Serveur minecraft

J'ai essayé d'exécuter FRST pour obtenir des journaux, mais il se ferme 1 seconde après l'ouverture. – Un bon serveur Minecraft

Le 28 mai 2021 - 116 minutes de lecture

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

J'ai pu en quelque sorte passer à un autre compte et quand je suis revenu, j'ai pu exécuter FRST. Publication des journaux ci-dessous.

————————————————– ————————————————– ———————————————–

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021

Ran par JennLaiBran (administrateur) sur DIMELOJUAN-PC (05-05-2021 13:56:09)

Exécution à partir de C: Users JennLaiBran Downloads

Profils chargés: JennLaiBran et postgres

Plate-forme: Windows 10 Pro Version 2004 19041.928 (X64) Langue: Anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: normal

==================== Processus (sur liste blanche) ==================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc) C: Program Files (x86) Common Files Adobe Adobe Desktop Common IPCBox AdobeIPCBroker.exe

(Adobe Inc. -> Adobe Inc.) C: Program Files (x86) Common Files Adobe Adobe Desktop Common ElevationManager AdobeUpdateService.exe

(Adobe Inc. -> Adobe Inc.) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe

(Adobe Inc. -> Adobe Systems Incorporated) C: Program Files Adobe Adobe Creative Cloud Experience CCXProcess.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C: Program Files (x86) Common Files Adobe AdobeGCClient AGMService.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C: Program Files (x86) Common Files Adobe AdobeGCClient AGSService.exe

(Apple Inc. -> Apple Inc.) C: Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService.exe

(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C: Program Files (x86) ASUS AXSP 4.00.01 atkexComSvc.exe

(Electronic Arts, Inc. -> Electronic Arts) C: Program Files (x86) Origin OriginWebHelperService.exe

(Electronic Arts, Inc. -> Electronic Arts) C: Program Files Electronic Arts EA Desktop EA Desktop EABackgroundService.exe

(Epic Games Inc. -> Epic Games, Inc.) C: Program Files (x86) Epic Games Launcher Engine Binaries Win64 EpicWebHelper.exe <2>

(Epic Games Inc. -> Epic Games, Inc.) C: Program Files (x86) Epic Games Launcher Portal Binaries Win64 EpicGamesLauncher.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <17>

(Société Hewlett-Packard -> Hewlett-Packard) C: Program Files (x86) HP HP Software Update hpwuschd2.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(McAfee, LLC -> McAfee, LLC) C: Program Files McAfee WebAdvisor servicehost.exe

(McAfee, LLC -> McAfee, LLC) C: Program Files McAfee WebAdvisor uihost.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v4.0.30319 SMSvcHost.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe Cortana.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe Calculator.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.XboxGamingOverlay_5.621.4142.0_x64__8wekyb3d8bbwe GameBar.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.XboxGamingOverlay_5.621.4142.0_x64__8wekyb3d8bbwe GameBarFTServer.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 msconfig.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 oobe UserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 Speech_OneCore common SpeechRuntime.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C: Windows SysWOW64 svchost.exe <2>

(Node.js Foundation -> Node.js) C: Program Files Adobe Adobe Creative Cloud Experience libs node.exe

(NortonLifeLock Inc. -> NortonLifeLock Inc.) C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 nsWscSvc.exe

(NortonLifeLock Inc. -> Symantec Corporation) C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 NortonSecurity.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe <2>

(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jucheck.exe

(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe

(Groupe de développement mondial PostgreSQL) [File not signed] C: Program Files PostgreSQL 9.5 bin pg_ctl.exe

(Groupe de développement mondial PostgreSQL) [File not signed] C: Program Files PostgreSQL 9.5 bin postgres.exe <7>

(Razer USA Ltd. ->) C: Program Files (x86) Razer APO0521Drv Drivers x64 THXHelper0521.exe

(Razer USA Ltd. ->) C: Program Files (x86) Razer THXVAD Drivers x64 THXHelper22AD.exe

(Razer USA Ltd. -> Razer Inc) C: Program Files (x86) Razer Razer Services GMS GameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C: Program Files (x86) Razer Chroma SDK bin RzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C: Program Files (x86) Razer Chroma SDK bin RzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C: Program Files (x86) Razer Razer Services Razer Central RazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C: Program Files (x86) Razer Synapse3 Service Razer Synapse Service.exe

(Razer USA Ltd. -> Razer Inc.) C: Program Files (x86) Razer Synapse3 WPFUI Framework Razer Synapse 3 Host Razer Synapse 3.exe

(Razer USA Ltd. -> THX) C: Program Files (x86) Razer THXService Drivers x64 THXService.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe

(Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 MobileService.exe

(Seagate Technology LLC -> Seagate Technology LLC) C: Program Files (x86) Seagate Seagate Dashboard 2.0 Seagate.Dashboard.DASWindowsService.exe

(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C: Program Files SUPERAntiSpyware SASCore64.exe

(TEFINCOM S.A. -> TEFINCOM S.A.) C: Program Files NordVPN nordvpn-service.exe

(Logiciel Wondershare CO., LIMITED -> Wondershare) C: Program Files (x86) Common Files Wondershare Wondershare Helper Compact WSHelper.exe

==================== Registre (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Exécuter: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM … Exécuter: [BCSSync] => C: Program Files Microsoft Office Office14 BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)

HKLM … Exécuter: [AdobeGCInvoker-1.0] => C: Program Files (x86) Common Files Adobe AdobeGCClient AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM … Exécuter: [AdobeAAMUpdater-1.0] => C: Program Files (x86) Common Files Adobe OOBE PDApp UWA UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM … Exécuter: [iTunesHelper] => C: Program Files iTunes iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)

HKLM … Exécuter: [THX22adHelper] => C: Program Files (x86) Razer THXVAD Drivers x64 THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. ->)

HKLM … Exécuter: [THX0521Helper] => C: Program Files (x86) Razer APO0521Drv Drivers x64 THXHelper0521.exe [386008 2019-09-18] (Razer USA Ltd. ->)

HKLM-x32 … Exécuter: [ConnectionCenter] => C: Program Files (x86) Citrix ICA Client concentr.exe [518456 2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

HKLM-x32 … Exécuter: [Redirector] => C: Program Files (x86) Citrix ICA Client redirector.exe [231736 2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

HKLM-x32 … Exécuter: [Wondershare Helper Compact.exe] => C: Program Files (x86) Common Files Wondershare Wondershare Helper Compact WSHelper.exe [2087264 2014-09-11] (Logiciel Wondershare CO., LIMITED -> Wondershare)

HKLM-x32 … Exécuter: [DBAgent] => C: Program Files (x86) Seagate Seagate Dashboard 2.0 DBAgent.exe [1562304 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

HKLM-x32 … Exécuter: [Adobe Creative Cloud] => C: Program Files Adobe Adobe Creative Cloud ACC Creative Cloud.exe [779440 2021-04-29] (Adobe Inc. -> Adobe Inc.)

HKLM-x32 … Exécuter: [StartCCC] => C: Program Files (x86) ATI Technologies ATI.ACE Core-Static CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

HKLM-x32 … Exécuter: [AMD AVT] => Cmd.exe / c start "Initialisation du périphérique de transcodage vidéo accéléré AMD" / min "C: Program Files (x86) AMD AVT bin kdbsync.exe" aml

HKLM-x32 … Exécuter: [HP Software Update] => C: Program Files (x86) HP HP Software Update HPWuSchd2.exe [96056 2013-05-30] (Société Hewlett-Packard -> Hewlett-Packard)

HKLM-x32 … Exécuter: [Adobe CCXProcess] => C: Program Files (x86) Adobe Adobe Creative Cloud Experience CCXProcess.exe [129288 2021-02-23] (Adobe Inc. ->)

HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Common Files Java Java Update jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [Spotify Web Helper] => C: Users DimeloJuan AppData Roaming Spotify SpotifyWebHelper.exe [2355312 2016-02-11] (Spotify AB -> Spotify Ltd)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [Spotify] => C: Users DimeloJuan AppData Roaming Spotify Spotify.exe [8449136 2016-02-11] (Spotify AB -> Spotify Ltd)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [BingSvc] => C: Users DimeloJuan AppData Local Microsoft BingSvc BingSvc.exe [144008 2015-11-11] (Microsoft Corporation -> © 2015 Microsoft Corporation)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [Uploader] => C: Program Files (x86) Seagate Seagate Dashboard 2.0 Seagate.Dashboard.Uploader.exe [143080 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [Google Update] => C: Users JennLaiBran AppData Local Google Update GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1001 … Exécuter: [Google Photos Backup] => C: Users JennLaiBran AppData Local Programs Google Google Photos Backup Google Photos Backup.exe [3791704 2018-06-01] (Google Inc -> Google, Inc)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Uploader] => C: Program Files (x86) Seagate Seagate Dashboard 2.0 Seagate.Dashboard.Uploader.exe [143080 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Google Update] => C: Users JennLaiBran AppData Local Google Update 1.3.36.82 GoogleUpdateCore.exe [217432 2021-04-20] (Google LLC -> Google LLC)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Google Photos Backup] => C: Users JennLaiBran AppData Local Programs Google Google Photos Backup Google Photos Backup.exe [3791704 2018-06-01] (Google Inc -> Google, Inc)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [iCloudServices] => C: Program Files (x86) Common Files Apple Internet Services iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Reflect UI] => C: Program Files Macrium Common ReflectUI.exe [3465608 2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [ApplePhotoStreams] => C: Program Files (x86) Common Files Apple Internet Services ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [iCloudPhotos] => C: Program Files (x86) Common Files Apple Internet Services iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [iCloudDrive] => C: Program Files (x86) Common Files Apple Internet Services iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Cricut Design Space3] => C: Users JennLaiBran AppData Roaming CricutDesignSpace3 BRIDGE CricutLauncher4.exe [459784 2018-04-19] (Provo Craft & Novelty, Inc. -> Provo Craft & Novelty, Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Spotify Web Helper] => C: Users JennLaiBran AppData Roaming Spotify SpotifyWebHelper.exe [774544 2018-08-30] (Spotify AB -> Spotify Ltd)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [EpicGamesLauncher] => C: Program Files (x86) Epic Games Launcher Portal Binaries Win64 EpicGamesLauncher.exe [33031648 2021-05-04] (Epic Games Inc. -> Epic Games, Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Steam] => C: Program Files (x86) Steam steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [NordVPN] => C: Program Files NordVPN NordVPN.exe [274176 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [Synapse3] => C: Program Files (x86) Razer Synapse3 WPFUI Framework Razer Synapse 3 Host Razer Synapse 3.exe [3519040 2021-04-20] (Razer USA Ltd. -> Razer Inc.)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 … Exécuter: [SUPERAntiSpyware] => C: Program Files SUPERAntiSpyware SUPERAntiSpyware.exe [11221496 2021-04-19] (Support.com Inc -> SUPERAntiSpyware)

HKU S-1-5-21-4002825611-2205535967-4095611985-1004 Panneau de configuration Bureau \ SCRNSAVE.EXE -> C: WINDOWS system32 scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

HKU S-1-5-18 … Exécuter: [Synapse3] => C: Program Files (x86) Razer Synapse3 WPFUI Framework Razer Synapse 3 Host Razer Synapse 3.exe [3519040 2021-04-20] (Razer USA Ltd. -> Razer Inc.)

HKLM … Windows x64 Processeurs d'impression hpzppw71: C: Windows System32 spool prtprocs x64 hpzppw71.dll [230400 2015-11-19] (Éditeur de compatibilité matérielle Microsoft Windows -> Hewlett-Packard Corporation)

HKLM … Print Monitors PCL hpz3lw71: C: WINDOWS system32 hpz3lw71.dll [46080 2015-11-19] (Éditeur de compatibilité matérielle Microsoft Windows -> Hewlett-Packard Corporation)

HKLM Software Microsoft Active Setup Composants installés: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 90.0.4430.93 Installer chrmstp.exe [2021-04-26] (Google LLC -> Google LLC)

Fournisseurs HKLM Software … Authentication Credential: [503739d0-4c5e-4cfd-b3ba-d881334f0df2] ->

Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Startup HP Digital Imaging Monitor.lnk [2018-03-28]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C: Program Files (x86) HP Digital Imaging bin hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

Démarrage: C: Users JennLaiBran AppData Roaming Microsoft Windows Menu Démarrer Programmes Startup Facebook Gameroom.lnk [2017-11-18]

ShortcutTarget: Facebook Gameroom.lnk -> C: Users JennLaiBran AppData Local Facebook Games FacebookGameroom.exe (Facebook, Inc. -> Facebook) [File not signed]

GroupPolicy: Restriction? <==== ATTENTION

Stratégies: C: ProgramData NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (sur liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 00FF1F6B-A89C-48A9-B46C-62D7D4F2C6EB – System32 Tasks Microsoft Windows Media Center RecordingRestart => C: WINDOWS ehome ehrec.exe

Tâche: 01CDBF19-D484-4FEE-BF12-E35EB2330E7D – System32 Tasks GoogleUpdateTaskMachineUA1d57d7d43730d1 => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Tâche: 036F729D-734E-406A-822C-6BFA36A6B474 – System32 Tasks Microsoft Windows MobilePC HotStart => 06DA0625-9701-43DA-BFD7-FBEEA2180A1E

Tâche: 0761DB87-EB34-4E92-B6B4-D178317D05AB – Microsoft Windows UNP RunCampaignManager -> Aucun fichier <==== ATTENTION

Tâche: 09838FCC-BA35-4D85-ABAE-183F43341736 – Microsoft Windows Setup gwx refreshgwxcontent -> Aucun fichier <==== ATTENTION

Tâche: 13A9F39A-E8FC-4803-88D9-23C8AB5AA019 – System32 Tasks Microsoft Windows Media Center PBDADiscovery => C: WINDOWS ehome ehPrivJob.exe

Tâche: 14BEE5F6-0013-46EE-AA03-3AD4FAD74C01 – System32 Tasks Microsoft Windows Media Center OCURActivate => C: WINDOWS ehome ehPrivJob.exe

Tâche: 15DF18D6-D843-422C-8281-127AB5391F2E – Tâche de mise à jour des définitions System32 Tasks Microsoft Windows Live SOXE Extractor => 3519154C-227E-47F3-9CC9-12C3F05817F1

Tâche: 184DCD0F-10C2-4370-907C-606077DE8222 – System32 Tasks Norton 360 Norton 360 Error Processor => C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 SymErr.exe [115640 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Tâche: 1E65059E-C96B-4B0C-B01E-218639F5214E – System32 Tasks Microsoft Windows Media Center PvrRecoveryTask => C: WINDOWS ehome mcupdate.exe

Tâche: 20759BC8-8759-46B1-BDBC-C0A48D1D02F1 – System32 Tasks GPU Tweak II => C: Program Files (x86) ASUS GPU TweakII GPUTweakII.exe [12945512 2018-11-23] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)

Tâche: 23DD6C96-EEA5-4FDC-9C4A-D6CE1C8BB048 – Microsoft Windows Setup gwx refreshgwxconfig -> Aucun fichier <==== ATTENTION

Tâche: 25CCB0DE-51D0-4F90-B731-7DF43EEF558D – System32 Tasks Microsoft Windows Media Center PBDADiscoveryW1 => C: WINDOWS ehome ehPrivJob.exe

Tâche: 2A87B9B2-07B2-48AE-826E-CDADE87AA03C – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Tâche: 2C7A59CC-EEAB-4FD7-8A6B-C413DB025A26 – System32 Tasks Microsoft Windows Media Center MediaCenterRecoveryTask => C: WINDOWS ehome mcupdate.exe

Tâche: 2E4A7B22-DD77-48BB-8CB0-8A0D8CA7FA71 – System32 Tasks Norton 360 Norton 360 Error Analyzer => C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 SymErr.exe [115640 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Tâche: 332652B6-86E5-467D-A89B-A2E3B31B1DE6 – System32 Tasks Norton WSC Integration => C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 WSCStub.exe [643584 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Tâche: 35BFD286-5A3E-4913-99DB-EE21149C87C3 – System32 Tasks Microsoft Windows Media Center ActivateWindowsSearch => C: WINDOWS ehome ehPrivJob.exe

Tâche: 36C0D078-B4F3-4E99-82F9-8C616640100B – System32 Tasks GoogleUpdateTaskMachineCore1d50b35855697 => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Tâche: 3A96CAF2-E7C9-4A7D-BC72-297CBABA67FF – System32 Tasks Microsoft Windows Media Center PeriodicScanRetry => C: WINDOWS ehome MCUpdate.exe

Tâche: 406D21D8-B309-441B-B3C1-EF3CA9A0B143 – System32 Tasks Microsoft Windows rempl shell => C: Program Files rempl sedlauncher.exe

Tâche: 40ECDB74-FAC8-4608-8450-A15804A283C3 – Microsoft Windows Setup GWXTriggers Telemetry-4xd -> Aucun fichier <==== ATTENTION

Tâche: 42AB6170-5F5A-4225-A82D-D9208847BC3F – System32 Tasks Norton 360 Norton 360 Autofix => C: Program Files (x86) Norton Internet Security Engine 22.21.2.50 SymErr.exe [115640 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Tâche: 46505ADB-1B44-45E0-AFE4-6314D666420A – Microsoft Windows Setup GWXTriggers refreshgwxconfig-B -> Aucun fichier <==== ATTENTION

Tâche: 486D715E-6AA2-44CF-BC48-B6990CBB53C6 – System32 Tasks Microsoft Windows Shell WindowsParentalControlsMigration => 343D770D-7788-47C2-B62A-B7C4CED925CB

Tâche: 4989B74B-9F8E-4C86-A406-F281372E8059 – System32 Tasks ASUS ASUS Update Checker => C: Program Files (x86) ASUS ASUSUpdate UpdateChecker UpdateChecker.exe [114688 2008-12-11] () [File not signed]

Tâche: 4B0AB4F8-4648-43A9-B52F-94761DAF0267 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 4BB83314-8A00-4D33-872F-37A2520B57FB – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => c: Program Files Microsoft Security Client MpCmdRun.exe

Tâche: 4CC09752-E451-4757-919F-89B67BB436C5 – System32 Tasks Microsoft Windows Media Center ehDRMInit => C: WINDOWS ehome ehPrivJob.exe

Tâche: 56EA0882-F5C8-406E-B65D-D881492121EB – System32 Tasks Seagate_Install_Launch => C: Program Files (x86) Seagate Seagate Dashboard 2.0 Dashboard.exe [1942208 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

Tâche: 5B42DD9C-5A26-4F27-BB95-34603F0997E5 – System32 Tasks Microsoft Windows Shell WindowsParentalControls => DFA14C43-F385-4170-99CC-1B7765FA0E4A

Tâche: 6179A6B2-BACA-4849-867A-15ACF9FA2025 – System32 Tasks PostponeDeviceSetupToast_S-1-5-21-4002825611-2205535967-4095611985-1001_0 => 5ded83ef-1e99-648cb8-bf System32 oobe UserOOBE.dll [412160 2021-03-12] (Microsoft Windows -> Microsoft Corporation)

Tâche: 67341CF5-5F65-4DE9-AC73-AF2B44474C73 – System32 Tasks Norton Internet Security Norton Internet Security Error Analyzer => C: Program Files (x86) Norton Internet Security Engine 22.20.1.69 SymErr. EXE

Tâche: 67A93AC8-4770-4E0A-B8AA-07EE7B26CB95 – System32 Tasks Microsoft Windows Media Center mcupdate_scheduled => C: WINDOWS ehome mcupdate.exe

Tâche: 685A12F2-9D30-4502-8CF2-17467AB9C2E3 – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004UA => C: Users JennLaiBran Google AppData Local Update GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: 6F9FCFE9-9671-427E-9B85-A3F707C039D6 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Tâche: 745FB4AD-56C9-430D-B6F0-90F4F1488A93 – System32 Tasks Microsoft Windows Media Center PBDADiscoveryW2 => C: WINDOWS ehome ehPrivJob.exe

Tâche: 74D0CC23-21F1-4586-949E-4EABD9F7C1B4 – System32 Tasks Slice of Life update => C: Users JennLaiBran Documents Electronic Arts The Sims 4 Mods KS – Slice of Life Mod Updater .EXE

Tâche: 75786E5B-AB05-49DD-9000-94DEB8B83FA7 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 77FEFC39-A3CA-40AA-B329-B292E499B77B – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004Core => C: Users JennLaiBran AppData Local Google Update GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: 7A7C512B-5B4E-4806-B084-0D6D4DFC374A – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004UA1d257ed777a5f04 = mise à jour locale GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: 7ABB8756-5999-4BF4-853C-F5A13FF83C1A – System32 Tasks Microsoft Windows Media Center mcupdate => C: WINDOWS ehome mcupdate.exe

Tâche: 7EA64CAB-44A5-485F-B29B-CCE4044B0E0A – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5229504 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 8079727A-E354-4C35-9D19-E718B26D4AAD – System32 Tasks Norton Internet Security Norton Internet Security Autofix => C: Program Files (x86) Norton Internet Security Engine 22.20.1.69 SymErr.exe

Tâche: 853E990C-FDEE-4077-947D-699859980FE7 – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

Tâche: 8722C23E-8AB7-4A48-A656-4CC6AD3BA303 – System32 Tasks Microsoft Windows Media Center PvrScheduleTask => C: WINDOWS ehome mcupdate.exe

Tâche: 880CAADF-2F89-4069-A9EB-52A7A76CC4F3 – System32 Tasks Microsoft Windows Media Center OCURDiscovery => C: WINDOWS ehome ehPrivJob.exe

Tâche: 8BA22ABC-F0BA-4034-843A-92254FC7B269 – System32 Tasks Remediation AntimalwareMigrationTask => C: Program Files Common Files AV Norton 360 Upgrade.exe [2344608 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Tâche: 8C27292F-359B-448B-BD1D-C4B1A0C5018B – System32 Tasks Microsoft Microsoft Antimalware MpIdleTask => c: Program Files Microsoft Security Client MpCmdRun.exe

Tâche: 8E0FA1AE-4593-45CE-A0CA-1B8ADE6A65E1 – OfficeSoftwareProtectionPlatform SvcRestartTask -> Aucun fichier <==== ATTENTION

Tâche: 8E258024-1C3E-43B2-9C45-92E88D88E6DD – System32 Tasks Microsoft Windows SideShow GadgetManager => FF87090D-4A9A-4F47-879B-29A80C355D61

Tâche: 90451211-E151-47FA-89E7-4F90CC358B1A – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5229504 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 917F7D48-FBD4-4E99-9D70-FD881FB4C88A – System32 Tasks Final Media Player Update Checker => C: Program Files (x86) FinalMediaPlayer FMPCheckForUpdates.exe [1642896 2015-12-30] (Logiciel Bitberry -> Logiciel Bitberry)

Tâche: 93456F69-455E-40EB-97F2-88B2DCD1DEC3 – System32 Tasks Microsoft Windows Media Center ObjectStoreRecoveryTask => C: WINDOWS ehome mcupdate.exe

Tâche: 997DC9AC-BE19-42E4-BF66-C3169273D2AE – Microsoft Windows Setup GWXTriggers Logon-5d -> Aucun fichier <==== ATTENTION

Tâche: 9C4BFFF8-8560-490C-AC62-A9FE32C9551A – System32 Tasks Microsoft Windows Media Center UpdateRecordPath => C: WINDOWS ehome ehPrivJob.exe

Tâche: A0CCCF59-0663-4280-A185-8DF060E70382 – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004Core1d57e1c5aa6ec90 => C: Users JennData JennData Local Update GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: A2D01F4D-4A4B-4EC7-B48A-0BA51AB687E1 – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files Microsoft Office root Office16 sdxhelper.exe [141144 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: A5F431F0-169A-4618-8A45-EE079C80F965 – System32 Tasks Norton Internet Security Norton Internet Security Error Processor => C: Program Files (x86) Norton Internet Security Engine 22.20.1.69 SymErr. EXE

Tâche: A662Dealog-3930-4880-B78A-7384EE25E437 – System32 Tasks Microsoft Windows Media Center ReindexSearchRoot => C: WINDOWS ehome ehPrivJob.exe

Tâche: A6C17E29-E326-4280-A50B-664A39CB1700 – System32 Tasks Microsoft Windows Media Center RegisterSearch => C: WINDOWS ehome ehPrivJob.exe

Tâche: AE9D47DE-49CB-4F01-B7E3-1DBC9CAE99CC – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004Core1d257ed776af573 => C: Users JennLaiBran Local Update GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: B0CBAB43-44FC-469B-A4CE-87426761FDCE – System32 Tasks Microsoft Windows PerfTrack BackgroundConfigSurveyor => EA9155A3-8A39-40B4-8963-D3C761B18371

Tâche: B4862DEC-47CA-4F16-A840-684F8B73B053 – System32 Tasks Microsoft Windows SideShow SessionAgent => 45F26E9E-6199-477F-85DA-AF1EDFE067B1

Tâche: C003E6CC-CA48-4EC4-B82E-235745FFBD82 – System32 Tasks Apple AppleSoftwareUpdate => C: Program Files (x86) Apple Software Update SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)

Tâche: C6D361BF-8EDC-4A31-A2F7-49F449C78778 – System32 Tasks Microsoft Windows Media Center InstallPlayReady => C: WINDOWS ehome ehPrivJob.exe

Tâche: CBC8CAEC-F07D-4A28-90D5-F252CC6A45B1 – System32 Tasks Microsoft Windows Media Center ConfigureInternetTimeService => C: WINDOWS ehome ehPrivJob.exe

Tâche: D50C3534-423C-4439-B8E0-3ACA70CF40CC – Microsoft Windows Setup gwx launchtrayprocess -> Aucun fichier <==== ATTENTION

Tâche: D515E28C-D6A7-49F7-84B3-47CAE2FB2D00 – System32 Tasks Microsoft Office Office Feature Updates Logon => C: Program Files Microsoft Office root Office16 sdxhelper.exe [141144 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: D7FF9EAE-4586-4166-850B-7C4F1074AE18 – System32 Tasks Microsoft Windows Media Center SqlLiteRecoveryTask => C: WINDOWS ehome mcupdate.exe

Tâche: D830AA8F-7BD4-4FCC-BB96-30B264E745E2 – Microsoft Windows Setup GWXTriggers MachineUnlock-5d -> Aucun fichier <==== ATTENTION

Tâche: D853C376-007C-4E4C-8026-79459D672E4B – Microsoft Windows Setup GWXTriggers Time-5d -> Aucun fichier <==== ATTENTION

Tâche: DDE13D03-DB6B-44DC-BD01-176B75E0A99B – System32 Tasks BlueStacksHelper => C: ProgramData BlueStacks Client Helper BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

Tâche: E2637214-EEFA-47CB-B7B1-3079FEA6B3E3 – Microsoft Windows Setup GWXTriggers OutOfIdle-5d -> Aucun fichier <==== ATTENTION

Tâche: E585F577-E9BD-48E1-8196-D25A9C8FC183 – System32 Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004UA1d57e1c5aaae431 Google = Mise à jour locale Utilisateurs GoogleUpdate.exe [154440 2016-02-06] (Google Inc -> Google Inc.)

Tâche: F67BF48E-C074-461C-BBCD-D72861F477DD – System32 Tasks Microsoft Windows SideShow AutoWake => E51DFD48-AA36-4B45-BB52-E831F02E8316

Tâche: F6C5B5F3-0512-498D-9F60-20CBBA80D95D – Microsoft Windows Setup gwx refreshgwxconfigandcontent -> Aucun fichier <==== ATTENTION

Tâche: FD640DB8-7BD7-4BCE-9661-3167A218F0FD – System32 Tasks Microsoft Windows Media Center DispatchRecoveryTasks => C: WINDOWS ehome ehPrivJob.exe

Tâche: FDF2AFF0-3B60-499A-AE21-3EA0F2FB8E01 – System32 Tasks Microsoft Windows SideShow SystemDataProviders => 7CCA6768-8373-4D28-8876-83E8B4E3A969

Tâche: FEB3B4B6-A4B1-4CB6-A47D-FE0C7EC1BD16 – System32 Tasks AdobeGCInvoker-1.0 => C: Program Files (x86) Common Files Adobe AdobeGCClient AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

Tâche: FEDD63DE-9260-4A66-B734-251DC066011B – Microsoft Windows Setup GWXTriggers OutOfSleep-5d -> Pas de fichier <==== ATTENTION

(Si une entrée est incluse dans la liste de correctifs, le fichier de la tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: WINDOWS Tasks CreateExplorerShellUnelevatedTask.job => C: WINDOWS explorer.exe

Tâche: C: WINDOWS Tasks Final Media Player Update Checker.job => C: Program Files (x86) FinalMediaPlayer FMPCheckForUpdates.exe

Tâche: C: WINDOWS Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004Core.job => C: Users JennLaiBran AppData Local Google Update GoogleUpdate.exe

Tâche: C: WINDOWS Tasks GoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004UA.job => C: Users JennLaiBran AppData Local Google Update GoogleUpdate.exe

==================== Internet (sur liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)

Hôtes: 127.0.0.1 www.cricut.io

Tcpip Paramètres: [DhcpNameServer] 192.168.1.1

Tcpip .. Interfaces ec12fdc7-c4f0-4dc7-a937-8a3fefc7b5c3: [DhcpNameServer] 192.168.1.1

Bord:

=======

DownloadDir: C: Users JennLaiBran Downloads

Extension Edge: (sans nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe Assets HostExtensions AutoFormFill [not found]

Extension Edge: (sans nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe Assets BookViewer [not found]

Extension Edge: (sans nom) -> EdgeExtension_EbatesEbatesCashBack_qvn24pjydtpgr => C: Program Files WindowsApps Ebates.EbatesCashBack_4.38.0.0_neutral__qvn24pjydtpgr [not found]

Extension Edge: (sans nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe Assets HostExtensions LearningTools [not found]

Extension Edge: (sans nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe Assets HostExtensions PinJSAPI [not found]

Edge DefaultProfile: Par défaut

Profil Edge: C: Users JennLaiBran AppData Local Microsoft Edge User Data Default [2021-05-05]

Renard de feu:

========

Plugin FF: @ java.com / DTPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin dtplugin npDeployJava1.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @ java.com / JavaPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin plugin2 npjp2.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @ Microsoft.com / NpCtrl, version = 1.0 -> C: Program Files Microsoft Silverlight 5.1.50918.0 npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF: @ microsoft.com / OfficeAuthz, version = 14.0 -> C: PROGRA ~ 1 MICROS ~ 1 Office14 NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root Office16 NPSPWRAP.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Plug-in FF: adobe.com/AdobeAAMDetect -> C: Program Files (x86) Adobe Adobe Creative Cloud Utils npAdobeAAMDetect64.dll [2021-04-29] (Adobe Inc. -> Adobe Systems)

FF Plugin-x32: @ adobe.com / ShockwavePlayer -> C: Windows SysWOW64 Adobe Director np32dsw_1209149.dll [2014-01-28] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @canon.com/MycameraPlugin -> C:Program Files (x86)CanonMyCamera Download PluginNPCIG.dll [2008-10-15] (CANON INC.) [File not signed]

FF Plugin-x32: @Citrix.com/npican -> C:Program Files (x86)CitrixICA ClientnpicaN.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2021-04-29] (Adobe Inc. -> Adobe Systems)

FF Plugin HKUS-1-5-21-4002825611-2205535967-4095611985-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:UsersJennLaiBranAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll [2017-03-08] (Unity Technologies SF -> Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:UsersJennLaiBranAppDataRoamingmozillapluginsnpatgpc.dll [2017-04-27]

Chrome:

=======

CHR DefaultProfile: Profile 1

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefault [2021-05-05]

CHR Notifications: Default -> hxxps://chatsupport.apple.com; hxxps://mail.google.com; hxxps://www.pinterest.com

CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=863135388&param1=y6bdVFVIsvuYsgEClQfz8IfaIrULFWUA2DMVetLqXBqGtmB8vcgD5VoCB4eV7XuJh%2BnN3PW7ckQt2lQVA7p%2FrFtWm2Zzryo9x3rIW75AwmjD1SJJTAgOa9W3PI%2FY%2BoSFIgwtJp96gDRGJDlObGR8FXmbG02gHzdg2m3Q1yM0%2FAUDtsh3RaNapMrLjnzZf1UIbXiyjYzLyzzO%2FxQ%2FdN%2BlxBSTRbcbQr1h4TnLCYUZ4QIQLIDrvtNeOCRXAwhOgbqB%2BeD043%2B7WYDu0MW02qz0IIDcGOdY2NS%2FTY8QvN3%2FdzA%3D

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]

CHR Extension: (Safe Torrent Scanner) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsaegnopegbbhjeeiganiajffnalhlkkjb [2021-02-08]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-14]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-24]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]

CHR Extension: (Rakuten: Get Cash Back For Shopping) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionschhjbpecpncaggjpdakmflnfcopglcmi [2021-04-28]

CHR Extension: (Videostream for Google Chromecast™) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionscnciopoikihiagdjbjpnocolokfelagl [2020-05-21]

CHR Extension: (Google Search) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]

CHR Extension: (Chromebleed) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionseeoekjnjgppnaegdjbcafdggilajhpic [2016-10-30]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-04]

CHR Extension: (BlockSite – Stay Focused & Control Your Time) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionseiimnmioipafcokbfikbljfdeojpcgbh [2021-05-04]

CHR Extension: (Hulu) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsepffkfffophpagfbbklffindaiconkmc [2020-07-22]

CHR Extension: (Google Play Music) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsfahmaaghhglfmonjliepjlchgpgfmobi [2020-11-19]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-14]

CHR Extension: (Stylish – Custom themes for any website) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsfjnbnpbmkenffdnngjfgmeleoegfcffe [2020-09-19]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-22]

CHR Extension: (Google Play Music) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsicppfcnhkcmnfdhfhphakoifcfokfdhg [2017-07-21]

CHR Extension: (Norton Identity Safe) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsiikflkcanblccfahdhdonehdalibjnif [2016-08-14]

CHR Extension: (Grammarly for Chrome) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionskbfnbcaeplbcioakkpcpgfkobkghlhen [2021-04-29]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

CHR Extension: (Privacy Badger) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataDefaultExtensionspkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-02-06]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataGuest Profile [2021-05-05]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1 [2021-05-05]

CHR Notifications: Profile 1 -> hxxps://community.v2.co; hxxps://gitter.im; hxxps://learn-co.slack.com; hxxps://learn.co; hxxps://markets.businessinsider.com; hxxps://voice.google.com; hxxps://www.instagram.com; hxxps://www.linkedin.com; hxxps://www.metro.pr; hxxps://www.usatoday.com; hxxps://www.wayfair.com

CHR HomePage: Profile 1 -> hxxp://google.com/

CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/","hxxp://old.reddit.com/"

CHR DefaultSearchURL: Profile 1 -> hxxps://www.google.com/search?source=hp&ei=xJ_RW-aKDIjv_QaD8o_YDg&q=searchTerms&btnK=Google+Search&oq=roblx&gs_l=psy-ab.1.0.0i10l10.37894.41249..43163…0.0..0.215.680.1j3j1……0….1..gws-wiz…….0j0i131.E2zigPmxgao

CHR DefaultSearchKeyword: Profile 1 -> google.com_

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-19]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionscfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]

CHR Extension: (Chromebleed) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionseeoekjnjgppnaegdjbcafdggilajhpic [2016-10-28]

CHR Extension: (BlockSite – Stay Focused & Control Your Time) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionseiimnmioipafcokbfikbljfdeojpcgbh [2021-05-04]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-13]

CHR Extension: (Stylish – Custom themes for any website) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsfjnbnpbmkenffdnngjfgmeleoegfcffe [2020-03-24]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]

CHR Extension: (Norton Identity Safe) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsiikflkcanblccfahdhdonehdalibjnif [2016-10-22]

CHR Extension: (Google Hangouts) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsnckgahadagoaajjgafhacjanaoiihapd [2020-08-12]

CHR Extension: (MetaMask) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsnkbihfbeogaeaoehlefnkodbefgpgknn [2021-04-18]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

CHR Extension: (Privacy Badger) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 1Extensionspkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-02-05]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2 [2021-05-05]

CHR Notifications: Profile 2 -> hxxps://mail.google.com

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-01-14]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsaohghmighlieiainnegkcijnfilokake [2019-01-14]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-11-12]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-14]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-04-06]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-01-14]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-11-12]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 2Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-25]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3 [2021-05-05]

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-01-26]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsaohghmighlieiainnegkcijnfilokake [2020-01-26]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-25]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-26]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-02]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-01-26]

CHR Extension: (Stylish – Custom themes for any website) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsfjnbnpbmkenffdnngjfgmeleoegfcffe [2020-10-17]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 3Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4 [2021-05-05]

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-04-22]

CHR Extension: (Safe Torrent Scanner) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsaegnopegbbhjeeiganiajffnalhlkkjb [2021-02-08]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsaohghmighlieiainnegkcijnfilokake [2020-04-22]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-26]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-22]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-02]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-04-22]

CHR Extension: (Write on Web) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsfhdnnnonejjamkdfpeckggkaejdjhpen [2020-09-08]

CHR Extension: (McAfee® WebAdvisor) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsfheoggkfdfchfphceeifdbepaooicaho [2021-04-24]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]

CHR Extension: (Zoom) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionshmbjbjdpkobdjplfobhljndfdfdipjhg [2021-04-21]

CHR Extension: (Kami – PDF and Document Annotation) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsiljojpiodmlhoehoecppliohmplbgeij [2021-03-02]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]

CHR Extension: (NWEA Secure Testing) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsomkghcboodpimaoimdkmigofhjcpmpeb [2021-04-26]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Absolute for Chromebooks) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 4Extensionsppekcckcjcgeemipfchnahikkhdjnpej [2021-03-08]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5 [2021-05-05]

CHR Notifications: Profile 5 -> hxxps://www.youtube.com

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-09-02]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsaohghmighlieiainnegkcijnfilokake [2020-09-02]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-20]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-02]

CHR Extension: (Kami for Google Chrome™) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsecnphlgnajanjnkcmbpancdjoidceilk [2021-04-30]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-11]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-09-02]

CHR Extension: (Proctorio) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsfpmapakogndmenjcfoajifaaonnkpkei [2021-04-20]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]

CHR Extension: (GoGuardian) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionshaldlgldplgnggkjaafhelgiaglafanh [2021-04-30] [UpdateUrl:hxxps://ext.goguardian.com/stable.xml] <==== ATTENTION

CHR Extension: (Zoom) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionshmbjbjdpkobdjplfobhljndfdfdipjhg [2021-04-21]

CHR Extension: (Kami – PDF and Document Annotation) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsiljojpiodmlhoehoecppliohmplbgeij [2021-03-10]

CHR Extension: (GoGuardian License) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsilnmmookbkhkdmkjbfppddenkepgjljl [2021-03-29] [UpdateUrl:hxxp://goguardian.com/licenses/update.php] <==== ATTENTION

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 5Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-27]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6 [2021-05-05]

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-09-19]

CHR Extension: (Safe Torrent Scanner) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsaegnopegbbhjeeiganiajffnalhlkkjb [2021-02-09]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsaohghmighlieiainnegkcijnfilokake [2020-09-19]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-31]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-19]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-13]

CHR Extension: (BlockSite – Stay Focused & Control Your Time) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionseiimnmioipafcokbfikbljfdeojpcgbh [2021-05-04]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-09-19]

CHR Extension: (Stylish – Custom themes for any website) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsfjnbnpbmkenffdnngjfgmeleoegfcffe [2020-11-30]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 6Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7 [2021-05-05]

CHR Notifications: Profile 7 -> hxxps://www.youtube.com

CHR Extension: (Slides) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-04-10]

CHR Extension: (Safe Torrent Scanner) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsaegnopegbbhjeeiganiajffnalhlkkjb [2021-04-10]

CHR Extension: (Docs) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsaohghmighlieiainnegkcijnfilokake [2021-04-10]

CHR Extension: (Google Drive) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-04-10]

CHR Extension: (YouTube) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-10]

CHR Extension: (Adobe Acrobat) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-04-10]

CHR Extension: (Sheets) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-04-10]

CHR Extension: (McAfee® WebAdvisor) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsfheoggkfdfchfphceeifdbepaooicaho [2021-04-29]

CHR Extension: (Google Docs Offline) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-23]

CHR Extension: (Chrome Web Store Payments) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-10]

CHR Extension: (Gmail) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-04-10]

CHR Extension: (Chrome Media Router) – C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataProfile 7Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-29]

CHR Profile: C:UsersJennLaiBranAppDataLocalGoogleChromeUser DataSystem Profile [2021-05-05]

CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

CHR HKUS-1-5-21-4002825611-2205535967-4095611985-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [fcfenmboojpjinhpgggodefccipikbpd]

CHR HKLM-x32…ChromeExtension: [aegnopegbbhjeeiganiajffnalhlkkjb]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)

R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [842416 2021-04-29] (Adobe Inc. -> Adobe Inc.)

R2 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)

R2 asComSvc; C:Program Files (x86)ASUSAXSP4.00.01atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [7356680 2018-12-09] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)

R2 EABackgroundService; C:Program FilesElectronic ArtsEA DesktopEA DesktopEABackgroundService.exe [9529240 2021-05-04] (Electronic Arts, Inc. -> Electronic Arts)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [802432 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 IDriverT; C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S4 MacriumService; C:Program FilesMacriumCommonMacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7456464 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [971976 2021-04-29] (McAfee, LLC -> McAfee, LLC)

R2 Net Driver HPZ12; C:WindowsSystem32HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

R2 nordvpn-service; C:Program FilesNordVPNnordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)

R2 NortonSecurity; C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50NortonSecurity.exe [343336 2021-03-26] (NortonLifeLock Inc. -> Symantec Corporation)

R2 nsWscSvc; C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50nsWscSvc.exe [1054536 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2545752 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3485784 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)

R2 Pml Driver HPZ12; C:WindowsSystem32HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

R2 postgresql-x64-9.5; C:Program FilesPostgreSQL9.5binpg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]

R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [1132056 2021-04-13] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [321560 2021-04-13] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [294464 2021-04-20] (Razer USA Ltd. -> Razer Inc.)

R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)

R2 Seagate Dashboard Services; C:Program Files (x86)SeagateSeagate Dashboard 2.0Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

R2 Seagate MobileBackup Service; C:Program Files (x86)SeagateSeagate Dashboard 2.0MobileService.exe [143560 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)

S4 ss_conn_service; C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)

R2 THXService; C:Program Files (x86)RazerTHXServiceDriversx64THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:WINDOWSSystem32driversaftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R1 AsIO; C:WindowsSysWow64driversAsIO.sys [14392 2017-07-14] (ASUSTeK Computer Inc. -> )

R3 ASUSVRC64; C:WINDOWSSystem32driversAsusVRC64.sys [23424 2008-10-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK COMPUTER INC.)

R1 BHDrvx64; C:Program Files (x86)Norton Internet SecurityNortonData22.7.0.76DefinitionsBASHDefs20210427.011BHDrvx64.sys [1995864 2021-03-16] (Symantec Corporation -> Broadcom)

S3 BstkDrv; C:Program Files (x86)BlueStacksBstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc.)

R1 ccSet_NGC; C:WINDOWSSystem32driversNGCx641615020.032ccSetx64.sys [192248 2021-03-26] (Symantec Corporation -> Symantec Corporation)

R1 eeCtrl; C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys [516168 2021-02-02] (Symantec Corporation -> Broadcom)

R3 EraserUtilRebootDrv; C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [153672 2021-04-18] (Symantec Corporation -> Broadcom)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [199128 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R1 IDSVia64; C:Program Files (x86)Norton Internet SecurityNortonData22.7.0.76DefinitionsIPSDefs20210504.061IDSvia64.sys [1488976 2021-04-05] (Symantec Corporation -> Broadcom)

R4 IOMap; C:WINDOWSsystem32driversIOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S3 libusb0; C:WINDOWSsystem32DRIVERSlibusb0.sys [44480 2011-05-17] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [220752 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [198888 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [77496 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [157944 2021-05-05] (Malwarebytes Inc -> Malwarebytes)

R3 MTsensor; C:WINDOWSsystem32DRIVERSASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )

R2 NDivert; C:WINDOWSSystem32driversNDivert.sys [105184 2021-01-27] (TEFINCOM S.A. -> )

R3 nlwt; C:WINDOWSsystem32DRIVERSnlwt.sys [39360 2020-10-26] (TEFINCOM S.A. -> WireGuard LLC)

R1 nordlwf; C:WINDOWSsystem32DRIVERSnordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)

S3 nsvst_NGC; C:WINDOWSSystem32driversNGCx641615020.032nsvst.sys [56912 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0521; C:WINDOWSSystem32driversRzDev_0521.sys [53144 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0f19; C:WINDOWSSystem32driversRzDev_0f19.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SRTSP; C:WINDOWSSystem32driversNGCx641615020.032SRTSP64.SYS [890464 2021-03-26] (Symantec Corporation -> Broadcom)

R1 SRTSPX; C:WINDOWSSystem32driversNGCx641615020.032SRTSPX64.SYS [50272 2021-03-26] (Symantec Corporation -> Broadcom)

R3 sTHXVAD; C:WINDOWSSystem32driversTHXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)

R0 SymEFASI; C:WINDOWSSystem32driversNGCx641615020.032SYMEFASI64.SYS [2060656 2021-03-26] (Symantec Corporation -> Broadcom)

S0 SymELAM; C:WINDOWSSystem32driversNGCx641615020.032SymELAM.sys [25080 2021-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)

R3 SymEvent; C:WINDOWSsystem32DriversSYMEVENT64x86.SYS [100064 2019-03-24] (Symantec Corporation -> Symantec Corporation)

R3 SymEvnt; C:Program Files (x86)Norton Internet SecurityNortonData22.7.0.76SymPlatformSymEvnt.sys [712368 2020-01-11] (Symantec Corporation -> Symantec Corporation)

R1 SymIRON; C:WINDOWSSystem32driversNGCx641615020.032Ironx64.SYS [316488 2021-03-26] (Symantec Corporation -> Symantec Corporation)

R1 SymNetS; C:WINDOWSSystem32driversNGCx641615020.032symnets.sys [575328 2021-03-26] (Symantec Corporation -> Symantec Corporation)

R3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)

S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

R1 wpCtrlDrv_NGC; C:WINDOWSSystem32driversNGCx641615020.032wpCtrlDrv.sys [1013792 2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-05 13:56 – 2021-05-05 13:57 – 000069439 _____ C:UsersJennLaiBranDownloadsFRST.txt

2021-05-05 13:55 – 2021-05-05 13:56 – 000000000 ____D C:FRST

2021-05-05 13:47 – 2021-05-05 13:47 – 000000000 ____D C:UsersJennLaiBranAppDataLocalLowIGDump

2021-05-05 13:45 – 2021-05-05 13:45 – 002010624 _____ (Farbar) C:UsersDimeloJuanDownloadsFRST.exe

2021-05-05 13:40 – 2021-05-05 13:40 – 000553173 _____ C:UsersJennLaiBranDownloadsfrst app screenshot.xlsx

2021-05-05 13:33 – 2021-05-05 13:33 – 000000140 _____ C:UsersJennLaiBranDesktopTried running FRST to get logs but it closes 1 sec after opening. – Virus, Trojan, Spyware, and Malware Removal Help.url

2021-05-05 13:15 – 2021-05-05 13:15 – 002078632 _____ (Malwarebytes) C:UsersJennLaiBranDownloadsMBSetup.exe

2021-05-05 12:55 – 2021-05-05 12:55 – 000000155 _____ C:UsersJennLaiBranDesktopPreparation Guide For Use Before Using Malware Removal Tools and Requesting Help – Virus, Trojan, Spyware, and Malware Remova.url

2021-05-05 12:51 – 2021-05-05 12:51 – 002298368 _____ (Farbar) C:UsersJennLaiBranDownloadsFRST64.exe

2021-05-05 12:49 – 2021-05-05 12:49 – 000000000 ____D C:WINDOWSsystem32TasksRemediation

2021-05-05 12:35 – 2021-05-05 12:35 – 001802704 _____ (Bleeping Computer, LLC) C:UsersJennLaiBranDownloadseXplorer.exe

2021-05-05 12:27 – 2021-05-05 12:27 – 000198888 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2021-05-05 12:27 – 2021-05-05 12:27 – 000157944 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2021-05-05 12:27 – 2021-05-05 12:27 – 000077496 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2021-05-05 12:15 – 2021-05-05 12:15 – 000988112 _____ (Bleeping Computer, LLC) C:UsersJennLaiBranDownloadsrkill64.scr

2021-05-05 12:14 – 2021-05-05 12:14 – 001802704 _____ (Bleeping Computer, LLC) C:UsersJennLaiBranDownloadsrkill.scr

2021-05-05 12:08 – 2021-05-05 12:08 – 000988112 _____ (Bleeping Computer, LLC) C:UsersJennLaiBranDownloadsuSeRiNiT64.exe

2021-05-05 11:32 – 2021-05-05 11:32 – 000220752 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-05-05 11:31 – 2021-05-05 11:31 – 000001486 _____ C:UsersJennLaiBranDesktopRoblox Player.lnk

2021-05-05 11:09 – 2021-05-05 11:09 – 000001859 _____ C:UsersPublicDesktopSUPERAntiSpyware Free Edition.lnk

2021-05-05 11:09 – 2021-05-05 11:09 – 000001859 _____ C:ProgramDataDesktopSUPERAntiSpyware Free Edition.lnk

2021-05-05 11:09 – 2021-05-05 11:09 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingSUPERAntiSpyware.com

2021-05-05 11:09 – 2021-05-05 11:09 – 000000000 ____D C:ProgramDataSUPERAntiSpyware.com

2021-05-05 11:09 – 2021-05-05 11:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSUPERAntiSpyware

2021-05-05 11:09 – 2021-05-05 11:09 – 000000000 ____D C:Program FilesSUPERAntiSpyware

2021-05-05 11:07 – 2021-05-05 11:07 – 177216304 _____ (SUPERAntiSpyware) C:UsersJennLaiBranDownloadsSUPERAntiSpyware.exe

2021-05-05 11:04 – 2021-05-05 11:04 – 000025682 _____ C:UsersJennLaiBranDesktopmalwarebytes_scan_results_050521.txt

2021-05-05 10:49 – 2021-05-05 12:39 – 000000000 ___HD C:UsersPublicDocumentsAdobeGC

2021-05-05 10:49 – 2021-05-05 12:39 – 000000000 ___HD C:ProgramDataDocumentsAdobeGC

2021-05-05 10:19 – 2021-05-05 10:19 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-05-05 10:19 – 2021-05-05 10:19 – 000199128 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-05-05 10:19 – 2021-05-05 10:19 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2021-05-05 10:19 – 2021-05-05 10:19 – 000002043 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-05-05 10:19 – 2021-05-05 10:19 – 000002031 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-05-05 10:19 – 2021-05-05 10:19 – 000002031 _____ C:ProgramDataDesktopMalwarebytes.lnk

2021-05-05 10:19 – 2021-05-05 10:19 – 000000000 ____D C:UsersJennLaiBranAppDataLocalmbam

2021-05-05 10:19 – 2021-05-05 10:19 – 000000000 ____D C:ProgramDataMalwarebytes

2021-05-05 10:18 – 2021-05-05 10:18 – 002040904 _____ (Malwarebytes) C:UsersJennLaiBranDownloadsMBSetup-0009996.0009996-consumer.exe

2021-05-05 10:18 – 2021-05-05 10:18 – 000000000 ____D C:Program FilesMalwarebytes

2021-05-05 10:04 – 2021-05-05 12:36 – 000002148 _____ C:UsersJennLaiBranDesktopRkill.txt

2021-05-05 10:03 – 2021-05-05 10:03 – 001802704 _____ (Bleeping Computer, LLC) C:UsersJennLaiBranDownloadsrkill.com

2021-05-05 09:38 – 2021-05-05 13:50 – 000001485 _____ C:UsersDimeloJuanDesktopRoblox Player.lnk

2021-05-05 09:38 – 2021-05-05 09:38 – 000000000 ____D C:UsersDimeloJuanAppDataRoamingSun

2021-05-05 09:38 – 2021-05-05 09:38 – 000000000 ____D C:UsersDimeloJuanAppDataLocalLowSun

2021-05-05 09:37 – 2021-05-05 13:52 – 000000176 _____ C:UsersDimeloJuanAppDataLocalLowrbxcsettings.rbx

2021-05-05 09:37 – 2021-05-05 13:52 – 000000000 ____D C:UsersDimeloJuanAppDataLocalRoblox

2021-05-05 09:37 – 2021-05-05 13:50 – 000001308 _____ C:UsersDimeloJuanDesktopRoblox Studio.lnk

2021-05-05 09:37 – 2021-05-05 13:50 – 000000000 ____D C:UsersDimeloJuanAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox

2021-05-05 09:37 – 2021-05-05 09:37 – 001651592 _____ (Roblox Corporation) C:UsersDimeloJuanDownloadsRobloxPlayerLauncher.exe

2021-05-05 09:33 – 2021-05-05 09:33 – 000004040 _____ C:WINDOWSsystem32TasksPostponeDeviceSetupToast_S-1-5-21-4002825611-2205535967-4095611985-1001_0

2021-05-05 08:40 – 2021-05-05 08:40 – 001651592 _____ (Roblox Corporation) C:UsersJennLaiBranDownloadsRobloxPlayerLauncher (4).exe

2021-05-05 07:22 – 2021-05-05 07:22 – 001651592 _____ (Roblox Corporation) C:UsersJennLaiBranDownloadsRobloxPlayerLauncher (3).exe

2021-05-04 15:58 – 2021-05-04 15:58 – 000000000 ____D C:UsersJennLaiBranDownloadslolMiner_v1.26_Win64_2

2021-05-04 12:54 – 2021-05-04 12:54 – 001241299 _____ C:UsersJennLaiBranDownloadsZlib0tB2HLCVDu-q.mp4

2021-05-04 09:15 – 2021-05-04 09:15 – 000000102 _____ C:UsersJennLaiBranDesktopunMineable – DOGE mining pool – Earn DOGE with your GPUs & CPUs.url

2021-05-04 06:51 – 2021-05-04 06:51 – 000000000 ____D C:UsersJennLaiBranDownloadslolMiner_v1.26_Win64

2021-05-03 23:36 – 2021-05-03 23:36 – 000000000 ____D C:UsersJennLaiBranDownloadsunMineable_Miner_1.0.1-beta-packed (1)

2021-05-03 23:35 – 2021-05-03 23:35 – 052932523 _____ C:UsersJennLaiBranDownloadsunMineable_Miner_1.0.1-beta-packed (1).zip

2021-05-03 23:07 – 2021-05-04 10:23 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingunmineable-miner

2021-05-03 22:23 – 2021-05-03 22:23 – 000000000 ____D C:UsersJennLaiBranDownloadscudaminer-2014-02-28-windows

2021-05-03 21:34 – 2021-05-03 21:34 – 007212227 _____ C:UsersJennLaiBranDownloadsredditsave.com_times_square_nyc-j79iwd3hayw61.mp4

2021-05-03 09:02 – 2021-05-03 09:02 – 058317358 _____ C:UsersJennLaiBranDownloadsredditsave.com_they_were_dancing_in_the_park_today-4myp65filsw61.mp4

2021-05-02 21:01 – 2021-05-02 21:01 – 003372202 _____ C:UsersJennLaiBranDownloadsredditsave.com_guy_does_an_awesome_impression_of_heath_ledgers-8nca8c3geqw61.mp4

2021-05-01 20:08 – 2021-05-01 20:08 – 000000000 ____D C:UsersJennLaiBranAppDataLocalEALaunchHelper

2021-04-30 10:06 – 2021-04-30 10:06 – 000137251 _____ C:UsersJennLaiBranDownloadsLincoln_Financial_Group signed.pdf

2021-04-30 10:04 – 2021-04-30 10:04 – 000083175 _____ C:UsersJennLaiBranDownloadsLincoln_Financial_Group_ _Action_Needed.pdf

2021-04-29 09:58 – 2021-04-29 09:58 – 000047620 _____ C:UsersJennLaiBranDownloadsPMHNP_BC._Jacquelyn_Howell_summary.pdf

2021-04-29 09:58 – 2021-04-29 09:58 – 000030734 _____ C:UsersJennLaiBranDownloadsAndrew_Mouldovan_LCSW_summary.pdf

2021-04-29 09:48 – 2021-04-29 09:48 – 000108665 _____ C:UsersJennLaiBranDownloadsCOM12-11259448-8587555.pdf

2021-04-28 21:46 – 2021-04-28 21:46 – 000002440 _____ C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-04-27 11:08 – 2021-04-27 11:08 – 003120152 _____ C:UsersJennLaiBranDownloads1pTk3Wj84t99fpe1.mp4

2021-04-26 09:25 – 2021-04-26 09:25 – 044166659 _____ C:UsersJennLaiBranDownloadsredditsave.com_new_disney_animatronic_groot_robot_for_their-eo6rablj9hv61.mp4

2021-04-21 22:18 – 2021-04-21 22:18 – 002989964 _____ C:UsersJennLaiBranDownloads6953005305416535302-nw.mp4

2021-04-21 22:18 – 2021-04-21 22:18 – 000000382 _____ C:UsersJennLaiBranDownloads6953005305416535302.mp4

2021-04-21 10:31 – 2021-04-21 10:31 – 006123740 _____ C:UsersJennLaiBranDownloadsredditsave.com_a_sub_teacher_checking_attendance_for_the_1st_time-03dz1s6ithu61.mp4

2021-04-20 14:07 – 2021-04-28 11:03 – 000000000 ____D C:BondVet HellsKitchen Nadir

2021-04-20 09:52 – 2021-04-20 09:52 – 002869951 _____ C:UsersJennLaiBranDownloadsckla_g2_u5_tg_engage.pdf

2021-04-19 14:01 – 2021-04-19 15:30 – 000000000 ____D C:InstaVetStiched

2021-04-19 13:45 – 2021-04-19 13:55 – 000000000 ____D C:InstaVet

2021-04-18 15:37 – 2021-05-05 12:27 – 000008192 ___SH C:DumpStack.log.tmp

2021-04-18 13:37 – 2021-04-18 13:37 – 000000000 ____D C:Bond Vet – Chelsea  Stiched

2021-04-18 11:49 – 2021-04-23 20:02 – 000000000 ____D C:bondVet HellsKittchen Stitched

2021-04-18 11:16 – 2021-04-18 11:41 – 000000000 ____D C:BondVet Hellskitchen bad

2021-04-18 11:10 – 2021-04-18 11:41 – 000000000 ____D C:BondVet HellsKitchen

2021-04-16 15:05 – 2021-04-16 15:05 – 000002466 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype for Business.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002461 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWord.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002460 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPowerPoint.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002424 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAccess.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002423 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002417 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002411 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPublisher.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000002403 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneNote.lnk

2021-04-16 15:05 – 2021-04-16 15:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office Tools

2021-04-16 11:17 – 2021-04-16 11:17 – 000011357 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-04-16 11:16 – 2021-04-16 11:16 – 001823304 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-04-16 11:15 – 2021-04-16 11:15 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll

2021-04-14 09:31 – 2021-04-14 09:31 – 000000000 ____D C:WINDOWSPCHEALTH

2021-04-13 02:37 – 2021-04-13 02:37 – 000206360 _____ (Razer Inc.) C:WINDOWSsystem32RzChromaSDK64.dll

2021-04-13 02:34 – 2021-04-13 02:34 – 000178712 _____ (Razer Inc.) C:WINDOWSSysWOW64RzChromaSDK.dll

2021-04-12 17:17 – 2021-04-12 17:17 – 007966465 _____ C:UsersJennLaiBranDownloadsrnjv_1WEuQAOc6eg.mp4

2021-04-12 11:39 – 2021-04-12 11:39 – 000003133 _____ C:UsersJennLaiBranDocumentschoco2.wlmp

2021-04-12 11:31 – 2021-04-12 11:38 – 000002992 _____ C:UsersJennLaiBranDocumentschoco1.wlmp

2021-04-12 11:19 – 2021-04-12 11:19 – 005202426 _____ C:UsersJennLaiBranDownloads6943751470357449990-nw.mp4

2021-04-12 10:49 – 2021-04-12 10:49 – 023427158 _____ C:UsersJennLaiBranDownloadsManchitas, the dancing cow (1).mp4

2021-04-12 10:48 – 2021-04-12 10:48 – 023427158 _____ C:UsersJennLaiBranDownloadsManchitas, the dancing cow.mp4

2021-04-12 08:43 – 2021-04-12 08:43 – 003758433 _____ C:UsersJennLaiBranDownloadsredditsave.com_maybe_maybe_maybe-btgq6r1j3qs61.mp4

2021-04-12 02:08 – 2021-04-12 02:08 – 000189112 _____ (Razer Inc.) C:WINDOWSsystem32RzChromaBroadcastAPI64.dll

2021-04-12 02:08 – 2021-04-12 02:08 – 000165056 _____ (Razer Inc.) C:WINDOWSsystem32RzChromaBroadcastManager64.dll

2021-04-12 02:08 – 2021-04-12 02:08 – 000154808 _____ (Razer Inc.) C:WINDOWSSysWOW64RzChromaBroadcastAPI.dll

2021-04-12 02:08 – 2021-04-12 02:08 – 000134848 _____ (Razer Inc.) C:WINDOWSSysWOW64RzChromaBroadcastManager.dll

2021-04-10 14:29 – 2021-04-10 14:29 – 000002502 _____ C:UsersJennLaiBranDesktopRosa (Locha) – Chrome.lnk

2021-04-09 08:26 – 2021-05-05 12:32 – 000000000 ____D C:WINDOWSsystem32TasksNorton 360

2021-04-09 08:21 – 2021-04-09 08:21 – 000003406 _____ C:WINDOWSsystem32TasksNorton WSC Integration

2021-04-09 08:20 – 2021-04-10 10:58 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsNorton Security

2021-04-08 22:31 – 2021-04-08 22:31 – 001645448 _____ (Roblox Corporation) C:UsersJennLaiBranDownloadsRobloxPlayerLauncher (2).exe

2021-04-07 13:03 – 2021-04-07 13:03 – 009341308 _____ C:UsersJennLaiBranDownloadsredditsave.com_this_monitor_lizard-tkqv6ztygrr61.mp4

2021-04-06 10:05 – 2021-04-06 10:06 – 008032773 _____ C:UsersJennLaiBranDownloadsjxnsaf92XxPgEcfE.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-05 13:53 – 2017-04-27 14:37 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingPTGui

2021-05-05 13:52 – 2018-12-06 22:48 – 000000000 ____D C:ProgramDataNVIDIA

2021-05-05 13:41 – 2020-08-19 10:32 – 000000000 ____D C:UsersJennLaiBranAppDataLocalCrashDumps

2021-05-05 13:41 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-05-05 13:41 – 2019-12-07 05:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-05-05 12:39 – 2019-10-02 07:02 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData

2021-05-05 12:39 – 2019-10-02 07:02 – 000000000 ___HD C:ProgramDataDocumentsAdobeGCData

2021-05-05 12:33 – 2020-12-04 23:27 – 000976518 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-05-05 12:33 – 2019-12-07 05:13 – 000000000 ____D C:WINDOWSINF

2021-05-05 12:27 – 2020-12-04 23:31 – 000003102 _____ C:WINDOWSsystem32TasksGPU Tweak II

2021-05-05 12:27 – 2020-12-04 23:31 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-05-05 12:26 – 2019-12-07 05:03 – 000786432 _____ C:WINDOWSsystem32configBBI

2021-05-05 12:03 – 2020-12-04 23:14 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-05-05 11:31 – 2018-08-16 13:09 – 000001309 _____ C:UsersJennLaiBranDesktopRoblox Studio.lnk

2021-05-05 11:31 – 2017-08-17 08:41 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox

2021-05-05 11:31 – 2016-08-13 20:40 – 000000252 _____ C:UsersJennLaiBranAppDataLocalLowrbxcsettings.rbx

2021-05-05 10:55 – 2018-03-28 11:01 – 000000000 ____D C:UsersJennLaiBranDocumentsMy Scans

2021-05-05 10:34 – 2019-12-07 05:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-05-05 10:19 – 2019-12-07 05:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-05-05 09:34 – 2021-03-16 12:11 – 000003386 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-4002825611-2205535967-4095611985-1001

2021-05-05 09:34 – 2020-12-04 19:34 – 000002437 _____ C:UsersDimeloJuanAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-05-05 09:34 – 2015-08-05 21:37 – 000000000 ___RD C:UsersDimeloJuanOneDrive

2021-05-05 09:33 – 2017-11-24 17:44 – 000000000 ____D C:UsersDimeloJuanAppDataLocalPackages

2021-05-05 08:44 – 2017-11-24 17:43 – 000000000 ____D C:UsersJennLaiBranAppDataLocalPackages

2021-05-04 19:47 – 2017-11-03 16:42 – 000000000 ___RD C:UsersJennLaiBranCreative Cloud Files

2021-05-04 09:12 – 2018-06-14 20:46 – 000000000 ____D C:UsersJennLaiBranAppDataLocalD3DSCache

2021-05-04 09:04 – 2021-02-07 12:36 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingDogecoin

2021-05-03 18:58 – 2014-03-02 23:16 – 000000000 ____D C:Program FilesMicrosoft Office

2021-05-02 12:40 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSServiceState

2021-05-01 17:53 – 2019-12-07 05:03 – 000008192 _____ C:WINDOWSsystem32configELAM

2021-05-01 09:50 – 2020-12-25 09:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer

2021-05-01 09:48 – 2020-12-25 09:56 – 000000000 ____D C:Program Files (x86)Razer Chroma SDK

2021-04-30 17:24 – 2020-06-20 11:28 – 000002448 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-04-30 17:24 – 2020-06-20 11:28 – 000002286 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-04-30 17:24 – 2020-06-20 11:28 – 000002286 _____ C:ProgramDataDesktopMicrosoft Edge.lnk

2021-04-29 20:28 – 2012-12-07 16:52 – 000000000 ___HD C:AdobeTemp

2021-04-29 20:27 – 2019-05-13 17:20 – 000001396 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Creative Cloud.lnk

2021-04-29 20:27 – 2019-05-13 17:20 – 000001366 _____ C:UsersPublicDesktopAdobe Creative Cloud.lnk

2021-04-29 20:27 – 2019-05-13 17:20 – 000001366 _____ C:ProgramDataDesktopAdobe Creative Cloud.lnk

2021-04-29 20:27 – 2016-01-14 20:04 – 000000000 ____D C:Program FilesCommon FilesAdobe

2021-04-29 20:27 – 2016-01-14 20:04 – 000000000 ____D C:Program FilesAdobe

2021-04-29 20:27 – 2015-11-22 11:50 – 000000000 ____D C:Program Files (x86)Adobe

2021-04-28 21:46 – 2020-12-04 23:31 – 000003388 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-4002825611-2205535967-4095611985-1004

2021-04-28 21:46 – 2015-08-08 09:41 – 000000000 ___RD C:UsersJennLaiBranOneDrive

2021-04-28 18:07 – 2020-09-02 09:10 – 000002502 _____ C:UsersJennLaiBranDesktopBrandon – Chrome (1).lnk

2021-04-26 19:11 – 2019-01-09 16:24 – 000000000 ____D C:Program Files (x86)Steam

2021-04-26 17:11 – 2014-03-02 22:34 – 000002311 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-04-26 06:55 – 2021-01-19 19:53 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d6cab6120352d8

2021-04-26 06:55 – 2020-12-04 23:31 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-04-23 12:01 – 2015-11-22 11:50 – 000002146 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

2021-04-22 11:36 – 2017-07-16 21:34 – 000000000 ____D C:UsersJennLaiBranDownloadstrello_files

2021-04-22 07:32 – 2020-10-01 15:56 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-04-21 14:30 – 2017-05-29 09:25 – 000000000 ____D C:Program Files (x86)Origin

2021-04-21 07:21 – 2020-12-04 23:31 – 000003446 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA1d57d7d43730d1

2021-04-21 07:21 – 2020-12-04 23:31 – 000003320 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore1d50b35855697

2021-04-20 20:18 – 2017-07-21 18:14 – 000000000 ____D C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps

2021-04-20 14:40 – 2020-12-04 23:31 – 000003724 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004UA1d57e1c5aaae431

2021-04-20 14:40 – 2020-12-04 23:31 – 000003456 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskUserS-1-5-21-4002825611-2205535967-4095611985-1004Core1d57e1c5aa6ec90

2021-04-18 15:38 – 2020-12-04 23:14 – 005112680 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-04-18 15:36 – 2019-12-07 05:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64inetsrv

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSystemResources

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32inetsrv

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSProvisioning

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-04-18 15:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-04-16 11:27 – 2019-12-07 05:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-04-16 11:16 – 2014-03-02 19:26 – 000414044 __RSH C:bootmgr

2021-04-16 11:15 – 2020-12-04 23:16 – 002877440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PrintConfig.dll

2021-04-15 13:12 – 2018-01-14 14:08 – 000000000 ____D C:UsersJennLaiBranDocumentsOutlook Files

2021-04-14 09:41 – 2014-03-02 21:26 – 000000000 ____D C:WINDOWSsystem32MRT

2021-04-14 09:34 – 2014-03-02 21:26 – 131963968 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-04-14 09:31 – 2019-12-07 05:14 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-04-11 13:37 – 2016-08-13 20:40 – 000000000 ____D C:UsersJennLaiBranAppDataLocalRoblox

2021-04-10 10:58 – 2019-06-02 09:35 – 000002595 _____ C:UsersPublicDesktopNorton Security.lnk

2021-04-10 10:58 – 2019-06-02 09:35 – 000002595 _____ C:ProgramDataDesktopNorton Security.lnk

2021-04-09 15:47 – 2017-03-28 08:16 – 000000000 ____D C:Program FilesNortonInstaller

2021-04-09 08:46 – 2016-08-14 12:45 – 000000000 ____D C:Program FilesCommon FilesAV

2021-04-09 08:21 – 2018-02-07 09:48 – 000000000 ____D C:WINDOWSsystem32DriversNGCx64

2021-04-06 10:30 – 2016-03-26 09:32 – 000000000 ____D C:ProgramDataPackage Cache

==================== Files in the root of some directories ========

2018-07-24 18:10 – 2018-07-24 18:11 – 000013607 _____ () C:Program Files (x86)DiskPlayer Setup Log.txt

2016-10-07 23:37 – 2017-09-15 12:59 – 000000132 _____ () C:UsersJennLaiBranAppDataRoamingAdobe GIF Format CS6 Prefs

2016-01-14 20:55 – 2018-10-08 00:29 – 000000132 _____ () C:UsersJennLaiBranAppDataRoamingAdobe PNG Format CS6 Prefs

2017-05-04 14:05 – 2017-10-13 11:10 – 000001456 _____ () C:UsersJennLaiBranAppDataLocalAdobe Save for Web 13.0 Prefs

2018-09-26 11:00 – 2018-09-26 11:00 – 000000000 _____ () C:UsersJennLaiBranAppDataLocaloobelibMkey.log

2020-12-07 11:09 – 2020-12-28 11:19 – 000000128 _____ () C:UsersJennLaiBranAppDataLocalPUTTY.RND

2017-04-27 20:46 – 2020-08-19 13:05 – 000007597 _____ () C:UsersJennLaiBranAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

————————————————————————————————————————————————————————————————————————————————–

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021

Ran by JennLaiBran (05-05-2021 13:58:18)

Running from C:UsersJennLaiBranDownloads

Windows 10 Pro Version 2004 19041.928 (X64) (2020-12-05 03:31:44)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4002825611-2205535967-4095611985-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-4002825611-2205535967-4095611985-503 – Limited – Disabled)

DimeloJuan (S-1-5-21-4002825611-2205535967-4095611985-1001 – Administrator – Enabled) => C:UsersDimeloJuan

Guest (S-1-5-21-4002825611-2205535967-4095611985-501 – Limited – Disabled)

HomeGroupUser$ (S-1-5-21-4002825611-2205535967-4095611985-1002 – Limited – Enabled)

jenje (S-1-5-21-4002825611-2205535967-4095611985-1006 – Limited – Disabled)

JennLaiBran (S-1-5-21-4002825611-2205535967-4095611985-1004 – Administrator – Enabled) => C:UsersJennLaiBran

lalai (S-1-5-21-4002825611-2205535967-4095611985-1007 – Limited – Disabled)

postgres (S-1-5-21-4002825611-2205535967-4095611985-1005 – Limited – Enabled) => C:Userspostgres

WDAGUtilityAccount (S-1-5-21-4002825611-2205535967-4095611985-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled – Up to date) 1122B19A-E671-38EC-8EAC-87048FD4528D

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B

AV: Norton 360 (Enabled – Up to date) 9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

FW: Norton 360 (Enabled) A6045214-8EAD-7B9C-2E68-BA2B11C858F1

FW: Norton 360 (Enabled) 291930BF-AC1E-39B4-A5F3-2E31710715F6

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM…FF21C3E6-97FD-474F-9518-8DCBE94C2854) (Version: 7.2.8 – Hewlett-Packard) Hidden

7-Zip 16.04 (x64) (HKLM…7-Zip) (Version: 16.04 – Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.001.20150 – Adobe Systems Incorporated)

Adobe AIR (HKLM-x32…Adobe AIR) (Version: 22.0.0.153 – Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 5.4.5.549 – Adobe Inc.)

Adobe Creative Suite 6 Master Collection (HKLM-x32…E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0) (Version: 6 – Adobe Systems Incorporated)

Adobe Genuine Service (HKLM-x32…AdobeGenuineService) (Version:  – Adobe)

Adobe Help Manager (HKLM-x32…chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 – Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32…8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D) (Version: 6.0 – Adobe Systems Incorporated)

Adobe Photoshop 2021 (HKLM-x32…PHSP_22_0_1) (Version: 22.0.1.73 – Adobe Inc.)

Adobe Shockwave Player 12.0 (HKLM-x32…Adobe Shockwave Player) (Version: 12.0.9.149 – Adobe Systems, Inc.)

Adobe Widget Browser (HKLM-x32…com.adobe.WidgetBrowser) (Version: 2.0 Build 348 – Adobe Systems Incorporated.)

AMD Catalyst Install Manager (HKLM…25107779-C295-EB3E-3C92-AC1B45680012) (Version: 8.0.877.0 – Advanced Micro Devices, Inc.)

Apple Application Support (32-bit) (HKLM-x32…CCA8C50D-785B-4896-8675-FFE0C4ECCBC3) (Version: 8.7 – Apple Inc.)

Apple Application Support (64-bit) (HKLM…75BEF7E8-4370-4D42-94F3-B5AA77057965) (Version: 8.7 – Apple Inc.)

Apple Mobile Device Support (HKLM…F9CEF01A-3907-4614-824F-CF5D3E4675EF) (Version: 14.1.0.35 – Apple Inc.)

Apple Software Update (HKLM-x32…A3985C05-7386-411F-A4BF-32A73F37EB44) (Version: 2.6.3.1 – Apple Inc.)

ASUS GadgeTV (HKLM-x32…C2229A1A-AC81-42E4-B514-98A71BB436F0) (Version: 1.9 – ASUSTek COMPUTER INC.)

ASUS GPU TweakII (HKLM-x32…InstallShield_2914BAB6-CA16-4B5A-BF41-2466656C7040) (Version: 1.9.1.1 – ASUSTek COMPUTER INC.)

ASUS MyCinema-EHD3100 (HKLM-x32…DBFA7054-215D-47B9-AA82-7BFE72BDACF7) (Version: 77.3.1.0 – ASUSTeK COMPUTER INC.)

ASUSUpdate (HKLM-x32…587178E7-B1DF-494E-9838-FA4DD36E873C) (Version:  – )

BitTorrent (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…BitTorrent) (Version: 7.10.5.45857 – BitTorrent Inc.)

bl (HKLM-x32…2A075BB4-E976-4278-BF3F-E5C6945D84C0) (Version: 1.0.0 – Your Company Name) Hidden

Blackmagic RAW Common Components (HKLM…C569CAEE-D0BF-45DE-833E-E97988B5CB8B) (Version: 1.8 – Blackmagic Design)

BlueStacks App Player (HKLM-x32…BlueStacks) (Version: 4.1.21.2018 – BlueStack Systems, Inc.)

Bonjour (HKLM…56DDDFB8-7F79-4480-89D5-25E1F52AB28F) (Version: 3.1.0.1 – Apple Inc.)

Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32…Software Guide) (Version: 1.4.0.1 – Canon Inc.)

CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32…MyCamera Download Plugin) (Version: 3.1.1.2 – Canon Inc.)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32…CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 – Canon Inc.)

Canon MOV Decoder (HKLM-x32…Canon MOV Decoder) (Version: 1.8.0.7 – Canon Inc.)

Canon MOV Encoder (HKLM-x32…Canon MOV Encoder) (Version: 1.6.0.1 – Canon Inc.)

Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32…MovieEditTask) (Version: 3.7.0.4 – Canon Inc.)

Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide (HKLM-x32…CameraUserGuide-PSELPH300HS_IXUS220HS) (Version: 1.0.0.1 – Canon Inc.)

Canon Utilities CameraWindow DC 8 (HKLM-x32…CameraWindowDC8) (Version: 8.4.0.3 – Canon Inc.)

Canon Utilities CameraWindow Launcher (HKLM-x32…CameraWindowLauncher) (Version: 7.5.0.2 – Canon Inc.)

Canon Utilities Digital Photo Professional 4 (HKLM-x32…Digital Photo Professional 4 (x64)) (Version: 4.6.10.0 – Canon Inc.)

Canon Utilities EOS Lens Registration Tool (HKLM-x32…EOS Lens Registration Tool) (Version: 1.6.0.0 – Canon Inc.)

Canon Utilities Movie Uploader for YouTube (HKLM-x32…MovieUploaderForYouTube) (Version: 1.2.0.7 – Canon Inc.)

Canon Utilities MyCamera (HKLM-x32…MyCamera) (Version: 7.4.0.2 – Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32…PhotoStitch) (Version: 3.1.22.46 – Canon Inc.)

Canon Utilities ZoomBrowser EX (HKLM-x32…ZoomBrowser EX) (Version: 6.7.0.24 – Canon Inc.)

Canon ZoomBrowser EX Memory Card Utility (HKLM-x32…ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 – Canon Inc.)

Cisco WebEx Meetings (HKLM-x32…ActiveTouchMeetingClient) (Version:  – Cisco WebEx LLC)

Citrix Receiver (HKLM-x32…CitrixOnlinePluginPackWeb) (Version: 14.3.100.10 – Citrix Systems, Inc.)

CPUID CPU-Z 1.92 (HKLM…CPUID CPU-Z_is1) (Version: 1.92 – CPUID, Inc.)

Cricut Design Space Client (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Cricut Design Space Client) (Version: 5.8.1804.192041 – Provo Craft)

D3DX10 (HKLM-x32…E09C4DB7-630C-4F06-A631-8EA7239923AF) (Version: 15.4.2368.0902 – Microsoft) Hidden

DaVinci Resolve (HKLM…F576A1B2-04B7-4946-9544-E98EBB6B5288) (Version: 16.2.5015 – Blackmagic Design)

DaVinci Resolve Keyboards (HKLM…4F776FB-37A2-4116-84F2-6CF3D731999D) (Version: 1.0.0.0 – Blackmagic Design)

DaVinci Resolve Panels (HKLM…567706B7-1501-43BC-81AB-C7E306B40C73) (Version: 1.3.2.0 – Blackmagic Design)

DiskPlayer (HKLM-x32…DiskPlayer) (Version:  – )

Dogecoin Core (64-bit) (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Dogecoin Core (64-bit)) (Version: 1.14.2 – Dogecoin Core project)

EA Desktop (HKLM…C2622085-ABD2-49E5-8AB9-D3D6A642C091) (Version: 12.0.82.4904 – Electronic Arts) Hidden

EA Desktop (HKLM-x32…3b9468c-1cd4-4fac-b156-db354f904d60) (Version: 12.0.82.4904 – Electronic Arts)

EOSInfo (HKLM-x32…CC23FF9A-989C-4DEB-8970-50E6E4862315) (Version: 0.2.0 – astrojargon.net)

Epic Games Launcher (HKLM-x32…E63B233-DC24-442C-BD38-0B91D90FEC5B) (Version: 1.1.167.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…F9C5C994-F6B9-4D75-B3E7-AD01B84073E9) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Facebook Gameroom 1.9.6443.18496 (HKLM-x32…2BA6B7D9-1D15-44FE-BC95-94FA4DB19B75) (Version: 1.9.6443.18496 – Facebook)

Fairlight Audio Accelerator Utility (HKLM…FairlightAudioAccelerator_is1) (Version: 1.0.13 – Blackmagic Design)

Fairlight Studio Utility (HKLM…6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9) (Version: 1.2.0.0 – Blackmagic Design)

Final Media Player 2014 (HKLM-x32…FinalMediaPlayer_is1) (Version: 2015.02.27.00 – Bitberry Software)

Free Video Cutter (HKLM-x32…94895EA7-873E-4FCB-9C7B-DD3F7019D618_is1) (Version:  – FreeVideoCutter.com)

Git version 2.14.0.2 (HKLM…Git_is1) (Version: 2.14.0.2 – The Git Development Community)

Gitter (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…3C07717-35D4-40B2-B4F2-05A0EF1B9F6F_is1) (Version:  – Troupe Technology Limited)

Google Chrome (HKLM-x32…Google Chrome) (Version: 90.0.4430.93 – Google LLC)

Google Photos Backup (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…Google Photos Backup) (Version: 1.1.2.13 – Google, Inc.)

Google Photos Backup (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Google Photos Backup) (Version: 1.1.4.11 – Google, Inc.)

Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.22.5 – Google Inc.) Hidden

HP Customer Participation Program 14.0 (HKLM…HPExtendedCapabilities) (Version: 14.0 – HP)

HP Imaging Device Functions 14.0 (HKLM…HP Imaging Device Functions) (Version: 14.0 – HP)

HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.2024 – HP Photo Creations Powered by RocketLife)

HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM…276C40A7-8110-4976-80D2-39C669B84D32) (Version: 14.0 – HP)

HP Solution Center 14.0 (HKLM…HP Solution Center & Imaging Support Tools) (Version: 14.0 – HP)

HP Update (HKLM-x32…912D30CF-F39E-4B31-AD9A-123C6B794EE2) (Version: 5.005.002.002 – Hewlett-Packard)

iCloud (HKLM…8808B208-87D1-4725-8192-76D257E9DEAE) (Version: 7.21.0.23 – Apple Inc.)

Insta360 Studio 2019 version 3.4.1 (HKLM-x32…78E34D33-E6EF-442B-A808-2351211989E2}_is1) (Version: 3.4.1 – Arashi Vision .Ltd)

iTunes (HKLM…79951B67-3DC8-45DF-A516-86F89DA95924) (Version: 12.11.0.26 – Apple Inc.)

Java 8 Update 281 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180281F0) (Version: 8.0.2810.9 – Oracle Corporation)

Kodi (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Kodi) (Version:  – XBMC Foundation)

Launcher Prerequisites (x64) (HKLM-x32…43a03b9c-4770-409c-a999-587b60700b63) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Learn IDE (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…learn_ide) (Version: 2.4.2 – GitHub Inc.)

Macrium Reflect Free Edition (HKLM…614251E7-949D-485D-8263-8C775A8FD56D) (Version: 7.1.2722 – Paramount Software (UK) Ltd.) Hidden

Macrium Reflect Free Edition (HKLM…MacriumReflect) (Version: 7.1 – Paramount Software (UK) Ltd.)

magicJack (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…magicJack) (Version: 4.1.7574.5297 – magicJack L.P.)

Malwarebytes version 4.3.0.98 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.3.0.98 – Malwarebytes)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 90.0.818.51 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM…Office14.PROPLUSR) (Version: 14.0.7015.1000 – Microsoft Corporation)

Microsoft Office Professional Plus 2016 – en-us (HKLM…ProPlusRetail – en-us) (Version: 16.0.13929.20296 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…OneDriveSetup.exe) (Version: 21.062.0328.0001 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…OneDriveSetup.exe) (Version: 21.062.0328.0001 – Microsoft Corporation)

Microsoft Silverlight (HKLM…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.50918.0 – Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8) (Version: 3.1.0000 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…A0E1B43D-5F4A-46AF-9925-ABA3423325DC) (Version: 2.77.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…7299052b-02a4-4627-81f2-1818da5d550d) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…71c9b48-7c32-4621-a0ac-3f809523288f) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…4B6C7001-C7D6-3710-913E-5BC23FCE91E6) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…42d26ef-3dbe-4c25-95d3-4c1b11b235a7) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…9dff3540-fc85-4ed5-ac84-9e3c7fd8bece) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29910 (HKLM-x32…53f1dc9d-ed94-4650-a079-129785ce7905) (Version: 14.28.29910.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.23.27820 (HKLM-x32…45231ab4-69fd-486a-859d-7a59fcd11013) (Version: 14.23.27820.0 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…27B34E47-68AE-4802-822A-9F0C187AF84A) (Version: 1.0.0.0 – Mojang)

Movie Maker (HKLM-x32…38F03569-A636-4CF3-BDDE-032C8C251304) (Version: 16.4.3528.0331 – Microsoft Corporation) Hidden

Movie Maker (HKLM-x32…DD67BE4B-7E62-4215-AFA3-F123A800A389) (Version: 16.4.3528.0331 – Microsoft Corporation) Hidden

Nik Collection (HKLM-x32…Nik Collection) (Version: 1.2.11 – Google)

NordVPN (HKLM…19465C24-3D5D-4327-B99F-3CC0A1D38151_is1) (Version: 6.35.8.0 – TEFINCOM S.A.)

NordVPN network TAP (HKLM-x32…97DEC5D6-2BE9-45BB-BFC5-274B851B486B) (Version: 1.0.1 – NordVPN)

NordVPN network TUN (HKLM…BD0E4F38-D3F6-452D-A32E-B14D721839AC) (Version: 1.0.1 – NordVPN)

Norton 360 (HKLM-x32…NGC) (Version: 22.21.2.50 – Symantec Corporation)

Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 7.9.1 – Notepad++ Team)

NVIDIA Graphics Driver 456.71 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 456.71 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.35 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.35 – NVIDIA Corporation)

OCR Software by I.R.I.S. 14.0 (HKLM…HPOCR) (Version: 14.0 – HP)

Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.13929.20296 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.13929.20296 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.13929.20216 – Microsoft Corporation) Hidden

Online Plug-in (HKLM-x32…92838039-27B8-4433-AA2B-F432DC0E5E8B) (Version: 14.3.100.10 – Citrix Systems, Inc.) Hidden

Opanda IExif 2.3 (HKLM-x32…Opanda IExif_is1) (Version: 2.3 – Opanda Studio)

Origin (HKLM-x32…Origin) (Version: 10.5.97.47554 – Electronic Arts, Inc.)

Paradox Launcher (HKLM-x32…ED2CDA1D-39E4-4CBB-992C-5C1D08672128) (Version: 1.1.0.0 – Paradox Interactive)

ph (HKLM-x32…185F9795-9663-4F13-9EF9-307A282ADB5A) (Version: 1.0.0 – Your Company Name) Hidden

PostgreSQL 9.5  (HKLM…PostgreSQL 9.5) (Version: 9.5 – PostgreSQL Global Development Group)

PTGui Pro 11.28 (HKLM-x32…PTGui) (Version:  – New House Internet Services B.V.)

PuTTY release 0.74 (64-bit) (HKLM…127B996B-5308-4012-865B-9446451EA326) (Version: 0.74.0.0 – Simon Tatham)

QuickTime 7 (HKLM-x32…FF59BD75-466A-4D5A-AD23-AAD87C5FD44C) (Version: 7.79.80.95 – Apple Inc.)

Razer Synapse (HKLM-x32…Razer Synapse) (Version: 3.6.0430.042101 – Razer Inc.)

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.7535 – Realtek Semiconductor Corp.)

Roblox Player for DimeloJuan (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…roblox-player) (Version:  – Roblox Corporation)

Roblox Player for JennLaiBran (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…roblox-player) (Version:  – Roblox Corporation)

Roblox Studio for JennLaiBran (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…roblox-studio) (Version:  – Roblox Corporation)

Samsung USB Driver for Mobile Phones (HKLM…D0795B21-0CDA-4a92-AB9E-6E92D8111E44) (Version: 1.5.63.0 – Samsung Electronics Co., Ltd.)

Screencast-O-Matic v2 (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Screencast-O-Matic v2) (Version:  – Screencast-O-Matic)

Seagate Dashboard (HKLM-x32…EA266F00-A8E7-43A0-8DED-FBFE3F076934) (Version: 4.6.1602.0 – Seagate)

Self-service Plug-in (HKLM-x32…21451E87-020C-43AD-8043-B07D36BE889E) (Version: 4.3.100.10167 – Citrix Systems, Inc.) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM…91140000-0011-0000-1000-0000000FF1CE_Office14.PROPLUSR_A3364707-2F53-4C83-8F68-C9877A9080C7) (Version:  – Microsoft)

Shop for HP Supplies (HKLM…Shop for HP Supplies) (Version: 14.0 – HP)

Sims 4 Tray Importer (S4TI) 1.10.04.3 (HKLM-x32…8665A9CC-9652-4F31-907A-DE2E7A8E8E97_is1) (Version: 1.10.04.3 – TeameeVo)

Skype™ 7.32 (HKLM-x32…FC965A47-4839-40CA-B618-18F486F042C6) (Version: 7.32.104 – Skype Technologies S.A.)

Slice of Life (HKLM-x32…6E4B9D4B-6176-4D55-BC42-CF99FBBA09F1) (Version: 4.5.3 – KawaiiStacie)

Smart Switch (HKLM-x32…74FA5314-85C8-4E2A-907D-D9ECCCB770A7) (Version: 4.1.17102.8 – Samsung Electronics Co., Ltd.) Hidden

Smart Switch (HKLM-x32…InstallShield_74FA5314-85C8-4E2A-907D-D9ECCCB770A7) (Version: 4.1.17102.8 – Samsung Electronics Co., Ltd.)

Spotify (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…Spotify) (Version: 1.0.21.143.g76c19bcd – Spotify AB)

Spotify (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…Spotify) (Version: 1.0.85.257.g0f8531bd – Spotify AB)

Star Stable Online (HKLM-x32…8CD50415-04B7-459E-8CBD-DA96A9CDF98E) (Version: 1.01.0000 – Star Stable Entertainment AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Street View Download 360 2.1.0 (only current user) (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…75277b3b-5bf6-5e75-94b1-fe52d294096d) (Version: 2.1.0 – Thomas Orlita)

Sublime Text Build 3126 (HKLM…Sublime Text 3_is1) (Version:  – Sublime HQ Pty Ltd)

SUPERAntiSpyware (HKLM…CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA) (Version: 10.0.1224 – SUPERAntiSpyware.com)

The Sims™ 4 (HKLM-x32…48EBEBBF-B9F8-4520-A3CF-89A730721917) (Version: 1.69.59.1020 – Electronic Arts Inc.)

The Sims™ 4 Snowy Escape (HKLM-x32…48EBEBBF-B9F8-4520-A3CF-89A730721917_The Sims 4 Snowy Escape) (Version: 38.0.175.1020 – Electronic Arts Inc.)

Unity Web Player (HKUS-1-5-21-4002825611-2205535967-4095611985-1001…UnityWebPlayer) (Version: 5.3.6f1 – Unity Technologies ApS)

Unity Web Player (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…UnityWebPlayer) (Version: 5.3.8f1 – Unity Technologies ApS)

Unknown File Handler (HKLM-x32…UFH_is1) (Version: 2015.12.29.0 – File.org)

WebAdvisor by McAfee (HKLM-x32…35ED3F83-4BDC-4c44-8EC6-6A8301C7413A) (Version: 4.1.1.586 – McAfee, LLC)

Windows Driver Package – Provo Craft & Novelty, Inc. (usbser) Ports  (11/04/2015 2.0.0.0) (HKLM…F9008028528C059AEF07C6D89D45BB3C63057E83) (Version: 11/04/2015 2.0.0.0 – Provo Craft & Novelty, Inc.)

Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 16.4.3528.0331 – Microsoft Corporation)

Wondershare Filmora(Build 6.7.0) (HKLM-x32…Wondershare Filmora_is1) (Version:  – Wondershare Software)

Zoom (HKUS-1-5-21-4002825611-2205535967-4095611985-1004…ZoomUMX) (Version: 5.2.3 (45120.0906) – Zoom Video Communications, Inc.)

Packages:

=========

Adobe Notification Client -> C:Program FilesWindowsAppsAdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-03-16] (Adobe Systems Incorporated)

Disney Emoji Blitz – Holiday -> C:Program FilesWindowsAppsDisney.DisneyEmojiBlitz_1.16.2.0_x64__6rarf9sa4v8jt [2021-03-16] (Disney)

Homescapes -> C:Program FilesWindowsAppsPLRWorldwideSales.Homescapes_4.5.4.0_x64__1feq88045d2v2 [2021-05-05] (Playrix)

Light in Darkness -> C:Program FilesWindowsAppsMicrosoft.LightinDarkness_1.0.0.0_neutral__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)

Mexican Vacation -> C:Program FilesWindowsAppsMicrosoft.MexicanVacation_1.0.0.0_neutral__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.4213.0_x64__8wekyb3d8bbwe [2021-05-05] (Microsoft Studios) [MS Ad]

Minecraft for Windows 10 -> C:Program FilesWindowsAppsMicrosoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-23] (Microsoft Studios)

MSN Sports -> C:Program FilesWindowsAppsMicrosoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad]

Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)

Rakuten: Get Cash Back For Shopping -> C:Program FilesWindowsAppsEbates.EbatesCashBack_5.0.0.0_neutral__qvn24pjydtpgr [2021-04-30] (Rakuten)

WindowsDVDPlayer -> C:Program FilesWindowsAppsMicrosoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2021-04-09] (Microsoft Corporation)

Winter Holiday Glow -> C:Program FilesWindowsAppsMicrosoft.WinterHolidayGlow_1.0.0.0_neutral__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDE270DAA-1BE6-48F2-AC49-D41C3D54DE78 -> [Creative Cloud Files] => C:UsersJennLaiBranCreative Cloud Files [2017-11-03 16:42]

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID144DF3B2-2402-47AE-9583-5A045929A8D4InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.33.5psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID2F81B25E-7507-4844-BFF2-77D2CC24CED4localserver32 -> C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe (Adobe Inc. -> Adobe Inc.)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID46406D82-6EC0-47CC-8A75-1F33C6DEDBBEInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.442psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID540C17A8-04F2-4B66-95D7-B2FEF9A19B54InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.422psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID590C4387-5EBD-4D46-8A84-CD0BA2EF2856InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.30.3psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.31.5psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID62634D95-960B-4834-8E71-A70408AD8FD9InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.34.7psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID6D264B70-DA18-401D-910C-B202D89670C6InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.32psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID793EE463-1304-471C-ADF1-68C2FFB01247InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.29.5psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID84EB3779-151B-4C71-AEF0-A0FEE9481401InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.342psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID85D8EE2F-794F-41F0-BB03-49D56A23BEF4InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID86508D42-E5D7-4D10-9C6F-D427AEEB85B5InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.34.11psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID8C46158B-D978-483C-A312-16EE5013BE04InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.33.3psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.33.7psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSID9371045C-7BFF-48FD-9667-EA0499304115InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.2psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDA804CF1A-91E5-4F0C-9E8C-DB39E74056DDInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.33.23psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDCA8FA699-91CD-412F-9D13-9B1222F4370EInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDCA919489-0396-4164-A6E7-94CDED45A707InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.52psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDCB492AF1-2CEF-4E58-BE47-471C77D0C8BAInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.32.7psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDDEDF773D-E27B-485E-8E7D-85C5B0EB5A67InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.72psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDe8c77137-e224-5791-b6e9-ff0305797a13InprocServer32 -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDE8CF3E55-F919-49D9-ABC0-948E6CB34B9FInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDE9E7529D-7F09-410B-AF2A-CC154473B19CInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.452psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDEA724FD3-844D-43A9-A8C9-A5BC35FC20E4InprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.33.17psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-4002825611-2205535967-4095611985-1004_ClassesCLSIDEF076C91-DC9E-43E3-84ED-3D219E065A4FInprocServer32 -> C:UsersJennLaiBranAppDataLocalGoogleUpdate1.3.35.302psuser_64.dll => No File

ShellExecuteHooks: Groove GFS Stub Execution Hook – B5A7F190-DDA6-4420-B3BA-52453494E6CD – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – B5A7F190-DDA6-4420-B3BA-52453494E6CD – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [   AccExtIco1] -> AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-04-29] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco2] -> 853B7E05-C47D-4985-909A-D0DC5C6D7303 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-04-29] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco3] -> 42D38F2E-98E9-4382-B546-E24E4D6D04BB => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-04-29] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-04-29] (Adobe Inc. -> )

ContextMenuHandlers1: [ANotepad++64] -> B298D29A-A6ED-11DE-BA8C-A68E55D89593 => C:Program FilesNotepad++NppShell_06.dll [2020-11-01] (Notepad++ -> )

ContextMenuHandlers1: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50NavShExt.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [PhotoStreamsExt] -> 89D984B3-813B-406A-8298-118AFA3A22AE => C:Program FilesCommon FilesAppleInternet ServicesShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)

ContextMenuHandlers1: [ReflectShellExt] -> DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611 => C:Program FilesMacriumReflectRContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50NavShExt.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers2: [ReflectShellExt] -> DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611 => C:Program FilesMacriumReflectRContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-05-05] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticatiacm64.dll [2013-04-24] (Advanced Micro Devices, Inc.) [File not signed]

ContextMenuHandlers5: [Gadgets] -> 6B9228DA-9C15-419e-856C-19E768A13BDC =>  -> No File

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSsystem32nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-04-29] (Adobe Inc. -> )

ContextMenuHandlers6: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50buShell.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-05-05] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50NavShExt.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:WINDOWSsystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

HKLM…Drivers32-x32: [msacm.l3codecp] => [X]

HKLM…Drivers32-x32: [vidc.asv2] => asusasv2.dll

HKLM…Drivers32: [vidc.VP60] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)

HKLM…Drivers32: [vidc.VP61] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name="BVTConsumer"",Filter="__EventFilter.Name="BVTFilter"::

WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA « Win32_Processor » AND TargetInstance.LoadPercentage > 99]

WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

ShortcutWithArgument: C:UsersJennLaiBranDocumentsDesktopJen – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Default"

ShortcutWithArgument: C:UsersJennLaiBranDocumentsDesktopLaila – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 3"

ShortcutWithArgument: C:UsersJennLaiBranDocumentsDesktopLaila Rosa ([email protected]) – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 4"

ShortcutWithArgument: C:UsersJennLaiBranDesktopBrandon – Chrome (1).lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 5"

ShortcutWithArgument: C:UsersJennLaiBranDesktopBrandon – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 6"

ShortcutWithArgument: C:UsersJennLaiBranDesktopJen – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Default"

ShortcutWithArgument: C:UsersJennLaiBranDesktopLaila – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 3"

ShortcutWithArgument: C:UsersJennLaiBranDesktopLaila Rose ([email protected]) – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 4"

ShortcutWithArgument: C:UsersJennLaiBranDesktopRosa (Locha) – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 7"

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsGoogle Play Music.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=fahmaaghhglfmonjliepjlchgpgfmobi

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsGoproctorio.com.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory="Profile 4" –app-id=eidnfenpljpdhlnlbpbdcdnmkebmibbf

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsNWEA Secure Testing.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory="Profile 4" –app-id=omkghcboodpimaoimdkmigofhjcpmpeb

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsProctorio.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory="Profile 4" –app-id=lcmfidgbbkfildpegkpdpmepjjobkbcb

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsVideostream for Google Chromecast™.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=cnciopoikihiagdjbjpnocolokfelagl

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsZoom (1).lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory="Profile 5" –app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsZoom.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory="Profile 4" –app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts9501e18d7c2ab92eStep (Step Inside NYC) – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 2"

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts69639df789022856Habichuela – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 1"

ShortcutWithArgument: C:UsersJennLaiBranAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts37ea5785e6fa6bd2Google Hangouts.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory="Profile 1" –app-id=nckgahadagoaajjgafhacjanaoiihapd

==================== Loaded Modules (Whitelisted) =============

2015-10-23 19:52 – 2014-05-19 17:19 – 000137728 _____ () [File not signed] C:Program Files (x86)Common FilesWondershareWondershare Helper CompactCBSCreateVC.dll

2015-10-23 19:52 – 2014-09-11 18:09 – 001498112 _____ () [File not signed] C:Program Files (x86)Common FilesWondershareWondershare Helper CompactDAQExp.dll

2020-08-19 09:45 – 2016-08-09 01:13 – 000183296 _____ () [File not signed] C:Program FilesPostgreSQL9.5binLIBPQ.dll

2020-08-19 09:46 – 2016-07-27 04:08 – 002264576 _____ () [File not signed] C:Program FilesPostgreSQL9.5binlibxml2.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoFoundation.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoJSON.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNet.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNetSSLWin.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoUtil.dll

2021-03-11 23:28 – 2021-03-11 23:28 – 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoXML.dll

2020-08-19 09:46 – 2015-08-26 04:40 – 001687930 _____ (Free Software Foundation) [File not signed] C:Program FilesPostgreSQL9.5binlibiconv-2.dll

2020-08-19 09:46 – 2015-08-26 04:40 – 000685350 _____ (Free Software Foundation) [File not signed] C:Program FilesPostgreSQL9.5binlibintl-8.dll

2010-08-06 11:15 – 2010-08-06 11:15 – 000071680 _____ (Hewlett-Packard) [File not signed] c:windowssystem32hpzinw12.dll

2010-08-06 11:15 – 2010-08-06 11:15 – 000089600 _____ (Hewlett-Packard) [File not signed] c:windowssystem32hpzipm12.dll

2017-02-05 14:12 – 2016-10-04 10:51 – 000076800 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2017-05-29 09:25 – 2020-03-16 14:05 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll

2017-05-29 09:25 – 2020-03-16 14:06 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA Desktoplibcrypto-1_1-x64.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA Desktoplibssl-1_1-x64.dll

2020-08-19 09:46 – 2016-05-05 02:35 – 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesPostgreSQL9.5binLIBEAY32.dll

2020-08-19 09:46 – 2016-05-05 02:35 – 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesPostgreSQL9.5binSSLEAY32.dll

2017-05-29 09:25 – 2020-01-21 20:58 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll

2021-04-21 14:30 – 2020-01-21 20:58 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 000046592 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA Desktopbearerqgenericbearer.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 006270976 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA DesktopQt5Core.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 001389568 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA DesktopQt5Network.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 000157184 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA DesktopQt5WebSockets.dll

2021-05-04 14:56 – 2021-05-04 14:56 – 000210432 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesElectronic ArtsEA DesktopEA DesktopQt5Xml.dll

2015-10-23 19:52 – 2014-09-11 18:10 – 000708608 _____ (Wondershare) [File not signed] C:Program Files (x86)Common FilesWondershareWondershare Helper CompactCBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:UsersJennLaiBranCookies:NWYid7F2jGfjq7h50FQViDP0bOrO [2536]

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [482]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKUS-1-5-21-4002825611-2205535967-4095611985-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.msn.com/?pc=SL5A&ocid=SL5ADHP&osmkt=en-us

HKUS-1-5-21-4002825611-2205535967-4095611985-1001SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp

HKUS-1-5-21-4002825611-2205535967-4095611985-1004SoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages = hxxp://home.lenovo.com

SearchScopes: HKUS-1-5-21-4002825611-2205535967-4095611985-1001 -> AFBCB7E0-F91A-4951-9F31-58FEE57A25C4 URL = hxxps://nortonsafe.search.ask.com/web?q=searchTerms&o=APN11913&l=dis&prt=NS&chn=1000&geo=US&ver=22&locale=en_US&guid=D9136273-89F4-44F6-AC74-2E3A277C1CAE&doi=2016-09-01&gct=kwd&qsrc=2869

SearchScopes: HKUS-1-5-21-4002825611-2205535967-4095611985-1004 -> AFBCB7E0-F91A-4951-9F31-58FEE57A25C4 URL = hxxps://nortonsafe.search.ask.com/web?q=searchTerms&o=APN11913&l=dis&prt=NIS&chn=1000&geo=US&ver=22.11.2.7&locale=en_US&guid=D9136273-89F4-44F6-AC74-2E3A277C1CAE&doi=2016-09-01&gct=kwd&qsrc=2869

BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

BHO: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50coIEPlg.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

BHO: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_281binssv.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)

BHO: McAfee WebAdvisor -> B164E929-A1B6-4A06-B104-2CD0E90A88FF -> C:Program FilesMcAfeeWebAdvisorx64IEPlugin.dll [2021-04-29] (McAfee, LLC -> McAfee, LLC)

BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_281binjp2ssv.dll [2021-02-07] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C:Program Files (x86)Norton Internet SecurityEngine3222.21.2.50coIEPlg.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

BHO-x32: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: McAfee WebAdvisor -> B164E929-A1B6-4A06-B104-2CD0E90A88FF -> C:Program FilesMcAfeeWebAdvisorwin32IEPlugin.dll [2021-04-29] (McAfee, LLC -> McAfee, LLC)

BHO-x32: No Name -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> No File

Toolbar: HKLM – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50coIEPlg.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Toolbar: HKLM-x32 – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C:Program Files (x86)Norton Internet SecurityEngine3222.21.2.50coIEPlg.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Toolbar: HKUS-1-5-21-4002825611-2205535967-4095611985-1001 -> Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50coIEPlg.dll [2021-03-26] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

DPF: HKLM-x32 166B1BCA-3F9C-11CF-8075-444553540000 hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 E06E2E99-0AA1-11D4-ABA6-0060082AA75C hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP6-10050/webex/ieatgpc1.cab

Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)

Filter-x32: application/x-ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C:Program Files (x86)CitrixICA ClientIcaMimeFilter.dll [2015-09-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-4002825611-2205535967-4095611985-1001…hsbc.com -> hxxps://remote.us.hsbc.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 – 2020-01-31 22:54 – 000000855 ____N C:WINDOWSsystem32driversetchosts

127.0.0.1 www.cricut.io

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Razer Chroma SDKbin;C:Program FilesRazer Chroma SDKbin;C:Program Files (x86)Common FilesOracleJavajavapath;C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Program Files (x86)AMD APPbinx86_64;C:Program Files (x86)AMD APPbinx86;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static;C:Program Files (x86)QuickTimeQTSystem;C:Program Files (x86)Windows LiveShared;C:Program Files (x86)SkypePhone;C:Program FilesGitcmd;C:WINDOWSSystem32OpenSSH;C:Program FilesPuTTY;C:WINDOWSsystem32configsystemprofileAppDataLocalMicrosoftWindowsApps;

HKUS-1-5-21-4002825611-2205535967-4095611985-1001Control PanelDesktop\Wallpaper -> C:WINDOWSwebwallpaperWindowsimg0.jpg

HKUS-1-5-21-4002825611-2205535967-4095611985-1004Control PanelDesktop\Wallpaper -> C:UsersJennLaiBranAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper

HKUS-1-5-21-4002825611-2205535967-4095611985-1005Control PanelDesktop\Wallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

HKLMsoftwaremicrosoftWindowsCurrentVersionTelephonyProviders => ProviderFileName2 -> ndptsp.tsp (No File)

Windows Firewall is enabled.

Network Binding:

=============

Local Area Connection: NordVPN LightWeight Firewall -> NordLwf (enabled)

Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AdobeUpdateService => 2

MSCONFIGServices: Apple Mobile Device Service => 2

MSCONFIGServices: Bonjour Service => 2

MSCONFIGServices: MacriumService => 2

MSCONFIGServices: Origin Web Helper Service => 2

MSCONFIGServices: SkypeUpdate => 2

MSCONFIGServices: ss_conn_service => 2

MSCONFIGstartupreg: Skype => "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun

HKLM…StartupApprovedStartupFolder: => "HP Digital Imaging Monitor.lnk"

HKLM…StartupApprovedRun: => "iTunesHelper"

HKLM…StartupApprovedRun: => "AdobeAAMUpdater-1.0"

HKLM…StartupApprovedRun: => "AdobeGCInvoker-1.0"

HKLM…StartupApprovedRun32: => "ConnectionCenter"

HKLM…StartupApprovedRun32: => "Redirector"

HKLM…StartupApprovedRun32: => "AdobeCS6ServiceManager"

HKLM…StartupApprovedRun32: => "SwitchBoard"

HKLM…StartupApprovedRun32: => "Adobe Creative Cloud"

HKLM…StartupApprovedRun32: => "TVEService"

HKUS-1-5-21-4002825611-2205535967-4095611985-1001…StartupApprovedRun: => "Spotify"

HKUS-1-5-21-4002825611-2205535967-4095611985-1001…StartupApprovedRun: => "Spotify Web Helper"

HKUS-1-5-21-4002825611-2205535967-4095611985-1001…StartupApprovedRun: => "Google Photos Backup"

HKUS-1-5-21-4002825611-2205535967-4095611985-1001…StartupApprovedRun: => "cdloader"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedStartupFolder: => "Facebook Gameroom.lnk"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Spotify Web Helper"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Cricut Design Space"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Google Photos Backup"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "cdloader"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "iCloudPhotos"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "iCloudDrive"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "iCloudServices"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Cricut Design Space3"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "ApplePhotoStreams"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Reflect UI"

HKUS-1-5-21-4002825611-2205535967-4095611985-1004…StartupApprovedRun: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [2022BBC2-2AA4-4396-A57D-812FA3C9FB37] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_Skylinesdowser.exe (Paradox Interactive Ab (Publ) -> )

FirewallRules: [59EC3B87-49D3-440C-BCA5-525280D4E248] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_Skylinesdowser.exe (Paradox Interactive Ab (Publ) -> )

FirewallRules: [3EBC31F7-3003-4AA5-B531-4A70CD7BEBEB] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]

FirewallRules: [2968570E-1181-4313-A8A6-B289EEDE0E22] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]

FirewallRules: [82DC3772-80C6-4945-A5AA-C9D493BDC96F] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [1796B08A-A3DF-4256-AD7F-1CF738AD874D] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [5403C6B4-D365-4767-B1F6-483E4B9B35D1] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [13918563-3177-493B-A05D-EA71DDDAC402] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [654A922A-6CFB-4BB5-8375-574A5575EDBA] => (Allow) C:UsersJennLaiBranAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [A57C7E35-8553-4CC6-A4D6-19C4E8CBC0C4] => (Allow) C:UsersJennLaiBranAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [74461831-BD22-4EED-8898-D6E69A8A61C2] => (Allow) C:UsersJennLaiBranAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [D5645B8F-08E1-494B-AA6E-ED3F5509E238] => (Allow) C:ProgramDataBlackmagic DesignDaVinci ResolveSupportQtDecoderQTDecoder.exe => No File

FirewallRules: [1DFDE6E5-EDE5-439B-A61B-34DC41D2D647] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveDPDecoder.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [A31642AA-DD20-4926-AFD0-F5B1F5551783] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveOxygenPanelDaemon.exe => No File

FirewallRules: [C58FA1D5-230F-4A21-A588-5DC1CEB0574E] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveElementsPanelDaemon.exe => No File

FirewallRules: [77D5D1AD-FFAD-4A2F-9FB5-58ACE6959D6D] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveTangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [36606FA7-8B8D-4F1C-9082-7848F1B1F8C9] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveEuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [DC003D57-A302-449B-BF90-CCE3691AC2CE] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveJLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [E96135A6-A2DD-428C-8B47-FAA5AFB07946] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveDaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [B3A1C8CE-7A9F-432D-89E0-7A742D75A3D1] => (Allow) C:Program FilesBlackmagic DesignDaVinci Resolvebmdpaneld.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [51C58E8F-CCA3-4BD9-8FEC-5543B8C3CFCF] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveResolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [9239095B-DBC7-40BE-99CD-6776C9854914] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [2E4F9798-9BFF-470F-B03A-2B9804851190] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [79D1077B-FEFF-4367-96FA-9261537553F2] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [F12E555C-4839-41FE-AAC7-BB20E58617CC] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [CBBC58F3-7785-47EF-9B36-077527EB4804] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_SkylinesCities.exe () [File not signed]

FirewallRules: [0335FDD1-E896-4AB1-87BF-05F2DF655AC8] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_SkylinesCities.exe () [File not signed]

FirewallRules: [68EBFABE-166D-4C16-B133-E95484199B1A] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [6E9EBF3E-3559-494D-8923-141C9B7EAC39] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [EC16B974-7851-4517-8AFE-EC6F9F4B1B81] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [A019CEE9-6B63-4413-80A8-204CD5919A40] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [0CE3A576-7B3D-41A6-B80C-1C994F02FCDF] => (Allow) C:Program Files (x86)BlueStacksHD-Player.exe (BlueStack Systems, Inc.) [File not signed]

FirewallRules: [UDP Query User04ADFBC9-8D55-497D-A191-4CCA05E720A3C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe] => (Block) C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe => No File

FirewallRules: [TCP Query User429DC43B-6712-4916-AE8B-788FFD76DF68C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe] => (Block) C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe => No File

FirewallRules: [UDP Query User28707B21-D6BE-4865-AFC2-ACB5CE71CA3BC:usersjennlaibranappdataroamingspotifyspotify.exe] => (Block) C:usersjennlaibranappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query UserF7A29BEB-4E85-4781-BD08-8691B12D3E74C:usersjennlaibranappdataroamingspotifyspotify.exe] => (Block) C:usersjennlaibranappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [5BDF2DD0-A025-4C17-AD6E-4FECC0C3C575] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [96EF4551-6FF1-495A-863A-8C516DF5C4F3] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [FEB44981-4062-41B3-A838-C9E6AA30DAAD] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [190225B0-91CB-474B-868E-61618B465DDC] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [UDP Query UserDEA3B4EE-9A0F-43CF-B49F-D57F77091377C:usersjennlaibranappdataroamingmjusbspmagicjack.exe] => (Allow) C:usersjennlaibranappdataroamingmjusbspmagicjack.exe => No File

FirewallRules: [TCP Query User628A6664-7483-4165-B7D1-8096A64FD461C:usersjennlaibranappdataroamingmjusbspmagicjack.exe] => (Allow) C:usersjennlaibranappdataroamingmjusbspmagicjack.exe => No File

FirewallRules: [0B813566-6C79-4539-8DFC-995C94AF3F62] => (Allow) LPort=7935

FirewallRules: [82CC43EE-D262-4D03-B961-4569F4EEC27E] => (Allow) C:Program Files (x86)AdobeAdobe Flash Builder 4.6FlashBuilder.exe => No File

FirewallRules: [DE4BFB1C-EAC0-4B10-A502-EF43C349A92F] => (Allow) C:Program Files (x86)AdobeAdobe Flash Builder 4.6FlashBuilder.exe => No File

FirewallRules: [UDP Query User89D526F4-8688-426C-BC34-EDD49F597342C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe] => (Allow) C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe => No File

FirewallRules: [TCP Query User3EA90BA4-6C67-4572-B8C5-8763589A9571C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe] => (Allow) C:usersjennlaibranappdataroamingcricutdesignspacebridgecricutbridge.exe => No File

FirewallRules: [679831A7-932C-4834-9E35-0B0713CB8721] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query UserA16F1593-4C4B-43F0-ABA8-122AF4CB24A2C:program files (x86)wondershareyoutube-downloaderallmytube.exe] => (Allow) C:program files (x86)wondershareyoutube-downloaderallmytube.exe => No File

FirewallRules: [UDP Query UserA9130C33-5777-41B5-A1AD-6AEB829F4984C:program files (x86)wondershareyoutube-downloaderallmytube.exe] => (Allow) C:program files (x86)wondershareyoutube-downloaderallmytube.exe => No File

FirewallRules: [TCP Query UserD00D5E0D-9351-486E-A51D-81966C8A907CC:usersjennlaibranappdataroamingspotifyspotify.exe] => (Allow) C:usersjennlaibranappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query UserD19637E0-13A0-4E2C-A26C-AB50359243B5C:usersjennlaibranappdataroamingspotifyspotify.exe] => (Allow) C:usersjennlaibranappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query UserAEFB7327-7C59-4465-BB6C-6FBD2DE3B462C:usersdimelojuanappdataroamingspotifyspotify.exe] => (Allow) C:usersdimelojuanappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User4AFD7FBA-AC9F-4493-906D-EFF4EE23FEA1C:usersdimelojuanappdataroamingspotifyspotify.exe] => (Allow) C:usersdimelojuanappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User1F2FB1E2-0092-4D75-92A9-F63910F8C40FC:program files (x86)seagateseagate dashboard 2.0dashboard.exe] => (Allow) C:program files (x86)seagateseagate dashboard 2.0dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)

FirewallRules: [UDP Query User55A4237D-D6D9-4C92-A8AB-6BEBBE5B4A62C:program files (x86)seagateseagate dashboard 2.0dashboard.exe] => (Allow) C:program files (x86)seagateseagate dashboard 2.0dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)

FirewallRules: [368F72D8-1921-4D1D-B260-414601E7944D] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [90263025-FDA7-44EC-8EF6-911539E32016] => (Allow) LPort=2869

FirewallRules: [1421C6CC-22C9-4AF6-B6C7-8A20653BCFF3] => (Allow) LPort=1900

FirewallRules: [C3D16313-142E-426E-B33B-803A90BBD4B1] => (Allow) C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [TCP Query UserF044698D-1A0F-4E47-A05F-12765C2909C5C:usersjennlaibranappdataroamingcricutdesignspace3bridgecricutbridge4.exe] => (Block) C:usersjennlaibranappdataroamingcricutdesignspace3bridgecricutbridge4.exe (Provo Craft & Novelty, Inc. -> Provo Craft & Novelty, Inc.)

FirewallRules: [UDP Query User9F7B38D0-0450-47BE-A68B-A8D750DE1271C:usersjennlaibranappdataroamingcricutdesignspace3bridgecricutbridge4.exe] => (Block) C:usersjennlaibranappdataroamingcricutdesignspace3bridgecricutbridge4.exe (Provo Craft & Novelty, Inc. -> Provo Craft & Novelty, Inc.)

FirewallRules: [E117096B-699D-4C37-91F2-FDDF25BD2271] => (Allow) LPort=8888

FirewallRules: [0A9BC0D2-51A6-4D0A-ABD1-B326D8427F7D] => (Allow) C:noxplayerNoxbinNox.exe => No File

FirewallRules: [3ED8800C-ED26-4372-8C6E-7478976349DF] => (Allow) C:Program Files (x86)BignoxBigNoxVMRTNoxVMHandle.exe => No File

FirewallRules: [B0778999-3A4D-4C5F-91D1-160116D335A7] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [C02FD69E-E668-4420-8042-8B97AE65FD64] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [D8E6F3BB-D9BB-46FC-8A24-D5E3ADB32569] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [53870EA5-7517-4156-8240-87D84885202A] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [572E088C-1CBB-4D34-84AE-FFE9C69337A2] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [B37904D8-20D3-454E-8322-ECA12BB2CD6B] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [06452E96-0C2A-4A1C-942B-6D0898103280] => (Allow) C:Program FilesiTunesiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [2143B305-3F19-46AD-A12F-7FFB0A50007D] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [324DA409-05F8-4950-A60F-9EE35C46D640] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [E1C08C8B-2ECF-41A8-8CA3-043722312AC1] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [F5209536-6608-4A56-9732-8DBDD96558A8] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [E9322630-9F6E-4825-8F48-7D7133214DDF] => (Allow) C:UsersJennLaiBranAppDataRoamingBitTorrentBitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [1189E38A-0FF9-47B7-9EBE-FC056E22A11D] => (Allow) C:UsersJennLaiBranAppDataRoamingBitTorrentBitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [A89FB549-F625-48AF-9EC3-98715978509B] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [AC9AFC70-843B-4E0E-85A9-ADF8B7BF0CD2] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [C5316285-173E-4DE3-9BEB-9017CED6A735] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [0317482A-A3C4-4CD3-B1BD-1D9B91405162] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [053DFFFC-3C65-4AF4-AB0D-88874DE48A54] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [735D5D3D-DCF8-40CE-9DD8-5FEFEC2FC120] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [7588690E-F9EB-436A-9E53-3DFAFC16576D] => (Allow) LPort=8888

==================== Restore Points =========================

05-05-2021 07:50:07 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (05/05/2021 01:52:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Synapse Service Process.exe, version: 1.0.0.0, time stamp: 0x607f0127

Faulting module name: GTII-OSD.dll, version: 2.0.3.2, time stamp: 0x5be93476

Exception code: 0xc000041d

Fault offset: 0x000097d3

Faulting process id: 0x5154

Faulting application start time: 0x01d741d7703b02f0

Faulting application path: C:Program Files (x86)RazerSynapse3Service..UserProcessRazer Synapse Service Process.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx86GTII-OSD.dll

Report Id: 298f8d19-db47-4986-934c-edd0cb5595cb

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:52:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Synapse Service Process.exe, version: 1.0.0.0, time stamp: 0x607f0127

Faulting module name: GTII-OSD.dll, version: 2.0.3.2, time stamp: 0x5be93476

Exception code: 0xc0000005

Fault offset: 0x000097d3

Faulting process id: 0x5154

Faulting application start time: 0x01d741d7703b02f0

Faulting application path: C:Program Files (x86)RazerSynapse3Service..UserProcessRazer Synapse Service Process.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx86GTII-OSD.dll

Report Id: ffc06adf-39e9-4894-bd24-e2ccb120bb9c

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:52:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Razer Synapse Service Process.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 08E397D3

Stack:

at System.Windows.Forms.UnsafeNativeMethods.PeekMessage(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32, Int32)

at System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)

at System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)

at System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)

at System.Windows.Forms.Application.Run(System.Windows.Forms.Form)

at Synapse3.UserInteractive.Program.Main()

Error: (05/05/2021 01:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: uiStub.exe, version: 22.21.2.11, time stamp: 0x605c78a5

Faulting module name: GTII-OSD64.dll, version: 2.0.3.2, time stamp: 0x5be93503

Exception code: 0xc000041d

Fault offset: 0x000000000000b180

Faulting process id: 0x3f18

Faulting application start time: 0x01d741d5d4799198

Faulting application path: C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50uiStub.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx64GTII-OSD64.dll

Report Id: f41be230-5f13-4e6a-bc13-3731453bb3eb

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:41:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: uiStub.exe, version: 22.21.2.11, time stamp: 0x605c78a5

Faulting module name: GTII-OSD64.dll, version: 2.0.3.2, time stamp: 0x5be93503

Exception code: 0xc0000005

Fault offset: 0x000000000000b180

Faulting process id: 0x3f18

Faulting application start time: 0x01d741d5d4799198

Faulting application path: C:Program Files (x86)Norton Internet SecurityEngine22.21.2.50uiStub.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx64GTII-OSD64.dll

Report Id: 92695a77-c897-4997-8224-b42a6f299e0a

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:29:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PickerHost.exe, version: 10.0.19041.746, time stamp: 0xca022ed2

Faulting module name: GTII-OSD64.dll, version: 2.0.3.2, time stamp: 0x5be93503

Exception code: 0xc000041d

Fault offset: 0x000000000000b180

Faulting process id: 0x3738

Faulting application start time: 0x01d741d43924bb12

Faulting application path: C:WindowsSystem32PickerHost.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx64GTII-OSD64.dll

Report Id: 9c4f70d7-0f7e-4cb0-a2f3-4b9928354d7a

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:29:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PickerHost.exe, version: 10.0.19041.746, time stamp: 0xca022ed2

Faulting module name: GTII-OSD64.dll, version: 2.0.3.2, time stamp: 0x5be93503

Exception code: 0xc0000005

Fault offset: 0x000000000000b180

Faulting process id: 0x3738

Faulting application start time: 0x01d741d43924bb12

Faulting application path: C:WindowsSystem32PickerHost.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx64GTII-OSD64.dll

Report Id: d3732c28-b5a0-40b6-a17f-8ea32af91a34

Faulting package full name:

Faulting package-relative application ID:

Error: (05/05/2021 01:25:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Uninstall.exe_SUPERSetup Uninstaller, version: 5.0.0.1078, time stamp: 0x53d982fa

Faulting module name: GTII-OSD.dll, version: 2.0.3.2, time stamp: 0x5be93476

Exception code: 0xc000041d

Fault offset: 0x000097d3

Faulting process id: 0x4fd8

Faulting application start time: 0x01d741d39fb2c8b7

Faulting application path: C:Program FilesSUPERAntiSpywareUninstall.exe

Faulting module path: C:Program Files (x86)ASUSGPU TweakIIGTII-OSDx86GTII-OSD.dll

Report Id: 02cb5aea-bd49-4d15-8c47-674b5730a5e6

Faulting package full name:

Faulting package-relative application ID:

System errors:

=============

Error: (05/05/2021 12:27:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The NetTcpActivator service depends on the WAS service which failed to start because of the following error:

The system cannot find the drive specified.

Error: (05/05/2021 12:27:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The NetPipeActivator service depends on the WAS service which failed to start because of the following error:

The system cannot find the drive specified.

Error: (05/05/2021 12:27:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The W3SVC service depends on the WAS service which failed to start because of the following error:

The system cannot find the drive specified.

Error: (05/05/2021 12:27:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The NetMsmqActivator service depends on the WAS service which failed to start because of the following error:

The system cannot find the drive specified.

Error: (05/05/2021 12:27:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The WAS service terminated with the following error:

The system cannot find the drive specified.

Error: (05/05/2021 12:27:10 PM) (Source: WAS) (EventID: 5005) (User: )

Description: Windows Process Activation Service (WAS) is stopping because it encountered an error. The data field contains the error number.

Error: (05/05/2021 12:27:10 PM) (Source: WAS) (EventID: 5215) (User: )

Description: The Windows Process Activation Service (WAS) failed to execute initialization for offline setup. The data field contains the error number.

Error: (05/05/2021 12:27:09 PM) (Source: WAS) (EventID: 5217) (User: )

Description: The Windows Process Activation Service (WAS) encountered an error while handling key generation. This will prevent WAS from starting corrently. The data field contains the error number.

CodeIntegrity:

===============

Date: 2021-05-05 12:54:28

Description:

Code Integrity determined that a process (DeviceHarddiskVolume9WindowsSystem32SecurityHealthService.exe) attempted to load DeviceHarddiskVolume9Program Files (x86)Norton Internet SecurityEngine22.21.2.50symamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-05-05 12:47:11

Description:

Code Integrity determined that a process (DeviceHarddiskVolume9Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe) attempted to load DeviceHarddiskVolume9Program Files (x86)Norton Internet SecurityEngine3222.21.2.50symamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1408 09/21/2010

Motherboard: ASUSTeK Computer INC. P6T

Processor: Intel® Core™ i7 CPU 980 @ 3.33GHz

Percentage of memory in use: 74%

Total physical RAM: 6134.11 MB

Available physical RAM: 1552.33 MB

Total Virtual: 16374.11 MB

Available Virtual: 8665.19 MB

==================== Drives ================================

Drive c: (New Volume) (Fixed) (Total:446.17 GB) (Free:34.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: (New Volume) (Fixed) (Total:465.31 GB) (Free:268.44 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: (Media) (Fixed) (Total:232.88 GB) (Free:60.03 GB) NTFS

Drive g: () (Fixed) (Total:116.34 GB) (Free:8.28 GB) NTFS

Drive h: (New Volume) (Fixed) (Total:116.44 GB) (Free:77.46 GB) NTFS

Drive i: (Work-Projects) (Fixed) (Total:465.75 GB) (Free:35.56 GB) NTFS

Drive l: (BackupPlus) (Fixed) (Total:931.51 GB) (Free:816.42 GB) NTFS

\?Volumebaf56802-0000-0000-0000-205474000000 () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS

\?Volume01dba477-0000-0000-0000-208b6f000000 () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E0B6BAD2)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=116.3 GB) – (Type=07 NTFS)

Partition 3: (Not Active) – (Size=116.4 GB) – (Type=07 NTFS)

Partition 4: (Not Active) – (Size=232.9 GB) – (Type=0F Extended)

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: BAF56802)

Partition 1: (Active) – (Size=465.3 GB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=450 MB) – (Type=27)

Partition 3: (Not Active) – (Size=465.8 GB) – (Type=07 NTFS)

Partition 4: (Not Active) – (Size=931.5 GB) – (Type=0F Extended)

==========================================================

Disk: 2 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 01DBA477)

Partition 1: (Active) – (Size=446.2 GB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=530 MB) – (Type=27)

==================== End of Addition.txt =======================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.