB856DD1-55A4-42B3-B676-73DDE515A589}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Documentation (64-bit) (HKLM\...\{73524E2A-5D97-4CB8-8438-5FE8F9653F1C}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Executables (64-bit) (HKLM\...\{EDBB67F1-B275-4AC6-9D32-0A033570A705}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 pip Bootstrap (64-bit) (HKLM\...\{1FDC7BC3-4CE5-4236-A8C2-0C4A7AFFDFA4}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Standard Library (64-bit) (HKLM\...\{91ED5736-9D50-4991-87DC-CFB0492D1A22}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Tcl/Tk Support (64-bit) (HKLM\...\{4E0E4F08-ECD0-4737-ABFC-030B702AC2BF}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Test Suite (64-bit) (HKLM\...\{F12FD64B-8964-4F40-8448-7FA3955C5AD6}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Utility Scripts (64-bit) (HKLM\...\{BBCC595F-93C2-4054-9565-8F4F19B3D706}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{BDD80906-41E0-43DB-8C65-D8BCCEB3A3F8}) (Version: 3.9.7400.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Shopandscan (HKLM-x32\...\{0AE44DE7-5B32-4151-8272-0FA6DAF800E8}) (Version: 1.0.0 - Kantar WorldPanel)
Skype version 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SoftMaker FreeOffice 2018 (HKLM-x32\...\{02B0F09C-4910-4F32-BB8A-F22606E9E320}) (Version: 1.0.4910 - SoftMaker Software GmbH)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) (HKLM\...\245A139F08D3D69654D8822673D0B5EBFB63EF38) (Version: 06/02/2008 2.0.5.5 - OPTO ELECTRONICS CO.,LTD)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-12-29] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Duplicate & Similar Photo Cleaner -> C:\Program Files\WindowsApps\53354DuckheadSoftware.497213958DCA8_16.0.5.0_x64__2gc4m0bggm024 [2022-01-04] (Duckhead Software)
HEIC to JPEG (FREE) -> C:\Program Files\WindowsApps\53354DuckheadSoftware.HEICtoJPEGFREE_6.2.29.0_x64__2gc4m0bggm024 [2022-01-01] (Duckhead Software)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-10] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.2544.0_x64__qbz5n2kfra8p0 [2021-11-26] (Python Software Foundation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.23022.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0 [2022-01-08] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A548EF5CC59A} -> [Creative Cloud Files] => C:\Users\Richard\Creative Cloud Files [2020-12-29 23:13]
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Richard\Desktop\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Richard\Desktop\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Richard\Desktop\Money owed to Mum - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khbepoaahamoaeiglfcfkmkcapnpdibn
ShortcutWithArgument: C:\Users\Richard\Desktop\Mum's and My Account.xlsx - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=koalcaphaccbalopeaahlekhfjogmabe
ShortcutWithArgument: C:\Users\Richard\Desktop\Shared account - my share in atom - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kiicbccacdiggidgcbmleegjjonjfkam
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Money owed to Mum - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khbepoaahamoaeiglfcfkmkcapnpdibn
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Mum's and My Account.xlsx - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=koalcaphaccbalopeaahlekhfjogmabe
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Shared account - my share in atom - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kiicbccacdiggidgcbmleegjjonjfkam
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Richard\anaconda3\Scripts\activate.bat C:\Users\Richard\anaconda3
==================== Loaded Modules (Whitelisted) =============
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-04-05 19:38 - 2020-09-21 14:41 - 000182272 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\_cffi_backend.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-25 22:39 - 000194048 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\_yaml.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-03 09:50 - 000830464 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\brotli\_brotli.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-11 16:14 - 000014848 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\markupsafe\_speedups.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-11 13:39 - 000012288 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\menuinst\winshortcut.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-08-25 15:46 - 000074240 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\psutil\_psutil_windows.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-15 03:50 - 000033280 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\pvectorc.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-22 18:56 - 002218496 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtCore.pyd
2021-04-05 19:38 - 2019-11-22 18:54 - 002338304 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtGui.pyd
2021-04-05 19:38 - 2019-11-22 18:58 - 000113152 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtSvg.pyd
2021-04-05 19:38 - 2019-11-22 18:53 - 004955648 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtWidgets.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000142336 _____ () [File not signed] C:\Users\Richard\anaconda3\Lib\site-packages\pywin32_system32\pywintypes38.dll
2021-04-05 19:38 - 2020-06-25 17:29 - 000181248 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\ruamel_yaml\ext\_ruamel_yaml.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-08 07:58 - 000107520 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\sip.pyd
2021-04-05 19:38 - 2020-03-12 15:28 - 000010240 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\tornado\speedups.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-01-15 15:55 - 000010752 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\_win32sysloader.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000142336 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\pywintypes38.dll
2021-04-05 19:38 - 2020-01-15 15:55 - 000134144 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32api.pyd
2021-04-05 19:38 - 2020-01-15 15:55 - 000060928 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32console.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000145920 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32security.pyd
2021-04-05 19:38 - 2020-01-15 15:58 - 000552448 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32comext\shell\shell.pyd
2021-04-05 19:38 - 2019-12-16 16:27 - 000072192 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\winpty\cywinpty.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000049664 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_device.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000060928 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_poll.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000045056 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_proxy_steerable.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000029696 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_version.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000067072 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\constants.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000059392 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\context.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000031232 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\error.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000083456 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\message.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000126976 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\socket.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000040448 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\utils.cp38-win_amd64.pyd
2021-04-05 19:38 - 2017-11-09 04:32 - 000229376 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libjpeg.dll
2021-04-05 19:38 - 2019-04-23 17:51 - 000192512 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libpng16.dll
2021-04-05 19:38 - 2020-02-14 16:20 - 000307712 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libsodium.dll
2021-04-05 19:38 - 2020-01-15 15:56 - 000579584 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\pythoncom38.dll
2021-04-05 19:38 - 2020-08-20 10:00 - 001549824 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\sqlite3.dll
2021-04-05 19:38 - 2018-02-02 17:44 - 002509089 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\winpty.dll
2021-04-05 19:38 - 2020-06-25 20:16 - 000103936 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\yaml.dll
2021-04-05 19:38 - 2020-04-18 10:15 - 000084992 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\zlib.dll
2021-01-30 12:18 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2021-04-05 19:38 - 2020-09-10 12:36 - 000453120 _____ (iMatix Corporation) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libzmq-mt-4_3_2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2021-04-05 19:38 - 2020-09-04 02:29 - 000056320 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_asyncio.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000076800 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_bz2.pyd
2021-04-05 19:39 - 2020-09-04 02:29 - 000117248 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_ctypes.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000260608 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_decimal.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000169472 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_elementtree.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000038400 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_hashlib.pyd
2021-04-05 19:38 - 2020-09-04 02:30 - 000155648 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_lzma.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000038400 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_overlapped.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000020992 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_queue.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000071680 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_socket.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000080384 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_sqlite3.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000144896 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_ssl.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000182272 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\pyexpat.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000019968 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\select.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 001089024 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\unicodedata.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000051712 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python3.DLL
2021-04-05 19:38 - 2020-09-04 02:29 - 004204544 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python38.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 026216448 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icudt58.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 002668544 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icuin58.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 001896960 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icuuc58.dll
2021-04-05 19:39 - 2020-09-22 13:53 - 003409408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libcrypto-1_1-x64.dll
2021-04-05 19:38 - 2020-09-22 13:53 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libssl-1_1-x64.dll
2021-04-05 19:39 - 2018-12-12 20:38 - 005109760 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Core.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 005924352 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Gui.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Svg.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 005572608 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Widgets.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\iconengines\qsvgicon.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qgif.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qicns.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000032256 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qico.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000038400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qjpeg.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qsvg.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qtga.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000371200 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qtiff.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qwbmp.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000505856 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qwebp.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 001264128 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\platforms\qwindows.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2021-11-26 15:09 - 2021-11-26 15:14 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;c:\Program Files\Intel\Intel(R) Management Engine Components\DAL;c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-442883875-2476310825-192517120-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F3527143-FF97-4992-8C17-028849482140}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{A6405ACD-3F0D-4386-B262-73DAA00CAB6F}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DF84C34F-41BD-4795-91F2-BC20C16A13B0}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{199460BB-07EF-4832-BE8D-EEE617F56287}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{59C3507F-B05D-4977-AB1D-B2EB2AAC1855}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{136D44DA-326F-4882-858D-60F4E54B4A9B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{F4C32A38-F41A-449D-B535-A0D3523CB17F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{39C34FB0-9D87-4E7D-A6E6-BE7A231AA992}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C9F754B-CD20-4073-92CD-599828830ED3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{865066EF-B3FC-4223-B207-1BC30EB1837F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7709030C-8E2A-40AD-B55A-03686E4EC7D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43B4C569-799D-4CC8-B6F6-BC2BC94B2D0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{332E9DB5-1480-44DE-9BD9-61AF830D492F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38FBC7EF-4863-48C1-92BE-E2922CADAF2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FEBDD48C-943C-4B62-8719-E63DF6D60BBD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CAFE2FF9-4063-4809-8B4B-E73E3400FDD5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF10F052-8D44-4412-B750-F908C327DC09}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5564DEB-18FF-4B1E-A11D-6824D1CE6F43}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{FA844100-53AE-49FA-9796-FEBDE609BFB8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{6EF2CD72-E4B1-44FC-B41B-765C6CDE461C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{20772815-BB7B-442A-A633-864AD9867AE5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{25B59D4F-AAD7-48E0-AC4C-5FFD27712306}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AEFDC04-F7E3-467B-8D4A-67279993F751}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BD6BD2B-A652-4FC9-B81A-1F008988830B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1712C246-33AB-48ED-9932-CEFD4A14AEF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AFBCE28-84C7-48C2-A667-8D70D8716E1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{154CC0DA-C2D1-4263-9201-AF8AA00FFA2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DAA1762-64E3-4CF7-9832-9D2F05098622}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79DADB5F-C9F5-4960-8EDA-943A8E732C3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
29-12-2021 22:57:01 Samsung DeX
01-01-2022 16:21:26 Installed QuickTime 7
10-01-2022 00:42:36 Scheduled Checkpoint
11-01-2022 23:42:55 Windows Modules Installer
11-01-2022 23:46:32 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Tools since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Antivirus since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service avgbIDSAgent since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgVmm.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgbuniv.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgbidsh.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgSP.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgMonFlt.
System Error:
The system cannot find the file specified.
.
System errors:
=============
Error: (01/14/2022 04:47:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-01-11 21:23:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-11 21:11:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-11 17:20:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-10 14:42:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-07 17:34:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-01-07 11:14:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.355.1499.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18800.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2022-01-07 11:14:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.355.1499.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18800.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2022-01-11 20:42:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-01-11 20:42:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G2ETB7WW (2.77 ) 09/24/2019
Motherboard: LENOVO 23252S4
Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 44%
Total physical RAM: 16060.3 MB
Available physical RAM: 8929.48 MB
Total Virtual: 21180.3 MB
Available Virtual: 12627.44 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.71 GB) (Free:225.36 GB) NTFS
\\?\Volume{078a219e-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 078A219E)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Thank you.
The results of FRST are:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-01-2022 01
Ran by Richard (administrator) on DESKTOP-TPBF3NR (LENOVO 23252S4) (14-01-2022 17:41:42)
Running from C:\Users\Richard\Downloads
Loaded Profiles: Richard
Platform: Microsoft Windows 10 Home Version 20H2 19042.1466 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\Richard\anaconda3\Scripts\jupyter-notebook.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Discord Inc. -> Discord Inc.) C:\Users\Richard\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Richard\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python.exe <2>
(Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\pythonw.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed] C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed]
HKLM-x32\...\Run: [IMSS] => c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112191904 2021-12-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Run: [Discord] => C:\Users\Richard\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\MountPoints2: {35cdbbba-4c21-11eb-b71a-3c970ee47275} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E90C07C-55CA-4E90-A9FA-F9E6C1FA8A74} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1223A159-8720-451D-A810-3511D6CA16F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {134268DB-45B8-4957-89DA-CD40665F8170} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {432597B5-3547-4C91-A4B1-9B0A160E2E4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {440BC486-1A11-4792-A153-6B83B2783C8B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F6502F4-4FC9-4184-97D8-C99D8F17B167} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E54D055-5FD2-4285-9DD0-8B0B20226B64} - System32\Tasks\SVC Update => C:\Windows\explorer.exe "hxxps://destyy.com/w2S0D1" <==== ATTENTION
Task: {698B7430-D9E8-4AFC-9D8A-5D95D56FBAAA} - System32\Tasks\Duplicate Photos Fixer ProNotifier => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {7206183C-A7EE-4E19-8AC1-E2797F081D6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {86FBE6C1-F5EB-461B-939E-B8F533A5536F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112824 2021-07-11] (Lenovo -> Lenovo)
Task: {9C14F1DD-D373-4595-AA5F-1520E4EA1440} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [62136 2021-07-11] (Lenovo -> )
Task: {9D7329C6-1668-4399-A851-8604418D8445} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-28] (Google LLC -> Google LLC)
Task: {A2D0874B-102B-4236-8F1C-0AA192AC50CE} - System32\Tasks\Duplicate Photos Fixer Pro_updates => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DuplicatePhotosFixerPro.exe [8201992 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak)
Task: {AF1F2FA9-EC98-4325-A951-57FE00CFFAF8} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {B019B75D-2FA6-4539-8CCA-CFF6C70A45A8} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-442883875-2476310825-192517120-1001 => C:\Users\Richard\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {B80582D2-6A70-472C-8172-7D7076FC1DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-28] (Google LLC -> Google LLC)
Task: {C1696DA6-A81F-4E15-87A4-86B74D8FFCE3} - System32\Tasks\Duplicate Photos Fixer ProNotifier_trigger => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {C45EC75C-8A12-416B-968C-CBD2278B472F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {C6E17AD5-1EBA-4208-8541-8EA8A2DBC69A} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {E9906361-7D8F-4CE2-905C-CB5A434B312C} - System32\Tasks\Duplicate Photos Fixer ProNotifier_startup => C:\Program Files (x86)\Duplicate Photos Fixer Pro\DPFNotifier.exe [306440 2021-11-25] (SYSTWEAK SOFTWARE -> Systweak Software)
Task: {F260BBA6-3A7B-425D-A227-4A4D07717D25} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d7898ae6-c9e3-4f0f-b12f-bc092ede047c}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.20,1]
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
Edge Notifications: Default -> hxxps://en.softonic.com; hxxps://www.hotdeals.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2022-01-14]
CHR Notifications: Default -> hxxps://209303103311267.webpush.freshchat.com; hxxps://aspireglobal.eu.webpush.freshchat.com; hxxps://calendar.google.com; hxxps://metro.co.uk; hxxps://oanda.secure.force.com; hxxps://secretldn.com; hxxps://uk.mail.yahoo.com; hxxps://uk.pcmag.com; hxxps://www.bristolpost.co.uk; hxxps://www.buyagift.co.uk; hxxps://www.facebook.com; hxxps://www.grandnational.org.uk; hxxps://www.hertfordshiremercury.co.uk; hxxps://www.lightinthebox.com; hxxps://www.marksandspencer.com; hxxps://www.myvouchercodes.co.uk; hxxps://www.netflix.com; hxxps://www.oliverstravels.com; hxxps://www.qmee.com; hxxps://www.topcashback.co.uk; hxxps://www.vouchercloud.com
CHR HomePage: Default -> hxxp://www.google.co.uk/ig
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/ig"
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-28]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-28]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-28]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-12-28]
CHR Extension: (Latest Deals) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehllaigpicpkadibmagdgblfdlfeeahf [2022-01-10]
CHR Extension: (TopCashback UK: Get Cashback & Vouchers) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekeeeebmbhkkjcaoicinbdjmklipppkj [2021-09-30]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Guardio Protection for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfpmkejnolcfklaaddjnckanhhgegla [2022-01-13]
CHR Extension: (SwagButton) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2021-12-29]
CHR Extension: (Digital-i's GB Research Support Tool) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpljhcpobhmhghhhampjeedlljpcocfp [2021-12-03]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2020-12-28]
CHR Extension: (Cookmate - formerly My CookBook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbehgakcmbdalmpdfjedahogegmgpba [2020-12-28]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-12-19]
CHR Extension: (Qmee) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2020-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-15]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-11] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182296 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159760 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo(Japan)Ltd. -> Lenovo)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2022-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 optousb; C:\Windows\system32\DRIVERS\optousb.sys [22656 2008-04-04] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\Windows\system32\DRIVERS\optovcm.sys [31744 2008-04-04] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 risdxc; C:\Windows\System32\drivers\risdxc64.sys [106496 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus Innovation Technology Inc. -> Sunplus)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167432 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43536 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-13 21:26 - 2022-01-13 21:26 - 000000000 ____D C:\Users\Richard\AppData\Local\mbam
2022-01-13 21:25 - 2022-01-13 21:25 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-01-13 21:25 - 2022-01-13 21:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-13 21:25 - 2022-01-13 21:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-13 21:24 - 2022-01-13 21:24 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup-076886.076886-Consumer.exe
2022-01-13 21:24 - 2022-01-13 21:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-13 21:24 - 2022-01-13 21:24 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-13 21:05 - 2022-01-13 21:07 - 000052193 _____ C:\Users\Richard\Downloads\Addition.txt
2022-01-13 21:03 - 2022-01-14 17:42 - 000026990 _____ C:\Users\Richard\Downloads\FRST.txt
2022-01-13 21:03 - 2022-01-14 17:42 - 000000000 ____D C:\FRST
2022-01-13 21:03 - 2022-01-13 21:03 - 002311680 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2022-01-12 21:07 - 2022-01-13 22:09 - 000010274 _____ C:\Users\Richard\Untitled8.ipynb
2022-01-11 23:53 - 2022-01-11 23:53 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-11 23:53 - 2022-01-11 23:53 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-11 23:53 - 2022-01-11 23:53 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-11 23:45 - 2022-01-11 23:46 - 000000000 ___HD C:\$WinREAgent
2022-01-11 20:40 - 2022-01-12 21:04 - 000000000 ____D C:\ProgramData\AVG
2022-01-11 20:40 - 2022-01-11 20:40 - 000224072 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup.exe
2022-01-09 17:37 - 2022-01-11 21:55 - 000016469 _____ C:\Users\Richard\Untitled7.ipynb
2022-01-08 11:37 - 2022-01-08 13:15 - 000007976 _____ C:\Users\Richard\Untitled6.ipynb
2022-01-08 07:53 - 2022-01-08 07:53 - 000071399 _____ C:\Users\Richard\Downloads\parkrun-barcode-A2658876.pdf
2022-01-07 11:39 - 2022-01-07 11:43 - 000001144 _____ C:\Users\Richard\myfirstnotebook.ipynb
2022-01-07 11:04 - 2022-01-07 11:05 - 000000000 ____D C:\Program Files\Sublime Text 3
2022-01-07 10:38 - 2022-01-07 10:48 - 000000959 _____ C:\Users\Richard\Untitled5.ipynb
2022-01-06 18:12 - 2022-01-06 18:12 - 000000000 ____D C:\Users\Richard\Untitled Folder 1
2022-01-06 18:10 - 2022-01-06 18:10 - 000000000 ____D C:\Users\Richard\Mypythonstuff
2022-01-06 17:48 - 2022-01-06 17:48 - 000000000 ____D C:\Program Files\New folder
2022-01-06 17:46 - 2022-01-06 17:47 - 026580990 _____ C:\Users\Richard\Downloads\Complete-Python-3-Bootcamp-master (2).zip
2022-01-06 17:07 - 2022-01-14 17:27 - 000000000 ____D C:\Users\Richard\AppData\Roaming\discord
2022-01-06 17:07 - 2022-01-14 17:25 - 000000000 ____D C:\Users\Richard\AppData\Local\Discord
2022-01-06 17:07 - 2022-01-06 17:07 - 000002237 _____ C:\Users\Richard\Desktop\Discord.lnk
2022-01-06 17:07 - 2022-01-06 17:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-01-06 17:07 - 2022-01-06 17:07 - 000000000 ____D C:\Users\Richard\AppData\Local\SquirrelTemp
2022-01-06 17:06 - 2022-01-06 17:07 - 082973864 _____ (Discord Inc.) C:\Users\Richard\Downloads\DiscordSetup.exe
2022-01-04 16:11 - 2022-01-04 16:11 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-01-04 16:11 - 2022-01-04 16:11 - 000001038 _____ C:\Users\Richard\Desktop\Lightroom.lnk
2022-01-04 13:02 - 2022-01-04 13:02 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2022-01-04 13:02 - 2022-01-04 13:02 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-01-03 17:13 - 2022-01-03 17:13 - 000003584 _____ C:\Windows\system32\Tasks\SVC Update
2022-01-03 17:12 - 2010-12-06 02:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2022-01-03 07:57 - 2022-01-12 00:24 - 000000000 ____D C:\Program Files (x86)\Duplicate Photos Fixer Pro
2022-01-03 07:57 - 2022-01-09 16:44 - 000003306 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier
2022-01-03 07:57 - 2022-01-03 07:57 - 000003866 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer Pro_updates
2022-01-03 07:57 - 2022-01-03 07:57 - 000003374 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier_trigger
2022-01-03 07:57 - 2022-01-03 07:57 - 000003294 _____ C:\Windows\system32\Tasks\Duplicate Photos Fixer ProNotifier_startup
2022-01-03 07:57 - 2022-01-03 07:57 - 000001277 _____ C:\Users\Public\Desktop\Duplicate Photos Fixer Pro.lnk
2022-01-03 07:57 - 2022-01-03 07:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DPFXR
2022-01-03 07:57 - 2022-01-03 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photos Fixer Pro
2022-01-03 07:56 - 2022-01-03 07:56 - 010332632 _____ (Systweak Software ) C:\Users\Richard\Downloads\dpfsetupipg_googleadw-dpf_gads_uk_ext7.exe
2022-01-03 07:56 - 2022-01-03 07:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Systweak
2022-01-01 18:52 - 2022-01-01 18:52 - 010608968 _____ (Ursa Minor Ltd ) C:\Users\Richard\Downloads\CopyTransHEICforWindowsv1.009 (1).exe
2022-01-01 18:51 - 2022-01-01 18:52 - 000000000 ____D C:\Program Files\CopyTrans HEIC for Windows
2022-01-01 18:51 - 2022-01-01 18:52 - 000000000 ____D C:\Program Files (x86)\CopyTrans HEIC for Windows
2022-01-01 18:51 - 2022-01-01 18:51 - 000000000 ____D C:\ProgramData\WindSolutions
2022-01-01 18:50 - 2022-01-01 18:50 - 010608968 _____ (Ursa Minor Ltd ) C:\Users\Richard\Downloads\CopyTransHEICforWindowsv1.009.exe
2022-01-01 18:48 - 2022-01-01 18:48 - 023863280 _____ (SoftOrbits ) C:\Users\Richard\Downloads\HeicToJpg.exe
2022-01-01 18:46 - 2022-01-01 18:46 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-01 18:45 - 2022-01-01 18:46 - 000234272 _____ (AVAST Software) C:\Users\Richard\Downloads\avast_one_essential_setup_online.exe
2022-01-01 16:23 - 2022-01-01 16:23 - 000000000 ____D C:\Users\Richard\AppData\Local\Apple Computer
2022-01-01 16:22 - 2022-01-09 16:44 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Apple Computer
2022-01-01 16:21 - 2022-01-04 13:02 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-01-01 16:21 - 2022-01-01 16:21 - 000001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\Users\Richard\AppData\Local\Apple
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Apple Computer
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\ProgramData\Apple
2022-01-01 16:21 - 2022-01-01 16:21 - 000000000 ____D C:\Program Files (x86)\QuickTime
2022-01-01 16:20 - 2022-01-01 16:20 - 041896256 _____ (Apple Inc.) C:\Users\Richard\Downloads\QuickTimeInstaller.exe
2022-01-01 16:20 - 2022-01-01 16:20 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Apple Computer
2021-12-29 23:20 - 2021-12-29 23:20 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2021-12-29 22:58 - 2021-12-29 22:58 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-12-29 22:57 - 2021-06-23 02:12 - 000167432 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2021-12-29 22:57 - 2021-06-23 02:12 - 000159760 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-12-29 22:57 - 2021-06-23 02:12 - 000043536 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys
2021-12-27 20:43 - 2021-12-27 20:43 - 000101983 _____ C:\Users\Richard\Downloads\1640637786.3373075_0852e919-4f48-4a1d-93a9-32beba3f7025.pdf
2021-12-23 21:21 - 2021-12-23 21:21 - 000000703 _____ C:\Users\Richard\Downloads\transcript.txt
2021-12-19 00:29 - 2021-12-19 00:29 - 000000000 ____D C:\Windows\SystemTemp
2021-12-18 20:18 - 2021-12-18 20:18 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-18 20:18 - 2021-12-18 20:18 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-18 20:18 - 2021-12-18 20:18 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-14 17:33 - 2020-12-28 22:49 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-14 17:14 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-14 16:58 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-14 16:50 - 2020-12-29 23:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-13 22:09 - 2021-04-11 14:07 - 000000000 ____D C:\Users\Richard\AppData\Roaming\jupyter
2022-01-13 22:09 - 2020-12-28 21:44 - 000000000 ____D C:\Users\Richard
2022-01-13 21:25 - 2019-12-07 09:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-01-13 21:23 - 2020-12-28 21:46 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2022-01-13 21:23 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-13 21:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-13 21:07 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2022-01-13 03:06 - 2021-04-05 19:45 - 000000000 ____D C:\Users\Richard\.conda
2022-01-12 21:07 - 2021-04-11 14:38 - 000000000 ____D C:\Users\Richard\.ipynb_checkpoints
2022-01-12 21:02 - 2021-04-05 19:46 - 000000043 _____ C:\Users\Richard\.condarc
2022-01-12 10:28 - 2020-12-28 21:35 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-12 00:26 - 2020-12-29 23:13 - 000000000 ___RD C:\Users\Richard\Creative Cloud Files
2022-01-12 00:24 - 2020-12-28 22:24 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2022-01-12 00:24 - 2020-12-28 22:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-12 00:24 - 2020-12-28 21:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-12 00:24 - 2020-11-18 23:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-12 00:24 - 2020-11-18 23:28 - 000460696 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-12 00:23 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-12 00:23 - 2019-12-07 09:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-01-11 23:55 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-11 23:42 - 2021-01-05 09:04 - 000000000 ____D C:\Windows\system32\MRT
2022-01-11 23:40 - 2021-01-05 09:04 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-09 19:26 - 2021-04-30 18:57 - 000000077 _____ C:\Users\Richard\myfile.txt
2022-01-07 21:04 - 2020-11-18 23:31 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-07 21:04 - 2020-11-18 23:31 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-07 20:29 - 2021-12-12 19:19 - 000000000 ____D C:\Windows\Minidump
2022-01-07 11:35 - 2021-07-04 10:39 - 000000000 ____D C:\Users\Richard\Python
2022-01-07 11:05 - 2021-04-11 14:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sublime Text 3
2022-01-07 11:05 - 2021-04-11 14:50 - 000000000 ____D C:\Users\Richard\AppData\Local\Sublime Text 3
2022-01-07 02:36 - 2020-12-28 22:50 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 02:36 - 2020-12-28 22:50 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 18:12 - 2021-04-05 19:37 - 000000000 ____D C:\Users\Richard\anaconda3
2022-01-06 10:49 - 2020-12-28 22:14 - 000000000 ____D C:\Users\Richard\AppData\Local\LenovoServiceBridge
2022-01-05 16:09 - 2021-12-11 13:04 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-442883875-2476310825-192517120-1001
2022-01-05 16:09 - 2020-12-28 21:49 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-442883875-2476310825-192517120-1001
2022-01-05 16:09 - 2020-12-28 21:44 - 000002385 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-04 16:11 - 2020-12-29 23:10 - 000000000 ____D C:\Program Files\Adobe
2022-01-04 09:11 - 2020-12-28 21:52 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2022-01-04 09:11 - 2020-11-18 23:32 - 000000000 ____D C:\ProgramData\Packages
2022-01-03 22:41 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-03 07:25 - 2020-12-28 21:49 - 000000000 ___RD C:\Users\Richard\OneDrive
2022-01-02 12:04 - 2020-12-29 22:23 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2021-12-29 23:21 - 2020-12-29 23:10 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-29 23:20 - 2020-12-29 23:10 - 000000000 ____D C:\ProgramData\Adobe
2021-12-29 23:20 - 2020-12-28 21:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-12-29 22:58 - 2021-01-20 22:17 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk
2021-12-29 22:58 - 2021-01-20 22:17 - 000001163 _____ C:\Users\Public\Desktop\Samsung DeX.lnk
2021-12-29 22:58 - 2020-12-28 22:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-29 22:45 - 2020-12-28 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-19 23:43 - 2020-12-28 22:31 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-19 00:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 14:04 - 2020-11-18 23:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-12-29 23:17 - 2020-12-29 23:17 - 000000000 _____ () C:\Users\Richard\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2022 01
Ran by Richard (14-01-2022 17:43:20)
Running from C:\Users\Richard\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1466 (X64) (2020-12-28 21:30:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-442883875-2476310825-192517120-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-442883875-2476310825-192517120-503 - Limited - Disabled)
Guest (S-1-5-21-442883875-2476310825-192517120-501 - Limited - Disabled)
Richard (S-1-5-21-442883875-2476310825-192517120-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-442883875-2476310825-192517120-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_1) (Version: 5.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_1) (Version: 23.1.0.143 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Amazon Kindle) (Version: 1.30.0.59056 - Amazon)
Anaconda3 2020.11 (Python 3.8.5 64-bit) (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Anaconda3 2020.11 (Python 3.8.5 64-bit)) (Version: 2020.11 - Anaconda, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1188.1 - AVG Technologies) Hidden
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 1.0.1.0 - Ursa Minor Ltd)
Discord (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
Duplicate Photos Fixer Pro (HKLM-x32\...\Duplicate Photos Fixer Pro_is1) (Version: 1.3.1086.53 - Systweak Software) <==== ATTENTION
Evernote 10.26.5 (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.26.5 - Evernote Corporation)
Google Chrome (HKLM\...\{56CF9805-415B-3B7A-A1BD-DC14F7E8FAB6}) (Version: 97.0.4692.71 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{88540041-fd0c-4588-9b2f-251e29f7c5a1}) (Version: 18.40.4 - Intel Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0131 - Lenovo)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{AEB04E0E-0A28-4014-A96A-282E43B7227B}) (Version: 6.0.00.12211 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
Python 3.9.4 (64-bit) (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\{8a52f2bf-c3d0-4872-bc3d-61f6eab0cbf2}) (Version: 3.9.4150.0 - Python Software Foundation)
Python 3.9.4 Add to Path (64-bit) (HKLM\...\{B943A821-11D8-4FB4-B573-6D04DCC596AD}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Core Interpreter (64-bit) (HKLM\...\{1C17C2CE-B315-4C1C-885A-E37181C7368E}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Development Libraries (64-bit) (HKLM\...\{CB856DD1-55A4-42B3-B676-73DDE515A589}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Documentation (64-bit) (HKLM\...\{73524E2A-5D97-4CB8-8438-5FE8F9653F1C}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Executables (64-bit) (HKLM\...\{EDBB67F1-B275-4AC6-9D32-0A033570A705}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 pip Bootstrap (64-bit) (HKLM\...\{1FDC7BC3-4CE5-4236-A8C2-0C4A7AFFDFA4}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Standard Library (64-bit) (HKLM\...\{91ED5736-9D50-4991-87DC-CFB0492D1A22}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Tcl/Tk Support (64-bit) (HKLM\...\{4E0E4F08-ECD0-4737-ABFC-030B702AC2BF}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Test Suite (64-bit) (HKLM\...\{F12FD64B-8964-4F40-8448-7FA3955C5AD6}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Utility Scripts (64-bit) (HKLM\...\{BBCC595F-93C2-4054-9565-8F4F19B3D706}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{BDD80906-41E0-43DB-8C65-D8BCCEB3A3F8}) (Version: 3.9.7400.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Shopandscan (HKLM-x32\...\{0AE44DE7-5B32-4151-8272-0FA6DAF800E8}) (Version: 1.0.0 - Kantar WorldPanel)
Skype version 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SoftMaker FreeOffice 2018 (HKLM-x32\...\{02B0F09C-4910-4F32-BB8A-F22606E9E320}) (Version: 1.0.4910 - SoftMaker Software GmbH)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) (HKLM\...\245A139F08D3D69654D8822673D0B5EBFB63EF38) (Version: 06/02/2008 2.0.5.5 - OPTO ELECTRONICS CO.,LTD)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-442883875-2476310825-192517120-1001\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-12-29] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Duplicate & Similar Photo Cleaner -> C:\Program Files\WindowsApps\53354DuckheadSoftware.497213958DCA8_16.0.5.0_x64__2gc4m0bggm024 [2022-01-04] (Duckhead Software)
HEIC to JPEG (FREE) -> C:\Program Files\WindowsApps\53354DuckheadSoftware.HEICtoJPEGFREE_6.2.29.0_x64__2gc4m0bggm024 [2022-01-01] (Duckhead Software)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-10] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.2544.0_x64__qbz5n2kfra8p0 [2021-11-26] (Python Software Foundation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.23022.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0 [2022-01-08] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A548EF5CC59A} -> [Creative Cloud Files] => C:\Users\Richard\Creative Cloud Files [2020-12-29 23:13]
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-442883875-2476310825-192517120-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Richard\Desktop\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Richard\Desktop\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Richard\Desktop\Money owed to Mum - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khbepoaahamoaeiglfcfkmkcapnpdibn
ShortcutWithArgument: C:\Users\Richard\Desktop\Mum's and My Account.xlsx - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=koalcaphaccbalopeaahlekhfjogmabe
ShortcutWithArgument: C:\Users\Richard\Desktop\Shared account - my share in atom - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kiicbccacdiggidgcbmleegjjonjfkam
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Money owed to Mum - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khbepoaahamoaeiglfcfkmkcapnpdibn
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Mum's and My Account.xlsx - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=koalcaphaccbalopeaahlekhfjogmabe
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Shared account - my share in atom - Google Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kiicbccacdiggidgcbmleegjjonjfkam
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Richard\anaconda3\Scripts\activate.bat C:\Users\Richard\anaconda3
==================== Loaded Modules (Whitelisted) =============
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-04-05 19:38 - 2020-09-21 14:41 - 000182272 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\_cffi_backend.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-25 22:39 - 000194048 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\_yaml.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-03 09:50 - 000830464 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\brotli\_brotli.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-11 16:14 - 000014848 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\markupsafe\_speedups.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-06-11 13:39 - 000012288 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\menuinst\winshortcut.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-08-25 15:46 - 000074240 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\psutil\_psutil_windows.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-15 03:50 - 000033280 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\pvectorc.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-22 18:56 - 002218496 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtCore.pyd
2021-04-05 19:38 - 2019-11-22 18:54 - 002338304 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtGui.pyd
2021-04-05 19:38 - 2019-11-22 18:58 - 000113152 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtSvg.pyd
2021-04-05 19:38 - 2019-11-22 18:53 - 004955648 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\PyQt5\QtWidgets.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000142336 _____ () [File not signed] C:\Users\Richard\anaconda3\Lib\site-packages\pywin32_system32\pywintypes38.dll
2021-04-05 19:38 - 2020-06-25 17:29 - 000181248 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\ruamel_yaml\ext\_ruamel_yaml.cp38-win_amd64.pyd
2021-04-05 19:38 - 2019-11-08 07:58 - 000107520 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\sip.pyd
2021-04-05 19:38 - 2020-03-12 15:28 - 000010240 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\tornado\speedups.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-01-15 15:55 - 000010752 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\_win32sysloader.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000142336 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\pywintypes38.dll
2021-04-05 19:38 - 2020-01-15 15:55 - 000134144 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32api.pyd
2021-04-05 19:38 - 2020-01-15 15:55 - 000060928 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32console.pyd
2021-04-05 19:38 - 2020-01-15 15:54 - 000145920 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32\win32security.pyd
2021-04-05 19:38 - 2020-01-15 15:58 - 000552448 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\win32comext\shell\shell.pyd
2021-04-05 19:38 - 2019-12-16 16:27 - 000072192 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\winpty\cywinpty.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000049664 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_device.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000060928 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_poll.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000045056 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_proxy_steerable.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000029696 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\_version.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000067072 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\constants.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000059392 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\context.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000031232 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\error.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000083456 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\message.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000126976 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\socket.cp38-win_amd64.pyd
2021-04-05 19:38 - 2020-09-18 15:23 - 000040448 _____ () [File not signed] C:\Users\Richard\anaconda3\lib\site-packages\zmq\backend\cython\utils.cp38-win_amd64.pyd
2021-04-05 19:38 - 2017-11-09 04:32 - 000229376 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libjpeg.dll
2021-04-05 19:38 - 2019-04-23 17:51 - 000192512 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libpng16.dll
2021-04-05 19:38 - 2020-02-14 16:20 - 000307712 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\libsodium.dll
2021-04-05 19:38 - 2020-01-15 15:56 - 000579584 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\pythoncom38.dll
2021-04-05 19:38 - 2020-08-20 10:00 - 001549824 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\sqlite3.dll
2021-04-05 19:38 - 2018-02-02 17:44 - 002509089 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\winpty.dll
2021-04-05 19:38 - 2020-06-25 20:16 - 000103936 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\yaml.dll
2021-04-05 19:38 - 2020-04-18 10:15 - 000084992 _____ () [File not signed] C:\Users\Richard\anaconda3\Library\bin\zlib.dll
2021-01-30 12:18 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2021-04-05 19:38 - 2020-09-10 12:36 - 000453120 _____ (iMatix Corporation) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libzmq-mt-4_3_2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2021-04-05 19:38 - 2020-09-04 02:29 - 000056320 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_asyncio.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000076800 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_bz2.pyd
2021-04-05 19:39 - 2020-09-04 02:29 - 000117248 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_ctypes.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000260608 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_decimal.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000169472 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_elementtree.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000038400 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_hashlib.pyd
2021-04-05 19:38 - 2020-09-04 02:30 - 000155648 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_lzma.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000038400 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_overlapped.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000020992 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_queue.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000071680 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_socket.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000080384 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_sqlite3.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000144896 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\_ssl.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000182272 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\pyexpat.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000019968 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\select.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 001089024 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\DLLs\unicodedata.pyd
2021-04-05 19:38 - 2020-09-04 02:29 - 000051712 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python3.DLL
2021-04-05 19:38 - 2020-09-04 02:29 - 004204544 _____ (Python Software Foundation) [File not signed] C:\Users\Richard\anaconda3\python38.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 026216448 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icudt58.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 002668544 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icuin58.dll
2021-04-05 19:38 - 2020-04-27 22:18 - 001896960 _____ (The ICU Project) [File not signed] C:\Users\Richard\anaconda3\Library\bin\icuuc58.dll
2021-04-05 19:39 - 2020-09-22 13:53 - 003409408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libcrypto-1_1-x64.dll
2021-04-05 19:38 - 2020-09-22 13:53 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Richard\anaconda3\Library\bin\libssl-1_1-x64.dll
2021-04-05 19:39 - 2018-12-12 20:38 - 005109760 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Core.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 005924352 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Gui.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Svg.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 005572608 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\bin\Qt5Widgets.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\iconengines\qsvgicon.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qgif.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qicns.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000032256 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qico.dll
2021-04-05 19:38 - 2018-12-12 20:39 - 000038400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qjpeg.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qsvg.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qtga.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000371200 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qtiff.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qwbmp.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 000505856 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\imageformats\qwebp.dll
2021-04-05 19:38 - 2018-12-12 20:40 - 001264128 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Richard\anaconda3\Library\plugins\platforms\qwindows.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2021-11-26 15:09 - 2021-11-26 15:14 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;c:\Program Files\Intel\Intel(R) Management Engine Components\DAL;c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-442883875-2476310825-192517120-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F3527143-FF97-4992-8C17-028849482140}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{A6405ACD-3F0D-4386-B262-73DAA00CAB6F}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DF84C34F-41BD-4795-91F2-BC20C16A13B0}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{199460BB-07EF-4832-BE8D-EEE617F56287}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{59C3507F-B05D-4977-AB1D-B2EB2AAC1855}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{136D44DA-326F-4882-858D-60F4E54B4A9B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{F4C32A38-F41A-449D-B535-A0D3523CB17F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{39C34FB0-9D87-4E7D-A6E6-BE7A231AA992}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C9F754B-CD20-4073-92CD-599828830ED3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{865066EF-B3FC-4223-B207-1BC30EB1837F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7709030C-8E2A-40AD-B55A-03686E4EC7D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43B4C569-799D-4CC8-B6F6-BC2BC94B2D0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{332E9DB5-1480-44DE-9BD9-61AF830D492F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38FBC7EF-4863-48C1-92BE-E2922CADAF2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FEBDD48C-943C-4B62-8719-E63DF6D60BBD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CAFE2FF9-4063-4809-8B4B-E73E3400FDD5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF10F052-8D44-4412-B750-F908C327DC09}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5564DEB-18FF-4B1E-A11D-6824D1CE6F43}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{FA844100-53AE-49FA-9796-FEBDE609BFB8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{6EF2CD72-E4B1-44FC-B41B-765C6CDE461C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{20772815-BB7B-442A-A633-864AD9867AE5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{25B59D4F-AAD7-48E0-AC4C-5FFD27712306}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AEFDC04-F7E3-467B-8D4A-67279993F751}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BD6BD2B-A652-4FC9-B81A-1F008988830B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1712C246-33AB-48ED-9932-CEFD4A14AEF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AFBCE28-84C7-48C2-A667-8D70D8716E1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{154CC0DA-C2D1-4263-9201-AF8AA00FFA2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DAA1762-64E3-4CF7-9832-9D2F05098622}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79DADB5F-C9F5-4960-8EDA-943A8E732C3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
29-12-2021 22:57:01 Samsung DeX
01-01-2022 16:21:26 Installed QuickTime 7
10-01-2022 00:42:36 Scheduled Checkpoint
11-01-2022 23:42:55 Windows Modules Installer
11-01-2022 23:46:32 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Tools since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Antivirus since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service avgbIDSAgent since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgVmm.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgbuniv.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgbidsh.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgSP.
System Error:
The system cannot find the file specified.
.
Error: (01/11/2022 11:46:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avgMonFlt.
System Error:
The system cannot find the file specified.
.
System errors:
=============
Error: (01/14/2022 04:47:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (01/12/2022 12:23:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TPBF3NR)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-01-11 21:23:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-11 21:11:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-11 17:20:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-10 14:42:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-07 17:34:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-01-07 11:14:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.355.1499.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18800.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2022-01-07 11:14:57
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.355.1499.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18800.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2022-01-11 20:42:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-01-11 20:42:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G2ETB7WW (2.77 ) 09/24/2019
Motherboard: LENOVO 23252S4
Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 44%
Total physical RAM: 16060.3 MB
Available physical RAM: 8929.48 MB
Total Virtual: 21180.3 MB
Available Virtual: 12627.44 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.71 GB) (Free:225.36 GB) NTFS
\\?\Volume{078a219e-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 078A219E)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================