AM I INFECTED?

[cmg7590]

Hi there,
I'm sorry to hear about Broni, he/she was a good person...
Can someone take a look at the pasted logs and let me know if I am infected?
Thanks!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by cmg75 (administrator) on DESKTOP-QV0F9KN (Dell Inc. Inspiron 7706 2n1) (08-06-2025 12:19:13)
Running from C:\Users\cmg75\OneDrive\Desktop\Virtual Dr June 2025\FRST64.exe
Loaded Profiles: cmg75
Platform: Microsoft Windows 11 Home Version 24H2 26100.3915 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.15.3.5\AdskIdentityManager.exe
(C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4>
(C:\Program Files\Autodesk\AdskIdentityManager\1.15.3.5\AdskIdentityManager.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk AdSSO\AdSSO.exe
(C:\Program Files\iTop Screen Recorder\iScrRec.exe ->) (ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files\iTop Screen Recorder\iScrRecExt.exe
(C:\Program Files\iTop Screen Recorder\iScrRec.exe ->) (ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files\iTop Screen Recorder\iScrVoiceCapture.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessService.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <52>
(explorer.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Autodesk, Inc. -> ) C:\Program Files\Autodesk\Autodesk CER\service\cer_service.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\15.4.0.13093\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Chickadee Digital, LLC -> Chickadee Digital LLC) C:\Program Files (x86)\OneBrowser\Update\OBUpdateService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_564a6f565b40bd5f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_15c9ea6001a5206d\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_af2dd92515fdd6b0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Magic Control Technology Corp. -> ) C:\Windows\System32\mlpatch.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_2632ae07cb63b52a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Shenzhen Moyea Software -> Leawo Software) C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Hitachi-LG Data Storage Korea, Inc. -> Hitachi-LG Data Storage, Inc.) C:\Program Files (x86)\ODD Auto Firmware Update\ODDFWUpdate.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5660 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.27840.1000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\10.0.27840.1000-0\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.3910_none_a4ec35037778d761\TiWorker.exe
(svchost.exe ->) (ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files\iTop Screen Recorder\iScrRec.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe [3495880 2022-09-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe [4175056 2021-06-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [PowerDVD21Agent] => C:\Program Files\CyberLink\PowerPlayer365\PowerDVD21Agent.exe [564904 2021-09-24] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Run: [PowerDVD20Agent] => C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe [568816 2020-12-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Run: [PowerDVD23Agent] => C:\Program Files\CyberLink\PowerDVD23\PowerDVD23Agent.exe [568072 2024-01-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [369504 2024-08-21] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Autodesk Access Service] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessService.exe [17290008 2025-03-16] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe [32543520 2025-03-16] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [191984 2020-09-02] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [594416 2020-09-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [525848 2024-01-29] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe [2740872 2022-10-13] (iMobie Inc. -> iMobie Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380632 2023-09-06] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2253824 2022-10-04] (Western Digital Technologies, Inc.) [File not signed]
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\GenuineService.exe [3727136 2024-09-25] (Autodesk, Inc. -> Autodesk)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\Installer\setup.exe [7395408 2025-06-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [823504 2025-06-08] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-06-08] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-06-08] (Google LLC -> Google LLC.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45715776 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [HP ENVY 5660 series (NET)] => C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe [3770528 2021-11-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\cmg75\AppData\Local\WebEx\WebexHost.exe [7272032 2024-07-23] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CiscoSpark] => C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [2052 2024-02-14] () [File not signed]
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [MicrosoftEdgeAutoLaunch_565B244489227EA341891F1B6CD3FCC4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4141136 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe [2740872 2022-10-13] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [576136 2022-10-13] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [UCheck] => C:\Program Files\UCheck\UCheck64.exe [28870576 2024-03-08] (ADLICE -> )
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CyberlinkPowerPlayerMediaServer_PowerPlayer365] => C:\Program Files\CyberLink\PowerPlayer365\Common\CLMediaServer\clmediaserver.exe [6706856 2021-09-24] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CyberlinkPowerPlayerMediaServer] => C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe [5485040 2020-12-21] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [CyberlinkPowerPlayerMediaServer_PowerDVD23] => C:\Program Files\CyberLink\PowerDVD23\Common\CLMediaServer\clmediaserver.exe [6770440 2024-01-05] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-06-08] (Google LLC -> Google LLC.)
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-06-08] (Google LLC -> Google LLC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP DD11 Status Monitor: C:\Windows\system32\hpinkstsDD11LM.dll [392192 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2021-06-12] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.69\Installer\chrmstp.exe [2025-06-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files (x86)\OneBrowser\Application\115.0.5790.171\Installer\chrmstp.exe [2025-06-08] (Chickadee Digital, LLC -> Chickadee Digital, LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {9C2B463F-1656-498B-8C5D-EE53DD68B85F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {974489A5-C7FD-4422-BD02-41E6A1FEDF40} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F5D7E836-3C26-4763-B637-ABCF54218A33} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [11065256 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {14A96D17-7CD3-4E55-B880-C2CD5304D4D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-26] (Apple Inc. -> Apple Inc.)
Task: {CA8521BC-7E87-4310-91E2-0E236E834279} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {71FDCBF6-F5AA-4C08-B656-4D65EDF9EECB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139704 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f15f1a2b-bb53-4115-8479-357e12957af7" --version "6.36.0.11508" --silent
Task: {1ABCF85F-4544-47C1-AC89-FD61910A0D8E} - System32\Tasks\CCleanerSkipUAC - cmg75 => C:\Program Files\CCleaner\CCleaner.exe [39558464 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {596CE5ED-16EB-4C7E-83BD-1A15E9B28EE6} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-01-05] (CyberLink Corp. -> )
Task: {D3E17094-28A2-4C48-8A7A-693B5314F8E0} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-01-05] (CyberLink Corp. -> )
Task: {6922CD25-2DF9-430C-946E-D78362BD8723} - System32\Tasks\G2MUpdateTask-S-1-5-21-2098186831-72314638-4121677046-1001 => C:\Users\cmg75\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-16] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {751899DD-8787-4E61-B50D-4D3FFE1F0CE7} - System32\Tasks\G2MUploadTask-S-1-5-21-2098186831-72314638-4121677046-1001 => C:\Users\cmg75\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-16] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BEF1D64D-B181-413D-BEC7-65494B4B49A1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{8EAEE4DA-EFC9-43CF-AF15-AC5393FC52F3} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {BCB26209-3281-4598-B78B-86B83258F520} - System32\Tasks\iTop Screen Recorder SkipUAC (cmg75) => C:\Program Files\iTop Screen Recorder\iScrRec.exe [15259336 2025-03-06] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/skipuac
Task: {7A3FDB06-55E0-4E3A-B9B0-05B5D4E6E70D} - System32\Tasks\iTop Screen Recorder Startup => C:\Program Files\iTop Screen Recorder\iScrRec.exe [15259336 2025-03-06] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/autorun
Task: {BC093004-CE08-483E-B36E-232D7E1E9A23} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files\iTop Screen Recorder\AutoUpdate.exe [3486416 2024-10-19] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/auto
Task: {1834B06F-38AC-4766-9020-419C25F6553E} - System32\Tasks\iTopVPN_Scheduler_cmg75 => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [8145072 2025-05-28] (Chengdu ShanHe Technology Co., Ltd. -> iTop Inc.) -> C:\Program Files (x86)\iTop VPN\\/autostart
Task: {BCD15679-4EC7-4245-87AD-A57136113929} - System32\Tasks\iTopVPN_SkipUAC_cmg75 => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [8145072 2025-05-28] (Chengdu ShanHe Technology Co., Ltd. -> iTop Inc.) -> C:\Program Files (x86)\iTop VPN\\/SkipUac
Task: {F616B5B6-1FA7-45EB-9CDC-E86B57F44D76} - System32\Tasks\iTopVPN_Update_cmg75 => C:\Program Files (x86)\iTop VPN\atud.exe [3402456 2025-04-17] (Chengdu ShanHe Information Technology Co., Ltd. -> iTop Inc.) -> C:\Program Files (x86)\iTop VPN\\/auto
Task: {282B0A38-3D8E-4C96-AD02-FA206A324BE7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DE1D25B-94F3-434A-8C81-7D2FBF1C20E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {41601AE9-262F-44CB-B7B7-A11D2D4776F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3537F2A1-6B96-4684-BBD6-4FA733FB130B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BAF59E21-A504-4A5A-B363-8B3A4A2858EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {470AF1D9-7260-44AE-9CB3-D5C03CCAAA5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {575A97E9-E40A-46C9-8F0D-C22A5C324A1A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {B500D173-2964-4FD2-9F9F-551CE558D3BB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DDD0FB84-52F7-4BB5-8F8E-2DCB3460336D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8205F9AC-7508-4D4A-87D0-5D4E5FB02211} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {E99DFEA3-63FC-4CBC-9936-A443DA6C22E9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A9EA1A2-AFB3-4FE1-8FBC-FB1B043BBF43} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F8F7786-85CF-4952-9178-DC3418EC4EE2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E48E6E64-634B-4377-91BB-D1583E9B7AC1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37E92498-B3B7-424E-A371-44A4FE074615} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF034D47-39C0-4D11-973E-487F8E5E3DE2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ADF55227-942E-4BB1-9CFB-A0A009CBF284} - System32\Tasks\ODDAutoFirmwareUpdate => C:\Program Files (x86)\ODD Auto Firmware Update\ODDFWUpdate.exe [1260880 2022-07-03] (Hitachi-LG Data Storage Korea, Inc. -> Hitachi-LG Data Storage, Inc.)
Task: {09C913B5-A154-41AB-9739-13CB156173EE} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2098186831-72314638-4121677046-1001 => C:\Users\cmg75\AppData\Local\Microsoft\OneDrive\25.065.0406.0002\OneDriveLauncher.exe [679232 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB44E905-F0EB-4A93-B99A-97F5DB3FC763} - System32\Tasks\WD Device Agent Task cmg75 => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724760 2023-09-06] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {BC54252C-E90E-488D-8459-1442FC09DCFA} - System32\Tasks\WD Discovery Service Task cmg75 => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79640 2023-09-06] (Western Digital Technologies, Inc. -> )
Task: {9C89232E-F673-4994-A71B-36D87BCD3F10} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2098186831-72314638-4121677046-1001 => C:\Users\cmg75\AppData\Roaming\Zoom\bin\Zoom.exe [441656 2025-06-08] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2098186831-72314638-4121677046-1001.job => C:\Users\cmg75\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2098186831-72314638-4121677046-1001.job => C:\Users\cmg75\AppData\Local\GoToMeeting\19992\g2mupload.exe

[cmg7590]

Continuing:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{8c1c7ba2-1bf9-4e6c-9f7c-00080e364ccb}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c634d9f6-1129-49a6-b3bc-ca26ca7bc09d}: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{c634d9f6-1129-49a6-b3bc-ca26ca7bc09d}\34F6E6E65636476274F60283537333: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c634d9f6-1129-49a6-b3bc-ca26ca7bc09d}\34F6E6E65636476274F60283537333: [DhcpDomain] hotspot

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\cmg75\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-08]
Edge DownloadDir: Default -> C:\Users\cmg75\OneDrive\Desktop
Edge Extension: (Open in PDF Reader) - C:\Users\cmg75\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ciphgjdgpkhlngiadnpebblpcjcoabcp [2025-05-15]
Edge Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-08]
Edge Extension: (Edge relevant text changes) - C:\Users\cmg75\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
Edge HKU\S-1-5-21-2098186831-72314638-4121677046-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 4
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default [2025-06-08]
CHR DownloadDir: C:\Users\cmg75\OneDrive\Desktop
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Floorplanner) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2023-06-21]
CHR Extension: (Sudoku) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2023-06-21]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2023-06-21]
CHR Extension: (Turn Off the Lights) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2025-02-19]
CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2023-06-21]
CHR Extension: (Avira Password Manager) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2025-03-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-08]
CHR Extension: (Online Security Pro) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp [2023-06-21]
CHR Extension: (iCloud Bookmarks) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2023-06-21]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-08]
CHR Extension: (Click&Clean) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2024-06-08]
CHR Extension: (Save to Pinterest) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-10-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2023-06-21]
CHR Extension: (Dropbox) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2023-06-21]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-04-18]
CHR Extension: (Zoom Chrome Extension) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2025-06-08]
CHR Extension: (Online Insights Study) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\liijpdbpliofhfhjdjilikakabhcnaif [2025-03-27]
CHR Extension: (Google Drive Dark Mode) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhlhbpejnmlkaiaggagblklodbbldmmc [2024-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-29]
CHR Extension: (Web Disability Simulator) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\olioanlbgbpmdlgjnnampnnlohigkjla [2025-02-19]
CHR Extension: (Tv Online) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2023-06-21]
CHR Extension: (Privacy Test) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2024-01-24]
CHR Extension: (Cool Metronome) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Extensions\polmfiinlikaadclgdojekfaoglellgm [2023-06-21]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-06-08]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-06-08]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR Extension: (Floorplanner) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abopacaefhbognnmeigicfpgnmpideag [2022-05-29]
CHR Extension: (Sudoku) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2022-05-29]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2022-05-29]
CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2023-09-22]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-20]
CHR Extension: (Online Security Pro) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp [2022-05-29]
CHR Extension: (iCloud Bookmarks) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2023-06-21]
CHR Extension: (HTTPS Everywhere) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-29]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-09]
CHR Extension: (Click&Clean) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2024-06-27]
CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-06-21]
CHR Extension: (360 Internet Protection) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glcimepnljoholdmjchkloafkggfoijh [2025-04-09]
CHR Extension: (Save to Pinterest) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2025-04-12]
CHR Extension: (Kindle Cloud Reader) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2022-05-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-04-19]
CHR Extension: (Dropbox) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2022-05-29]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-29]
CHR Extension: (Tv Online) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2022-05-29]
CHR Extension: (Privacy Test) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2024-06-27]
CHR Extension: (Cool Metronome) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\polmfiinlikaadclgdojekfaoglellgm [2022-05-29]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-06-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-19]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-01]
CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-01-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-01]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4 [2025-06-08]
CHR Notifications: Profile 4 -> hxxps://booking.kyoto-plazahotels.com; hxxps://www.facebook.com; hxxps://yfyfx.newadsstream.top
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2025-05-13]
CHR Extension: (Avira Password Manager) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2025-03-13]
CHR Extension: (HEIC to JPG) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\denohmphfiepkgihlobkpmkbdhgmjigf [2025-06-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-27]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5 [2025-06-08]
CHR Extension: (Just Black) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2024-06-27]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-22]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-27]
CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-27]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7 [2025-06-08]
CHR DownloadDir: C:\Users\cmg75\Downloads
CHR Extension: (Just Black) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2024-06-27]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-09]
CHR Extension: (Microsoft Power Automate (Legacy)) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-27]
CHR Profile: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\System Profile [2025-06-08]
CHR HKU\S-1-5-21-2098186831-72314638-4121677046-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.28.1.9278\BVDChromeExt.crx [2025-06-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [19673376 2025-04-01] (Autodesk, Inc. -> Autodesk, Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [11081128 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-28] (Apple Inc. -> Apple Inc.)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [19501848 2025-03-14] (Autodesk, Inc. -> Autodesk, Inc.)
R2 Autodesk CER Service; C:\Program Files\Autodesk\Autodesk CER\service\cer_service.exe [36842992 2025-03-19] (Autodesk, Inc. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1079608 2025-05-21] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [107832 2022-07-03] (Shenzhen Moyea Software -> Leawo Software)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59616 2025-01-31] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [25336 2022-03-29] (Dell Inc -> Dell Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe [532000 2022-06-13] (Intel Corporation -> Intel)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-06-06] (The Document Foundation -> The Document Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9019096 2024-10-08] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-31] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MlPatch; C:\Windows\system32\MlPatch.exe [2244912 2014-08-23] (Magic Control Technology Corp. -> )
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2632ae07cb63b52a\Display.NvContainer\NVDisplay.Container.exe [1275536 2025-03-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 obupdate; C:\Program Files (x86)\OneBrowser\Update\OBUpdateService.exe [3306400 2025-06-08] (Chickadee Digital, LLC -> Chickadee Digital LLC)
S2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15308208 2024-06-06] (ADLICE -> )
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [368248 2021-03-16] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneBrowserElevationService; "C:\Program Files (x86)\OneBrowser\Application\115.0.5790.171\elevation_service.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [581632 2024-10-18] (Microsoft Windows -> Microsoft Corporation)
R3 AX88179A; C:\WINDOWS\System32\DriverStore\FileRepository\axusbeth.inf_amd64_fcd2bee5508b3c4d\AxUsbEth.sys [168072 2024-08-14] (WDKTestCert asix,133111579530933026 -> ASIX Electronics Corp.)
R2 CLFCL5.18; C:\WINDOWS\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2024-02-01] (CyberLink Corp. -> CyberLink Corp.)
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2020-12-15] (CyberLink Corp. -> CyberLink Corp.)
R2 CLFCL5.23; C:\WINDOWS\System32\drivers\CLFCL5.23\000.fcl [47808 2023-12-26] (CyberLink Corp. -> CyberLink Corp.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [44472 2024-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-27] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-13] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-13] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1548488 2022-10-27] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_566db4e95fcf6757\IntcUSB.sys [891944 2022-06-13] (Intel Corporation -> Intel(R) Corporation)
R4 itvwd; C:\Program Files (x86)\iTop VPN\itvwd64.sys [73288 2024-06-08] (Microsoft Windows Hardware Compatibility Publisher -> iTop Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [68392 2020-11-24] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 t6sta; C:\WINDOWS\System32\Drivers\t6sta.sys [166720 2022-01-20] (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corporation)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2022-10-04] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f54d0a27ac206b8c\WiManH\WiManH.sys [175672 2021-07-29] (Intel Corporation -> Intel Corporation)
R3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [39112 2022-05-27] (Wondershare Technology Co.,Ltd -> Wondershare)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-10-18] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-10-18] (Microsoft Windows -> Microsoft Corporation)
S3 sj-pulse-win-driver; \??\C:\Program Files\SJPulse\app\sj-pulse-win-driver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-08 11:18 - 2025-06-08 11:18 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-06-08 11:18 - 2025-06-08 11:18 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-06-08 11:12 - 2025-06-08 11:13 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\pdf-spark-nativefier-41608d
2025-06-08 11:12 - 2025-06-08 11:12 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneBrowser.lnk
2025-06-08 11:12 - 2025-06-08 11:12 - 000000000 ____D C:\Program Files (x86)\OneBrowser
2025-06-08 09:26 - 2025-06-08 09:26 - 000004244 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2098186831-72314638-4121677046-1001
2025-06-08 09:26 - 2025-06-08 09:26 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-06-08 09:26 - 2025-06-08 09:26 - 000000000 ____D C:\Users\cmg75\AppData\Local\Zoom
2025-06-08 09:25 - 2025-06-08 09:26 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Zoom
2025-06-08 08:29 - 2025-06-08 08:31 - 000000000 ____D C:\Users\cmg75\OneDrive\Desktop\New folder
2025-06-08 08:24 - 2025-06-08 08:24 - 000000000 ____D C:\Users\cmg75\AppData\Local\CiscoWebexLauncher
2025-06-08 08:19 - 2025-06-08 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2025-06-08 07:40 - 2025-06-08 07:40 - 000000000 _____ C:\WINDOWS\invcol.tmp
2025-06-08 04:33 - 2025-06-08 04:33 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\LibreOffice
2025-06-08 04:24 - 2025-06-08 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-06-08 04:23 - 2025-06-08 04:23 - 000000000 ____D C:\Program Files\LibreOffice
2025-06-08 03:08 - 2025-06-08 03:08 - 000003426 _____ C:\WINDOWS\system32\Tasks\iTopVPN_Scheduler_cmg75
2025-05-15 11:31 - 2025-05-15 11:31 - 000054208 _____ C:\WINDOWS\system32\Drivers\truesight.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-08 12:21 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-08 12:20 - 2024-06-19 09:21 - 000000000 ____D C:\FRST
2025-06-08 12:19 - 2025-02-19 22:55 - 000000000 ____D C:\Users\cmg75\OneDrive\Desktop\Virtual Dr June 2025
2025-06-08 11:22 - 2024-06-27 08:48 - 000000130 _____ C:\Users\cmg75\AppData\LocalLow\4fca0a34b497acffbb870a4cea576f3ac71f00928c3146fe3d0d2dac45c9d5fb
2025-06-08 11:18 - 2024-10-17 23:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-06-08 11:18 - 2024-06-27 04:47 - 000059481 _____ C:\Users\cmg75\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-06-08 11:18 - 2022-05-30 10:04 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Allavsoft
2025-06-08 11:18 - 2022-04-29 09:31 - 000000000 ____D C:\Program Files\CCleaner
2025-06-08 11:17 - 2024-06-27 04:41 - 000000130 _____ C:\Users\cmg75\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-06-08 11:17 - 2024-04-01 00:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-08 11:17 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-08 11:12 - 2024-06-27 08:48 - 000370469 _____ C:\Users\cmg75\AppData\LocalLow\34f6b2483462849a0a6b86842dbaed8595c9b1ea24a510ce6cabb8d612885e8b
2025-06-08 11:01 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-08 10:30 - 2025-04-15 03:52 - 000000000 ____D C:\Program Files\iTop Screen Recorder
2025-06-08 10:28 - 2024-07-25 09:17 - 000378608 _____ C:\Users\cmg75\AppData\LocalLow\ee390228a246dc88cbc129e68163797a9bfbb126806ea76ed0f684b81bbc7632
2025-06-08 09:50 - 2025-04-29 11:42 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-06-08 08:40 - 2022-04-29 09:18 - 000000000 ____D C:\Users\cmg75\AppData\Local\D3DSCache
2025-06-08 08:34 - 2024-05-25 13:23 - 000056905 _____ C:\Users\cmg75\AppData\LocalLow\7c20ed46f96c41e8f4707573a4b5f44f7b40b89f3834b85911e9c253e71a658b
2025-06-08 08:34 - 2024-05-25 13:23 - 000000130 _____ C:\Users\cmg75\AppData\LocalLow\d184b3a61bf4be513cbb771b07df842ddf56f91b67d9cbe187f53880ca9b5c5d
2025-06-08 08:33 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-06-08 08:32 - 2022-06-14 10:09 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2025-06-08 08:26 - 2022-06-23 15:05 - 000000000 ____D C:\Users\cmg75\AppData\Local\CiscoSpark
2025-06-08 08:25 - 2022-06-23 15:05 - 000000000 ____D C:\Users\cmg75\AppData\Local\CiscoSparkLauncher
2025-06-08 08:20 - 2022-05-29 16:55 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\vlc
2025-06-08 08:19 - 2022-08-26 10:19 - 000000000 ____D C:\Program Files\VideoLAN
2025-06-08 08:17 - 2024-04-03 02:16 - 000002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-06-08 08:14 - 2024-10-17 23:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-08 08:14 - 2024-07-24 13:50 - 000011216 _____ C:\Users\cmg75\AppData\LocalLow\40407afc3fc3d5457bc2505684424ed497d4192c715251192c50d24bfb8882a3
2025-06-08 06:34 - 2022-05-01 12:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-08 06:29 - 2022-05-01 12:29 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-06-08 04:20 - 2022-04-29 09:56 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Microsoft\Word
2025-06-08 03:26 - 2021-10-04 20:46 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-08 03:10 - 2022-04-29 09:24 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-08 03:08 - 2025-04-15 03:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop VPN
2025-06-08 03:08 - 2025-04-15 03:55 - 000000000 ____D C:\Program Files (x86)\iTop VPN
2025-06-08 02:53 - 2024-10-17 23:51 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-06-08 02:53 - 2024-10-17 23:51 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-06-08 02:53 - 2021-11-18 09:51 - 000000000 ____D C:\ProgramData\NVIDIA
2025-06-08 02:49 - 2025-04-15 03:55 - 000000000 ____D C:\ProgramData\iTop VPN
2025-06-08 02:49 - 2025-04-15 03:54 - 000003868 _____ C:\WINDOWS\system32\Tasks\iTop Screen Recorder Update
2025-06-08 02:49 - 2024-07-02 05:09 - 000042147 _____ C:\Users\cmg75\AppData\LocalLow\c471a3f3b88ab9b37460e73f6bb1a3e7a513a2a2866fad587ff56ef5a1ad7e6c
2025-06-08 02:48 - 2024-06-27 04:36 - 000011216 _____ C:\Users\cmg75\AppData\LocalLow\6d1a0d74b8983cab26a68cd0cdace1fb63918ce4f5f6aeaeeefb13009d6d5154
2025-06-08 02:48 - 2022-04-29 10:56 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-06-08 02:48 - 2022-04-29 09:18 - 000000000 __SHD C:\Users\cmg75\IntelGraphicsProfiles
2025-06-08 02:48 - 2021-11-18 09:51 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2025-06-08 02:47 - 2021-11-18 09:47 - 000000000 ____D C:\ProgramData\Goodix
2025-05-20 14:08 - 2022-11-23 08:16 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\iTop Screen Recorder
2025-05-20 12:39 - 2024-06-27 04:42 - 001553130 _____ C:\Users\cmg75\AppData\LocalLow\f68745aa7a9338028522371f61f4006042b0b517326f372ba707e936d2a1fab0
2025-05-20 10:51 - 2022-04-29 09:18 - 000000000 ____D C:\Users\cmg75\AppData\Local\Packages
2025-05-20 10:50 - 2024-06-27 04:42 - 000000130 _____ C:\Users\cmg75\AppData\LocalLow\542c1e7e7a3f794d97a241f547580e15b32e73702c3ce8d5d387f920a571694b
2025-05-20 10:48 - 2024-10-17 23:48 - 000791266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-20 10:48 - 2024-04-01 00:24 - 000000000 ____D C:\WINDOWS\INF
2025-05-15 11:37 - 2022-04-29 10:11 - 000000000 ____D C:\Users\cmg75\AppData\Roaming\Microsoft\Excel
2025-05-15 11:31 - 2024-10-17 23:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-15 11:31 - 2024-10-17 23:48 - 000006424 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-05-15 11:31 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-15 11:31 - 2021-11-18 09:47 - 000000000 ____D C:\Intel
2025-05-15 11:31 - 2021-10-04 20:45 - 000012288 ___SH C:\DumpStack.log.tmp
2025-05-15 11:30 - 2024-04-01 00:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-05-13 10:59 - 2023-09-05 07:13 - 000000000 ____D C:\Users\cmg75\OneDrive\Desktop\Slideshow
2025-05-13 10:39 - 2024-06-27 04:41 - 000166673 _____ C:\Users\cmg75\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e

==================== Files in the root of some directories ========

2022-10-04 10:36 - 2022-10-04 10:36 - 000000000 _____ () C:\Users\cmg75\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[cmg7590]

Now for the Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by cmg75 (08-06-2025 12:24:08)
Running from C:\Users\cmg75\OneDrive\Desktop\Virtual Dr June 2025
Microsoft Windows 11 Home Version 24H2 26100.3915 (X64) (2024-10-18 11:37:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2098186831-72314638-4121677046-500 - Administrator - Disabled)
cmg75 (S-1-5-21-2098186831-72314638-4121677046-1001 - Administrator - Enabled) => C:\Users\cmg75
DefaultAccount (S-1-5-21-2098186831-72314638-4121677046-503 - Limited - Disabled)
Guest (S-1-5-21-2098186831-72314638-4121677046-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2098186831-72314638-4121677046-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAX Audio Converter 1.18.2 (HKLM\...\AAX Audio Converter_is1) (Version: 1.18.2 - audiamus)
Acronis Drivers (HKLM\...\{3BB511DE-CF00-4723-A89C-D7B7D6FADF11}) (Version: 27.0.39676 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Allavsoft 3.28.1.9278 (HKLM-x32\...\{6EBED4D8-13D9-4370-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
Amazon Kindle (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\Amazon Kindle) (Version: 1.33.0.62002 - Amazon)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.8.4.0 - iMobie Inc.)
Apple Mobile Device Support (HKLM\...\{AF0C3D84-6909-4B48-A335-2EC35087BAB0}) (Version: 18.0.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
AutoCAD 2023 Shared (HKLM\...\{28B89EEF-6101-0000-4102-CF3F3A09B77D}) (Version: 24.2.181.0 - Autodesk) Hidden
AutoCAD 2023 Shared Language Pack - English (HKLM\...\{28B89EEF-6101-0409-5102-CF3F3A09B77D}) (Version: 24.2.172.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{F67CF5AA-24B6-4904-A243-83D97FCEDF89}) (Version: 1.0.28.0 - Autodesk)
Autodesk Access (HKLM\...\{A3158B3E-5F28-358A-BF1A-9532D8EBC811}) (Version: 2.13.2.57 - Autodesk, Inc.)
Autodesk App Manager (HKLM-x32\...\{0FC454BE-3FA9-40A2-B5F1-C15B3CE740AA}) (Version: 3.6.0 - Autodesk)
Autodesk AutoCAD 2023 - English (HKLM\...\{73A78CE1-E03A-3415-826E-91A699E39B17}) (Version: 24.2.181.0 - Autodesk, Inc.)
Autodesk AutoCAD 2023.1.4 Update (HKLM\...\{8607E265-CA2A-3D78-8D03-2BE93F3CD55C}) (Version: 24.2.181.0 - Autodesk, Inc.)
Autodesk AutoCAD 2026.0.1 Update (HKLM\...\{2EB5D1FD-A9D6-3949-BA74-FA43D2B3672E}) (Version: 25.1.74.0 - Autodesk, Inc.)
Autodesk AutoCAD Performance Feedback Tool 1.3.12 (HKLM-x32\...\{293C8AB2-59FA-4C6E-A707-EE7457D8F567}) (Version: 1.3.12.0 - Autodesk)
Autodesk Batch Save Utility (Standalone) (HKLM\...\{A3A8A33B-C0F1-4ABD-8F66-4CD9381A928A}) (Version: 3.7.280.0 - Autodesk)
Autodesk CER (HKLM\...\{6886F8AE-8DF2-4ACA-8B49-898C1F0CE80B}) (Version: 7.1.6.869 - Autodesk Inc.) Hidden
Autodesk Civil 3D 2026 - English (HKLM\...\{E81FE5B0-6BD9-3DD6-8B47-B286F77596F3}) (Version: 13.8.280.0 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{F96ADB23-C383-463F-AEB6-B91CBD0F2898}) (Version: 3.6.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{D207E870-6397-417E-B7DD-720BFBE589A3}) (Version: 7.5.0.226 - Autodesk)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.15.3.5 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{217D7134-F441-3B94-8AAB-63175C9228A9}) (Version: 1.3.2.2 - Autodesk, Inc.) Hidden
Autodesk Interoperability Engine Manager (HKLM\...\{C4EFAB73-D98A-3676-A3F8-142FC78E0EF3}) (Version: 1.0.0.11 - Autodesk.com) Hidden
Autodesk Inventor Interoperability 2023 (HKLM\...\{E2B54F9E-FF26-47AE-9AE1-D7AFBC32DE0C}) (Version: 27.0.13400.0000 - Autodesk) Hidden
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{5BF7551A-09A6-4BDD-AE1E-048104FB478C}) (Version: 3.1.8 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{88003D19-C1C3-402D-A162-42D9B924266C}) (Version: 13.3.3.1803 - Autodesk)
Autodesk Vehicle Tracking 2026 (64 bit) Core (HKLM\...\{1399DB9C-796E-4904-ABB3-65CB8B474DD2}) (Version: 26.0.0.2875 - Autodesk, Inc.) Hidden
Carlson X-Port (HKLM-x32\...\{7FAE5A37-92C2-4EFF-9758-9F3312ED9B36}) (Version: 1.00.000 - Carlson Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.36 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\ActiveTouchMeetingClient) (Version: 43.5.0 - Cisco Webex LLC)
CodeTwo QR Code Desktop Reader & Generator (HKLM-x32\...\{AF7E31D6-980C-4788-B80C-47F1837CF44C}) (Version: 1.1.2.4 - CodeTwo)
CyberLink BD Advisor 2 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.2813 - CyberLink Corp.) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.10810 - CyberLink Corp.) Hidden
CyberLink Media Suite 15 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 15.0.1806.0 - CyberLink Corp.) Hidden
CyberLink Media Suite 15 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 15.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.8818 - CyberLink Corp.) Hidden
CyberLink PowerBackup 2.6 (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.0.4808a - CyberLink Corp.) Hidden
CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.4929.66 - CyberLink Corp.) Hidden
CyberLink PowerDVD 20 (HKLM-x32\...\{E5B8E5C5-4C42-407B-A2BC-BAC724D1F43F}) (Version: 20.0.2327.62 - CyberLink Corp.)
CyberLink PowerDVD 23 (HKLM-x32\...\{1BB40144-36AC-4A7C-AF6A-A0F9DA57FC76}) (Version: 23.0.1303.62 - CyberLink Corp.)
CyberLink PowerPlayer (HKLM-x32\...\{F72F81DD-3501-4676-A786-4FC510371F9B}) (Version: 365.21.2122.0 - CyberLink Corp.)
CyberLink PowerProducer 5.5 (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.5.3.7516c - CyberLink Corp.) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{E9CD23E0-FC9B-4AE6-83A1-067FC62A39E7}) (Version: 5.5.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{EF42F5D9-A5B3-4255-916F-EA411B906750}) (Version: 4.0.6072 - Screenovate Technologies Ltd.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{F5391400-4596-46A6-9D3C-9D7647230679}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2b5a1544-c837-4b31-acb8-cb096c96013f}) (Version: 5.5.13.0 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{183DEF89-F000-4745-81FD-3B43101D5B9F}) (Version: 5.2.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FoneTool (HKLM-x32\...\{AD04677C-79B8-4B7A-BB39-FEE6F138E716}_is1) (Version: 2.5.0 - AOMEI International Network Limited.)
Fusion Service (HKLM\...\{091B2FD3-A3C7-4E3F-8633-02AE6F8306BB}) (Version: 2.0.58.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{4baf873a-44e8-403a-80ee-255fbed9777d}) (Version: 2.0.58.0 - Dell.Inc)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 3.0.38.600 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 137.0.7151.69 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 109.0.3.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{7659273F-0EB6-4ECB-BC7D-5889F3FD3075}) (Version: 1.0.562 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
Herramientas de correcci?n de Microsoft Office 2016: espa?ol (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP ENVY 5660 series Basic Device Software (HKLM\...\{0277C4A7-881E-4177-A7FF-8900FBA20524}) (Version: 40.15.1230.21319 - HP Inc.)
Intel(R) LMS (HKLM\...\{81B9108D-91B3-4E6A-B5A4-28C67EBFC12A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{A47874B5-99CC-4506-B0A0-D5E142FD17A5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{97C59670-D20F-4FF0-AB3D-9F58938D45B9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{F0B4B693-5A70-48F4-B50F-F1E3FB226A82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
IrfanView 4.65 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.65 - Irfan Skiljan)
iTop Screen Recorder (HKLM-x32\...\iTop Screen Recorder_is1) (Version: 5.5.0.2950 - iTop Inc.)
iTop VPN (HKLM-x32\...\iTop VPN_is1) (Version: 6.5.0.6176 - iTop Inc.)
iTunes (HKLM\...\{9525F9AD-AC2D-4282-9E46-CF6998B7D7F3}) (Version: 12.13.3.2 - Apple Inc.)
j5 USB DISPLAY ADAPTER 21.02.1112.3179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 21.02.1112.3179 - j5create)
Leawo Prof. Media version 13.0.0.2 (HKLM\...\{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1) (Version: 13.0.0.2 - Leawo Software)
LibreOffice 25.2.4.3 (HKLM\...\{E67DBA3B-4C2A-44AC-BC4D-86EA56550BB3}) (Version: 25.2.4.3 - The Document Foundation)
Malwarebytes version 5.1.11.133 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.11.133 - Malwarebytes)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2016 (HKLM-x32\...\{90160000-0015-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2016 (HKLM-x32\...\{90160000-0117-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.5 - Shared Framework (x64) (HKLM-x32\...\{675e1f06-4fbf-4cfb-8554-d6dfee7a3a0a}) (Version: 6.0.5.22218 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.5 Shared Framework (x64) (HKLM\...\{FBBCB9D0-A7C5-3132-A27B-B857F79A1377}) (Version: 6.0.5.22218 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.11 - Shared Framework (x64) (HKLM-x32\...\{dbee02ef-94f9-4820-9b96-574810fe553e}) (Version: 8.0.11.24521 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.11 Shared Framework (x64) (HKLM\...\{A79CA1F2-D440-3F40-9898-6C1A5E1DD40E}) (Version: 8.0.11.24521 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2016 (HKLM-x32\...\{90160000-0090-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.68 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2016 (HKLM-x32\...\{90160000-0016-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2016 (HKLM-x32\...\{90160000-00BA-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2016 (HKLM-x32\...\{90160000-0044-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2016 (HKLM-x32\...\{90160000-00E1-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2016 (HKLM-x32\...\{90160000-00E2-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (English) 2016 (HKLM-x32\...\{90160000-002C-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2016 (HKLM\...\{90160000-002A-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2016 (HKLM\...\{90160000-0116-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2016 (HKLM-x32\...\{90160000-006E-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2016 (HKLM-x32\...\{90160000-0115-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\OneDriveSetup.exe) (Version: 25.065.0406.0002 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2016 (HKLM-x32\...\{90160000-00A1-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2016 (HKLM-x32\...\{90160000-001A-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2016 (HKLM-x32\...\{90160000-0018-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2016 (HKLM-x32\...\{90160000-0019-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (English) 2016 (HKLM-x32\...\{90160000-012B-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
Microsoft Word MUI (English) 2016 (HKLM-x32\...\{90160000-001B-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 566.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.41 - NVIDIA Corporation)
ODD Auto Firmware Update (HKLM-x32\...\{3DD8DB1B-20D0-447C-940A-1306B3931FED}) (Version: 1.0.1807.2501 - Hitachi-LG Data Storage, Inc.)
OneBrowser (HKLM-x32\...\OneBrowser) (Version: 115.0.5790.171 - OneBrowser)
Outils de v?rification linguistique 2016 de Microsoft Office*- Fran?ais (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDFill FREE PDF Editor Basic (HKLM\...\{26037138-C111-4BC5-88E8-DD2B2F2460C7}) (Version: 15.0 - PlotSoft LLC)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9172.1 - Realtek Semiconductor Corp.)
RogueKiller version 15.17.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.17.0.0 - Adlice Software)
SanDisk Security (HKLM-x32\...\{5d4b1e22-ee0a-42be-85e3-fdedcb0a16da}) (Version: 1.0.0.22 - Western Digital Technologies, Inc.)
SanDisk Security (HKLM-x32\...\{FBCE2D4B-506A-4CD7-B577-FC80E87785BA}) (Version: 1.0.0.22 - Western Digital Technologies, Inc.) Hidden
SERI FHWA fonts (HKLM-x32\...\{8959A761-9357-4BF1-BCDA-704D953C7102}) (Version: 1.0 - SERI 2000 BT)
Sight Survey 2016 (HKLM-x32\...\{3D387B2D-B0C0-48FF-872A-3434AC81C6DF}) (Version: 1.0 - Carlson Software)
SQLite ODBC Driver (remove only) (HKLM-x32\...\SQLite ODBC Driver) (Version: - )
Turbo ODD (HKLM-x32\...\{65835347-B035-4000-9A14-6C91E4B0BEDA}) (Version: 1.0.0.0 - Hitachi-LG Data Storage Inc)
UCheck version 5.3.1.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 5.3.1.0 - Adlice Software)
VideoByte DVD Copy 1.0.32 (HKLM-x32\...\{ECDB1493-D5EA-48E5-872E-B81E5C65D480}_is1) (Version: 1.0.32 - VideoByte)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD Desktop App 2.1.0.335 (HKLM-x32\...\{fdd55732-32b6-4783-9b31-db9ad9f96792}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.335 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.4.407 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{1993af7f-1716-4c45-96d9-addd25881464}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F150F4B6-43B7-4132-9460-017057950EF9}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (HKLM-x32\...\{D9ABF771-729C-471F-A6DF-1010527DB376}) (Version: 2.1.0 - Western Digital) Hidden
Webex (HKLM\...\{B21AEACC-9536-5676-9C8C-D22BCCB89ED4}) (Version: 42.6.0.22645 - Cisco Systems, Inc)
WinX DVD Ripper Platinum 8.21.0 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
WPTx64 (HKLM-x32\...\{FD439F85-AD64-B3E5-9FC5-444AE8C8AF7B}) (Version: 10.1.19041.1 - Microsoft)
Zoom Workplace (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\ZoomUMX) (Version: 6.4.12 (64384) - Zoom Communications, Inc.)
ZoomInfo Contact Contributor (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\ZoomInfo Contact Contributor) (Version: 62 - )

Chrome apps:
============
Docs (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\a65451853f96ffac0070a4e40f4a9594) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\c39348bcb7c76146c44ed6e129c4e347) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\46cc6c97795364d0e9a495ce287baf96) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\a20739a95f8179009afe274946b2e859) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\2693cb49f59010cc1a43fe823d5192c2) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\004fd73d8890c2a309fab4e27ad55a4c) (Version: 1.0 - Google\Chrome)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-29] (Microsoft Windows)
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-29] (Microsoft Windows)
5A894077.McAfeeSecurity -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2024-10-09] (McAfee LLC.)
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1156.0_x64__22t9g3sebte08 [2024-10-12] (AMZN Mobile LLC.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-12-01] (INTEL CORP) [Startup Task]
AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-14] (INTEL CORP)
Bluetooth? Profile Pack -> C:\Program Files\WindowsApps\Microsoft.BluetoothProfilePack_0.23082.3.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation)
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-04-29] (Microsoft Windows)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-11] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.5.5.0_x64__htrsf667h5kn2 [2024-10-09] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.5.0.0_x64__htrsf667h5kn2 [2025-02-18] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2024-05-22] (Screenovate Technologies)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.2.64.0_x86__htrsf667h5kn2 [2024-02-19] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.27.1140.0_x64__rz1tebttyb220 [2025-05-15] (Dolby Laboratories)
Dolby Vision Extensions -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionAccess_2.20500.483.0_x64__rz1tebttyb220 [2025-04-17] (Dolby Laboratories)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-06] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x86__8wekyb3d8bbwe [2025-05-06] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-06] (Microsoft Corporation)
Intel? Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1042.0_x64__8j3eq9eme6ctt [2025-06-08] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-10-09] (Dell Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-18] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-01] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.174.0_x64__pwbj9vvecjh7j [2025-04-22] (Amazon Development Centre (London) Ltd)
Smart Watch Widget -> C:\Program Files\WindowsApps\48434KremerSoftware.SmartWatchWidget_1.7.2.0_x64__8gd1dywhy2v8a [2024-02-21] (Kremer Software) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2022-05-26] (Waves Audio)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-02-18] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.498.2246.0_x64__8wekyb3d8bbwe [2025-06-08] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-29] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{0063BC47-A0C5-44BC-ACC3-50962CA5E9C2}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2026\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2026\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\cmg75\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{363E5B47-885D-44C3-89EB-A2AB2129B57E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2026\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{607BBE5B-A4EE-47EB-88C9-75FE5F12EAC7}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2026\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\cmg75\AppData\Local\GoToMeeting\19950\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2026\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2026\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2098186831-72314638-4121677046-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2026\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {4C42CE80-FBE4-4F7E-BD19-16531A963F2D} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {4C42CE80-FBE4-4F7E-BD19-16531A963F2D} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {4C42CE80-FBE4-4F7E-BD19-16531A963F2D} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {4C42CE80-FBE4-4F7E-BD19-16531A963F2D} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2025-04-23] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [$PowerDVD18] -> {EF1ED1FB-2224-4150-B12A-CDDE6D442D5A} => C:\ProgramData\CyberLink\PowerDVD18\OpenWith\PDVD_Shell64.dll [2021-01-13] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [$PowerDVD20] -> {0C8565E4-F4B9-4D3D-87C0-C4B2E367B2C0} => C:\ProgramData\CyberLink\PowerDVD20\OpenWith\PDVD_Shell64.dll [2020-12-21] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [$PowerDVD23] -> {CF1F77B3-4F86-4266-9964-1E9FF41836E8} => C:\ProgramData\CyberLink\PowerDVD23\OpenWith\PDVD_Shell64.dll [2024-01-05] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [$PowerPlayer365] -> {D7A7E286-5892-416A-B5F4-5D1357044986} => C:\ProgramData\CyberLink\PowerPlayer365\OpenWith\PDVD_Shell64.dll [2021-09-24] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2025-04-23] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2020-09-03] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2020-09-03] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-06-08] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2632ae07cb63b52a\nvshext.dll [2025-03-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)

[cmg7590]

Continuing:

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\cmg75\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_agimnkijcaahngcdmfeangaknmldooml\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Chi - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Chi Ming - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\cmg75\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Chi Ming - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2025-04-23 14:00 - 2025-03-13 14:37 - 004487168 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adIPC.node
2025-04-23 14:00 - 2025-03-15 22:05 - 000344064 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adpUtil.node

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2098186831-72314638-4121677046-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2098186831-72314638-4121677046-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\sharepoint.com -> hxxps://studentlaccd-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-06-27 04:36 - 2024-06-27 04:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2098186831-72314638-4121677046-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cmg75\OneDrive\Desktop\Slideshow\FullSizeRender.jpg
DNS Servers: 192.168.4.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet 5: ASIX USB to Gigabit Ethernet Family Adapter #2 -> AxUsbEth.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run: => "PowerDVD21Agent"
HKLM\...\StartupApproved\Run: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run: => "PowerDVD23Agent"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "PowerDVD18Agent"
HKLM\...\StartupApproved\Run32: => "AirBackupHelper"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_565B244489227EA341891F1B6CD3FCC4"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "AirBackupHelper"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "AnyTransToolHelper"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "UCheck"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerPlayer365"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD23"
HKU\S-1-5-21-2098186831-72314638-4121677046-1001\...\StartupApproved\Run: => "GoogleDriveFS"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AA8536D6-A29F-41E2-B3B2-D8A38082FF82}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EB5EFF3-8487-4A26-B4FE-74DF6E3AB2D3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B29B4056-0204-4F17-A5F3-639BC1A785EC}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{CF89820D-4F86-4C6E-85E9-A016618D1874}C:\program files (x86)\zoom\bin\zoom.exe] => (Allow) C:\program files (x86)\zoom\bin\zoom.exe => No File
FirewallRules: [TCP Query User{60619F8C-CE8F-4650-8EF2-EEB03B4F7FA9}C:\program files (x86)\zoom\bin\zoom.exe] => (Allow) C:\program files (x86)\zoom\bin\zoom.exe => No File
FirewallRules: [UDP Query User{974FE78F-80C5-49AD-92E9-F68F334D30A0}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{AB89E85A-1E4E-4821-80CF-3D0C48C2B657}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{369DC800-928B-49C0-9B1F-D5F77283C5A3}C:\program files (x86)\zoom\bin\zoom.exe] => (Allow) C:\program files (x86)\zoom\bin\zoom.exe => No File
FirewallRules: [TCP Query User{747EB366-8495-4733-8747-52F9DF65EEE0}C:\program files (x86)\zoom\bin\zoom.exe] => (Allow) C:\program files (x86)\zoom\bin\zoom.exe => No File
FirewallRules: [UDP Query User{AB0463B8-B4AC-4597-81A3-67177BCC6D0A}C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{3E19DBDF-0A6E-47CB-9560-CC940F57E2FF}C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe (HP Inc. -> HP Inc.)
FirewallRules: [UDP Query User{AC97AD45-3093-4005-B066-9ECD57BCEB92}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{7DB4D9A7-128D-43AB-B790-81F06E8BC390}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{1CD65CED-2022-43A6-82C9-051A87D78815}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{90DC2FD1-65AC-4124-9E58-7486491C03E0}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8E4009C9-0014-4672-8EE5-EB6640B00177}C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{2934D1DF-6D32-4E81-B67C-A609D15ECF69}C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5660 series\bin\hpnetworkcommunicatorcom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5CE098CC-F153-4791-B6E5-444E3E91D280}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24135.300.2876.2873_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9739951-F52E-4EE2-AAA5-BD662FA1735E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24135.300.2876.2873_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4661CCC0-F3E7-426F-AA32-C4AEBA5C22C4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{04F1668B-12DD-4D48-9685-DDD699BAC1AB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AB04C74A-9B59-42E4-80C1-FD7277DA3120}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.64\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A5EC608-B00D-4E2F-8242-3755C16924B7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3C4DBB0-2CA7-40CA-AC94-7953A9A5F72C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE456FC8-C440-4F2D-A6D2-A51BC5B9A7C7}] => (Allow) C:\Users\cmg75\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{AAA05588-8CD9-447F-8C3F-E5AAD809B6F2}] => (Allow) C:\Users\cmg75\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D4608B58-BF57-48CC-8CB6-729D9431BB08}] => (Allow) C:\Users\cmg75\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C457B1C6-03AC-415F-99B3-BA5DD5AD94E1}] => (Allow) C:\Program Files (x86)\OneBrowser\Application\OneBrowser.exe (Chickadee Digital, LLC -> Chickadee Digital, LLC)

==================== Restore Points =========================

08-06-2025 03:15:39 Windows Modules Installer
08-06-2025 03:21:45 Windows Modules Installer
08-06-2025 08:43:03 Removed Zoom (32-bit)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/08/2025 03:31:05 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: TiWorker.exe, version: 10.0.26100.3910, time stamp: 0x33a03bed
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00007ffda100628f
Faulting process id: 0x41ac
Faulting application start time: 0x1dbd85db0575af6
Faulting application path: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.3910_none_a4ec35037778d761\TiWorker.exe
Faulting module path: unknown
Report Id: 603c6851-1c4c-463b-8aa9-974b7d69d9c2
Faulting package full name:
Faulting package-relative application ID:

Error: (04/25/2025 06:31:02 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-QV0F9KN)
Description: Faulting application name: dptf_helper.exe, version: 8.7.10802.26924, time stamp: 0x6254b87c
Faulting module name: dptf_helper.exe, version: 8.7.10802.26924, time stamp: 0x6254b87c
Exception code: 0xc0000005
Fault offset: 0x0000000000002794
Faulting process id: 0x16f0
Faulting application start time: 0x1dbb4a577a53648
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
Report Id: 5fa89518-15c0-4488-98dc-7cdabd30d9e9
Faulting package full name:
Faulting package-relative application ID:

Error: (04/23/2025 09:51:11 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-QV0F9KN)
Description: Faulting application name: WavesSvc64.exe, version: 1.55.3.0, time stamp: 0x60b8bcfb
Faulting module name: AUDIOSES.DLL, version: 10.0.26100.3624, time stamp: 0xa2e997df
Exception code: 0xc0000005
Fault offset: 0x000000000006c987
Faulting process id: 0x15d8
Faulting application start time: 0x1dbb4a58824c1a3
Faulting application path: C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe
Faulting module path: C:\WINDOWS\SYSTEM32\AUDIOSES.DLL
Report Id: 3f608c0e-a1f7-4556-890b-5d2c86563267
Faulting package full name:
Faulting package-relative application ID:

Error: (04/23/2025 02:00:59 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: AdAppMgrSvc.exe, version: 8.4.0.50, time stamp: 0x62625fd8
Faulting module name: Qt5Core_Ad_5_12.dll, version: 5.12.2.2, time stamp: 0x5d4a8ded
Exception code: 0xc0000409
Fault offset: 0x000235e1
Faulting process id: 0x12d8
Faulting application start time: 0x1dbb4640e1e0638
Faulting application path: C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
Faulting module path: C:\Program Files (x86)\Autodesk\Autodesk Desktop App\Qt5Core_Ad_5_12.dll
Report Id: 341aa73e-f535-4bc2-a0ef-2a068818e76a
Faulting package full name:
Faulting package-relative application ID:

Error: (04/23/2025 08:29:00 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program RogueKiller64.exe version 15.17.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (04/23/2025 06:08:48 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-QV0F9KN)
Description: Faulting application name: dptf_helper.exe, version: 8.7.10802.26924, time stamp: 0x6254b87c
Faulting module name: dptf_helper.exe, version: 8.7.10802.26924, time stamp: 0x6254b87c
Exception code: 0xc0000005
Fault offset: 0x0000000000002794
Faulting process id: 0x43ac
Faulting application start time: 0x1dbb37f65f6c3e0
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
Report Id: 9e473545-584d-44d5-9cb2-82df74d85c6a
Faulting package full name:
Faulting package-relative application ID:

Error: (04/22/2025 03:25:39 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (04/22/2025 02:29:29 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17


System errors:
=============
Error: (06/08/2025 11:36:13 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (06/08/2025 05:54:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (06/08/2025 05:54:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDDriveService service.

Error: (06/08/2025 04:41:28 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-QV0F9KN)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/08/2025 04:34:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (06/08/2025 04:33:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9NHT9RB2F4HD-Microsoft.Copilot.

Error: (06/08/2025 04:32:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO.

Error: (06/08/2025 03:42:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9N3RK8ZV2ZR8-Microsoft.WidgetsPlatformRuntime.


Windows Defender:
================
Date: 2025-06-08 04:33:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-05-13 10:03:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-29 11:17:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-24 21:02:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-23 20:44:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2025-06-08 03:09:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.429.11.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25040.1
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2025-06-08 03:09:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.429.11.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25040.1
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2025-06-08 03:09:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.429.11.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25040.1
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2025-06-08 03:07:31
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.429.11.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25040.1
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2025-06-08 03:07:31
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.429.11.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25040.1
Error code: 0x80072ee2
Error description: The operation timed out

==================== Memory info ===========================

BIOS: Dell Inc. 1.35.0 02/13/2025
Motherboard: Dell Inc. 0P47D9
Processor: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
Percentage of memory in use: 68%
Total physical RAM: 16110.79 MB
Available physical RAM: 5043.88 MB
Total Virtual: 22510.79 MB
Available Virtual: 8972.26 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:457.59 GB) (Free:182.17 GB) (Model: Intel Optane H20 with SSD 512GB) NTFS
Drive d: (MING SURVEY) (Fixed) (Total:931.28 GB) (Free:796.68 GB) (Model: SAMSUNG HM100UI USB Device) FAT32
Drive e: (Extreme SSD) (Fixed) (Total:931.47 GB) (Free:24.8 GB) (Model: SanDisk Extreme 55AE SCSI Disk Device) exFAT
Drive f: (Extreme SSD) (Fixed) (Total:1862.97 GB) (Free:1273.79 GB) (Model: SanDisk Extreme 55AE SCSI Disk Device) exFAT
Drive g: (T9) (Fixed) (Total:1862.96 GB) (Free:618.93 GB) (Model: Samsung PSSD T9 SCSI Disk Device) exFAT
Drive j: (Extreme Pro) (Fixed) (Total:3725.97 GB) (Free:12.77 GB) (Model: SanDisk Extreme Pro 55AF SCSI Disk Device) exFAT
Drive m: (MING SD32GB) (Removable) (Total:29.71 GB) (Free:29.12 GB) FAT32

\\?\Volume{e889d45c-49f3-473a-87d0-0cb16d14f380}\ () (Fixed) (Total:1.19 GB) (Free:0.09 GB) NTFS
\\?\Volume{568922b7-1206-4134-885f-d142267e5ba1}\ (Image) (Fixed) (Total:16.51 GB) (Free:0.14 GB) NTFS
\\?\Volume{b399719c-e49a-4828-813e-4b52fc8d76fc}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.34 GB) NTFS
\\?\Volume{7460597e-fc7d-46ba-bf83-894da6ae820a}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5BD9B10D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: ECC9CAEA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 003EC006)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=FAT32)

==========================================================
Disk: 6 (Size: 29.7 GB) (Disk ID: A39F7834)
Partition 1: (Not Active) - (Size=29.7 GB) - (Type=FAT32)

==================== End of Addition.txt =======================

[fink]

Unfortunately as you've said above, Broni, our malware helper has sadly passed away and we don't currently have anyone qualified to read those files and offer solutions on malware infections. Right now the only reliable online site that's doing so is BleepingComputer so I'd suggest opening a member's account there and following their instructions which I believe are very similar to ours.


https://www.bleepingcomputer.com/for...-removal-help/

Sorry we can't be of more help. We are looking for an in-house malware person but have not been successful as of yet.