Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by mahoj (04-09-2023 01:01:24)

Running from C:\Users\mahoj\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.2134 (X64) (2023-07-21 20:20:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1720479435-1288462160-2483743075-500 - Administrator -

Disabled)
ASPNET (S-1-5-21-1720479435-1288462160-2483743075-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-1720479435-1288462160-2483743075-503 - Limited - Disabled)
Guest (S-1-5-21-1720479435-1288462160-2483743075-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1720479435-1288462160-2483743075-1003 - Limited - Enabled)
mahoj (S-1-5-21-1720479435-1288462160-2483743075-1001 - Administrator - Enabled) =>
C:\Users\mahoj
WDAGUtilityAccount (S-1-5-21-1720479435-1288462160-2483743075-504 - Limited -
Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)
.NET Core SDK 1.1.14 (x64) (HKLM\...\{BCB0834B-EC91-4237-AF17-A2F67FC93796})

(Version: 4.19.38102 - Microsoft Corporation) Hidden
.NET Core SDK 1.1.14 (x64) (HKLM-x32\...\{55f6b3e3-195f-429d-9f05-64231d1f4157})
(Version: 1.1.14 - Microsoft Corporation)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006})
(Version: 11.0.23 - Adobe Systems)
Adobe After Effects CS4 Third Party Content (HKLM-x32\...\{67A9747A-E1F5-4E9A-81CC-
12B5D5B81B6E}) (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}) (Version:
1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service CS4 (HKLM-x32\...\{1618734A-3957-4ADD-8199-F973763109A8})
(Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A})
Adobe Bridge CS4 (HKLM-x32\...\{83877DB1-8B77-45BC-AB43-2BAC22E093E0}) (Version: 3
- Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (HKLM-x32\...\{94D398EB-D2FD-4FD1-B8C4-592635E8A191}) (Version: 2.0
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0
Adobe Color - Photoshop Specific CS4 (HKLM-x32\...\{3D2C9DE6-9ADE-4252-A241-
E43723B0CE02}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (HKLM-x32\...\{5570C7F0-43D0-4916-8A9E-
AEDD52FA86F4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (HKLM-x32\...\{0D6013AB-A0C7-41DC-973C-
E93129C9A29F}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (HKLM-x32\...\{00ADFB20-AE75-46F4-AD2C-
F48B15AC3100}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (HKLM-x32\...\{63C24A08-70F3-4C8E-B9FB-
9F21A903801D}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\{61D6891E-E822-4448-9F9A-
0AAAAEB6AF6C}) (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\
Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 (HKLM-x32\...\{0F723FC1-7606-4867-866C-CE80AD292DAF}) (Version: 1 -
Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 -
Adobe Default Language CS4 (HKLM-x32\...\{C52E3EC1-048C-45E1-8D53-10B0C6509683})
Adobe Device Central CS4 (HKLM-x32\...\{67F0E67A-8E93-4C2C-B29D-47C48262738A})
(Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (HKLM-x32\...\{16E16F01-2E2D-4248-A42F-76261C147B6C}) (Version: 1 -
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 -
Adobe Encore CS4 Codecs (HKLM-x32\...\{FB2A5FCC-B81B-48C2-A009-7804694D83E9})
Adobe ExtendScript Toolkit CS4 (HKLM-x32\...\{F8EF2B3F-C345-4F20-8FE4-
791A20333CD5}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (HKLM-x32\...\{054EFA56-2AC1-48F4-A883-0AB89874B972})
Adobe Fonts All (HKLM-x32\...\{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}) (Version: 2.0
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.49 - Adobe
Inc.)
Adobe Linguistics CS4 (HKLM-x32\...\{931AB7EA-3656-4BB7-864D-022B09E3DD67})
(Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052})
Adobe Media Encoder CS4 Exporter (HKLM-x32\...\{561968FD-56A1-49FD-9ED0-
F55482C7C5BC}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (HKLM-x32\...\{8186FF34-D389-4B7E-9A2F-
C197585BCFBD}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (HKLM-x32\...\{BB4E33EC-8181-4685-96F7-8554293DEC6A}) (Version:
2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (HKLM-x32\...\{F93C84A6-0DC6-42AF-89FA-776F7C377353})
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5})
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B})
Adobe Photoshop CS4 (HKLM-x32\...\{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}) (Version:
Adobe Photoshop CS4 Support (HKLM-x32\...\{63E5CDBF-8214-4F03-84F8-CD3CE48639AD})
Adobe Premiere Pro CS4 Third Party Content (HKLM-x32\...\{C938BE91-3BB5-4B84-9EF6-
88F0505D0038}) (Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047})
Adobe Search for Help (HKLM-x32\...\{F0E64E2E-3A60-40D8-A55D-92F6831875DA})
Adobe Service Manager Extension (HKLM-x32\...\{4943EFF5-229F-435D-BEA9-
BE3CAEA783A7}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (HKLM-x32\...\{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}) (Version: 2.0 -
Adobe Soundbooth CS4 Codecs (HKLM-x32\...\{52232EF4-CC12-4C21-ABCF-ADB79618302D})
Adobe Type Support CS4 (HKLM-x32\...\{820D3F45-F6EE-4AAF-81EF-CE21FF21D230})
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762})
Adobe Update Manager CS4 (HKLM-x32\...\{05308C4E-7285-4066-BAE3-6B50DA6ED755})
Adobe WinSoft Linguistics Plugin (HKLM-x32\...\{3DA8DF9A-044E-46C4-8531-
DEDBB0EE37FF}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-
68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (HKLM-x32\...\{3A4E8896-C2E7-4084-A4A4-B8FD1894E739})
AdobeColorCommonSetCMYK (HKLM-x32\...\{68243FF8-83CA-466B-B2B8-9F99DA5479C4})
AdobeColorCommonSetRGB (HKLM-x32\...\{16E6D2C1-7C90-4309-8EC4-D2212690AAA4})
Agent Ransack (HKLM\...\{505E38FD-9125-4720-8D13-ABCCE0D25465}) (Version:
9.0.3314.1 - Mythicsoft Ltd)
AllInOneKeyFinderPro Enterprise Edition [Trial Version] (HKLM-x32\...\{537A7C96-
DA88-4BD3-B270-BE3E4D2C82BB}) (Version: 9.0 - XenArmor) Hidden
balenaEtcher 1.18.4 (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.18.4 - Balena Ltd.)
BitTorrent (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\BitTorrent)
(Version: 7.11.0.46857 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\btweb)
(Version: 1.3.0 - Rainberry, Inc.)
BTup Service (HKLM-x32\...\{906089B0-BF78-489E-8E81-51465139CD2A}) (Version:
4.1.1000.0 - Panasonic)
ByteScout XLS Viewer 4.6.0.2025 Freeware (HKLM-x32\...\ByteScout XLS Viewer_is1)
(Version: - ByteScout Software)
Calyx LoanBridge 5.3 (HKLM-x32\...\{CAA73495-D542-4BD2-B2F2-886C316868C7})
(Version: 5.3 - Calyx Software)
Camera Utility (HKLM-x32\...\{15E871C2-7BA2-447A-A35D-A1FA7765C294}) (Version:
5.100.1500.0000 - Panasonic)
Charles 4.2.5 (HKLM\...\{B8661BED-8DC3-4B3E-819B-13CDB3F5D703}) (Version: 4.2.5.4 -
XK72 Ltd)
ChomikBox (HKLM-x32\...\{8E4185CC-4FF3-46B9-A4DB-5B850B71ABC4}) (Version: 2.0.8.2 -
Chomikuj.pl)
Common Components for Panasonic PC (HKLM-x32\...\{F8F836EB-04C1-4E9E-AEFC-
D57035C8FC41}) (Version: 6.0.1000.0 - Panasonic)
Common Components for Panasonic PC (x64) (HKLM-x32\...\{C5AF5C30-9A05-4A31-AE65-
09D8618289FF}) (Version: 6.0.1000.0 - Panasonic)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 -
DevUp Service (HKLM-x32\...\{0B390C7D-BFFD-4F6D-8AFC-4474B42D8813}) (Version:
1.15.1200.0 - Panasonic)
DevUp Service 3 (HKLM-x32\...\{8D046E9D-E2BC-421D-9B6B-53D2D29C648F}) (Version:
2.2.1000.0 - Panasonic)
Docs (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\34b5fdc753981e84c484e1ac2b7db0d0) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
a680fe144def62b60f69bc54bd54d565) (Version: 1.0 - Google\Chrome)
Expert PDF Demo (HKLM-x32\...\{EF0B188B-6C1F-4573-8979-DAB1C66266CD}) (Version:
14.00 - Avanquest)
File Viewer Lite (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1)
(Version: 1.5.1 - Sharpened Productions)
ForceToolkit V1.2.1 (HKLM-x32\...\ForceToolkit_is1) (Version: -
hxxps://autoclose.net/forcetoolkit.html)
Gmail (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\1fdae6742762260c8ac4732283fa080b) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\5f147c7af31fe682731b60d3d52a7185) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Google Drive (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
b012ba74e57bb0961421620a2d00f842) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
d65f7a20b26cf0fce22fd3c2909a7161) (Version: 1.0 - Google\Chrome)
GPS Viewer (HKLM-x32\...\{522DBCB2-AB69-4465-B344-318BAED9CF35}) (Version:
1.04.1400.01 - Panasonic)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.30.326 - SurfRight B.V.)
HMA VPN (HKLM\...\Privax HMA) (Version: 5.26.8502.8302 - Privax)
iCloud Outlook (HKLM\...\{DA9B921B-471D-4B61-AC5A-ACCAFB9260D3}) (Version:
14.2.0.96 - Apple Inc.)
Java 8 Update 381 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180381F0})
(Version: 8.0.3810.9 - Oracle Corporation)
Java(TM) SE Development Kit 20.0.2 (64-bit) (HKLM\...\{D2D0311F-1C55-57CC-95CC-
F973FA7660D4}) (Version: 20.0.2.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
K-Lite Codec Pack 17.4.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.4.1 -
KLCP)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe
Systems Incorporated) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut
Lauziere)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.01.415.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.10.58 - Logitech)
Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech)
MailDex 2023 (HKLM\...\{8CA0DE88-AC93-4656-AC01-9FF9FF671CF0}) (Version: 2.0.42.0 -
Encryptomatic, LLC)
Microsoft .NET Core 1.0.16 - Host (x64) (HKLM\...\{99B45D89-ED2B-49F9-9778-
BB8027290B4B}) (Version: 4.0.21499 - Microsoft Corporation) Hidden
Microsoft .NET Core 1.0.16 - Host FX Resolver (x64) (HKLM\...\{736955E7-DFEE-48FA-
88DD-5FF2CEEF4599}) (Version: 4.1.21499 - Microsoft Corporation) Hidden
Microsoft .NET Core 1.0.16 - Runtime (x64) (HKLM\...\{9D7BCEA8-E3C6-4113-A409-
0357D94021F4}) (Version: 1.0.16 - Microsoft Corporation) Hidden
Microsoft .NET Core 1.1.13 - Host (x64) (HKLM\...\{0E659285-ACC4-4BF4-A73D-
DB53F8833548}) (Version: 4.19.18193 - Microsoft Corporation) Hidden
Microsoft .NET Core 1.1.13 - Host FX Resolver (x64) (HKLM\...\{E5BE2059-4EE7-49D4-
B640-1EA5311A7C4B}) (Version: 4.18.18193 - Microsoft Corporation) Hidden
Microsoft .NET Core 1.1.13 - Runtime (x64) (HKLM\...\{251F2BD2-5D96-4096-A339-
77CC68294FAB}) (Version: 1.1.13 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
(Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft
Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version:
116.0.1938.69 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.169.0813.0001 -
Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6})
(Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-
38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-
F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-
E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\
{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\
{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\
{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\
{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft
Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\
{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-
1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\
{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\
{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft
Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-
173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-
BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\
{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\
{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft
Corporation) Hidden
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1})
(Version: 2.0.5050.0 - Microsoft Corp.)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version:
1.3.0.254 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.5.9.0 -
Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version:
1.0.1 - NordVPN)
Panasonic PC Settings Utility (HKLM-x32\...\{CA459F65-AD2E-4DD7-A669-47C4FF64357F})
(Version: 5.3.1200.0 - Panasonic)
Passware Kit Agent 2023 v3 (64-bit) (HKLM\...\{90CB8099-C4D3-477F-914D-
13D7ACB49340}) (Version: 2023.3.0.4876 - Passware)
Passware Kit Forensic 2022 v1 (64-bit) (HKLM\...\{7404C786-7E38-4560-84DE-
BE4B9350FA95}) (Version: 2022.1.0.2718 - Passware)
PC Information Viewer (HKLM-x32\...\{128E898B-69B7-4E0F-8F89-A95678725DA1})
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version:
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8})
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181})
Point (HKLM-x32\...\{F05E2B98-DA04-4FFA-8D08-DA218E6A2B47}) (Version: 5.3 - )
Puran File Recovery 1.2.1 (HKLM\...\Puran File Recovery_is1) (Version: - Puran
Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-
958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-
B786-7B3B67587CD2}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-
1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
Recovery Toolbox for SQL Server 2.4 (HKLM-x32\...\Recovery Toolbox for SQL
Server_is1) (Version: - File Master LLC)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Riversweeps (HKLM-x32\...\{4061061B-A3BE-44EC-9435-6220433B9CA9}) (Version: 4.4.0 -
Riversweeps Ltd.)
RoboForm 9-5-1-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 9-5-1-1 - Siber
Systems)
R-Studio 4.5 (HKLM-x32\...\R-Studio 4.5NSIS) (Version: 4.5.127437 - R-Tools
Technology Inc.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.203 - Samsung
Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-
6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Sheets (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\19578d825527d79957d7efc88d06a64e) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
bbbafa6e441ffe431a197daf3d36fe87) (Version: 1.0 - Google\Chrome)
Sierra Wireless Mobile Broadband Driver Package (HKLM\...\SWIQMIDrvInstaller)
(Version: 7.66.4915.0003 - Sierra Wireless, Inc.)
Slides (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\66693cdaae4d230028bca5a04131827c) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
ab1eefe2bbf9e50b3f482f576e4d7cf9) (Version: 1.0 - Google\Chrome)
Stellar Phoenix Outlook PST Repair - Technical (HKLM\...\Stellar Phoenix Outlook
PST Repair - Technical_is1) (Version: 5.0.0.0 - Stellar Information Technology Pvt
Ltd.)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-
1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.10.47 -
Synaptics Incorporated)
System Interface Manager (HKLM-x32\...\{943622A3-F5E9-464F-A025-90D02F3B8ACE})
SysTools XLSX Viewer v4.0 (HKLM-x32\...\{9E44FD92-99D5-45E4-B07A-
FA2DC17054D6}}_is1) (Version: - SysTools Software Pvt. Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.28.9 - TeamViewer)
Tether (HKLM-x32\...\{C5C67EA4-16FA-473C-B274-904A71162DE4}) (Version: 1.0.1 -
ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-
4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-
4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Vividia Ablescope version 1.2.1 (HKLM-x32\...\{72CDAAF5-04AC-454D-B9BB-
1A9C9DCBA72C}_is1) (Version: 1.2.1 - Vividia Technologies 2010 - 2017)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 -
LunarG, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version:
3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.20 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.3 - win.rar
GmbH)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-1720479435-1288462160-
2483743075-1001\...\Wondershare NativePush_is1) (Version: - )
Wondershare Recoverit(Build 12.0.12.7) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-
8FCF24CECD95}_is1) (Version: 12.0.12.7 - Wondershare Software Co.,Ltd.)
XenArmor All-In-One External Drive Password Pro Personal (HKLM-x32\...\{5978AE45-
A5BC-4359-9D50-8B2B4D326D22}) (Version: 2.0 - XenArmor) Hidden
XenArmor All-In-One External Drive Password Pro Personal 2023 (HKLM-x32\...\
XenArmor All-In-One External Drive Password Pro Personal 2.0) (Version: 2.0 -
XenArmor)
XenArmor AllInOneKeyFinderPro Enterprise Edition [Trial Version] (HKLM-x32\...\
AllInOneKeyFinderPro Enterprise Edition [Trial Version] 9.0) (Version: 9.0 -
XenArmor)
YouTube (HKU\S-1-5-21-1720479435-1288462160-2483743075-
1001\...\3a04fe7227bb9ffe6252a6152aad0894) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\...\
d9715b4762ce09e0fe215a6bd8f8aa55) (Version: 1.0 - Google\Chrome)
Packages:
=========
AppleInc.iCloud -> C:\Program Files\WindowsApps\
AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-07-30] (Apple Inc.) [Startup
Task]
Cortana -> C:\Program Files\WindowsApps\
Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-10] (Microsoft
Corporation)
Fish Game For Cats -> C:\Program Files\WindowsApps\
11282SimplyAdvanced.FishGameForCats_1.0.0.0_neutral__1zsx0rfr60t8w [2023-08-28]
(Simply Advanced)
FTP Manager Pro -> C:\Program Files\WindowsApps\
DeskShare.FTPManagerPro_1.1.0.0_x64__13ddgfpts17ng [2023-06-30] (DeskShare)
[Startup Task]
HP Smart -> C:\Program Files\WindowsApps\
AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-09] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\
AD2F1837.HPSupportAssistant_9.28.34.0_x64__v10z8vjag6ke6 [2023-08-02] (HP Inc.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\
Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-30]
(Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\
Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Photos Add-on -> C:\Program Files\WindowsApps\
Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-
25] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\
Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-25] (Microsoft
Corporation)
SQLite Trek -> C:\Program Files\WindowsApps\
22697TenSouthStudios.SQLiteTrek_1.0.4.0_x86__fkkp4b62q2qwm [2023-07-30]
(10SouthStudios)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\
MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-08-12] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-07-23] (win.rar GmbH)
XLS Viewer Free -> C:\Program Files\WindowsApps\
62307pauljohn.XLSViewerFree_1.1.0.1_x86__7sv5v3m8wq0b2 [2022-12-17] (pauljohn)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1720479435-1288462160-2483743075-1001_Classes\CLSID\
{1046DF82-20AA-4E74-9A95-80DA448284F1} -> [iCloud Photos] => C:\Users\mahoj\
Pictures\iCloud Photos\Photos [2023-07-20 21:23]
{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\mahoj\AppData\
Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare
Technology Group Co.,Ltd -> Wondershare)
{7D76D56A-6E13-4569-B284-1B833D1ACC88} -> [iCloud Drive] => C:\Users\mahoj\
iCloudDrive [2023-07-20 21:23]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
=> C:\Program Files\Microsoft OneDrive\23.169.0813.0001\FileSyncShell64.dll [2023-
08-31] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282}
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30}
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3}
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-
C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
FileSyncShell64.dll [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-
AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-
2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-
7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-
95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-
24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-
2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.169.0813.0001\
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>
C:\Program Files\Microsoft OneDrive\23.169.0813.0001\FileSyncShell64.dll [2023-08-
31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\
ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems
Inc.)
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\
Program Files\HitmanPro\hmpshext.dll [2023-07-27] (SurfRight B.V. -> SurfRight
B.V.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\
Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-
4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\
ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems
Incorporated)
Incorporated)
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\
Program Files\HitmanPro\hmpshext.dll [2023-07-27] (SurfRight B.V. -> SurfRight
B.V.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} =>
C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -
> Piriform Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No
File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\
WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_75270bfe0aa96c3b\
igfxDTCM.dll [2020-10-06] (Microsoft Windows Hardware Compatibility Publisher ->
Intel Corporation)
Incorporated)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-
18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\
ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems
Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} =>
C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -
> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\
Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers2_S-1-5-21-1720479435-1288462160-2483743075-1001: [AgentRansack]
-> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent
Ransack\ShellExt.dll [2022-03-23] (MYTHICSOFT LIMITED -> Mythicsoft Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\mahoj\Desktop\Jim - Chrome.lnk -> C:\Program Files\

Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\mahoj\Desktop\Personal - Edge.lnk -> C:\Program
Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --
profile-directory="Default"
ShortcutWithArgument: C:\Users\mahoj\AppData\Roaming\Microsoft\Windows\Start Menu\
Programs\Chrome Apps\Cleanflight - Configurator.lnk -> C:\Program Files\Google\
Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --
app-id=enacoimjcgeinfnnnpajinjgmkahmfgb
Programs\Chrome Apps\Docs (1).lnk -> C:\Program Files\Google\Chrome\Application\
chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-
id=mpnpojknpmmopombnjdcgaaiekajbnjb
Programs\Chrome Apps\Docs.lnk -> C:\Program Files\Google\Chrome\Application\
id=mpnpojknpmmopombnjdcgaaiekajbnjb
Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\
id=fmgjjmmmlfnkbppncabfkddbjimcfncm
Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\
id=fmgjjmmmlfnkbppncabfkddbjimcfncm
Programs\Chrome Apps\Google Drive (1).lnk -> C:\Program Files\Google\Chrome\
Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --
app-id=aghbiahbpaijignceidepookljebhfak
Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\
Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --
app-id=aghbiahbpaijignceidepookljebhfak
Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\
Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-
id=knipolnnllmklapflnccelgolnpehhpl
Programs\Chrome Apps\mydlink services plugin.lnk -> C:\Program Files\Google\Chrome\
Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-
id=ldibdoepbjbkkcbgndfljnphngpglhbb
Programs\Chrome Apps\Sheets (1).lnk -> C:\Program Files\Google\Chrome\Application\
id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\
id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
Programs\Chrome Apps\Slides (1).lnk -> C:\Program Files\Google\Chrome\Application\
id=kefjledonklijopmnomlcbpllchaibag
Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\
id=kefjledonklijopmnomlcbpllchaibag
Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files\
Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-
directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
Programs\Chrome Apps\YouTube (1).lnk -> C:\Program Files\Google\Chrome\Application\
id=agimnkijcaahngcdmfeangaknmldooml
Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\
id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2023-03-09 22:23 - 2014-04-17 10:54 - 000863232 _____ ( Realtek Semiconductor

Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\
P2PLib.dll
2023-03-09 22:23 - 2014-04-17 10:54 - 000221184 _____ () [File not signed] C:\
Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2022-11-16 15:57 - 2022-11-16 15:57 - 001490944 _____ () [File not signed] C:\
Users\mahoj\AppData\Roaming\BitTorrent Web\avcodec-58.dll
2022-11-16 15:57 - 2022-11-16 15:57 - 000949248 _____ () [File not signed] C:\
Users\mahoj\AppData\Roaming\BitTorrent Web\avformat-58.dll
2022-11-16 15:57 - 2022-11-16 15:57 - 000635392 _____ () [File not signed] C:\
Users\mahoj\AppData\Roaming\BitTorrent Web\avutil-56.dll
2022-11-16 15:57 - 2022-11-16 15:57 - 000153088 _____ () [File not signed] C:\
Users\mahoj\AppData\Roaming\BitTorrent Web\swresample-3.dll
2008-08-14 07:15 - 2008-08-14 07:15 - 000481792 _____ (Adobe Systems Incorporated)
[File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2023-04-29 10:51 - 2023-07-24 21:12 - 004309504 _____ (Rainberry, Inc.) [File not
signed] C:\Users\mahoj\AppData\Roaming\BitTorrent\bt_datachannel.dll
2023-03-09 22:23 - 2014-04-17 10:54 - 000200704 _____ (Realtek) [File not signed]
C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2023-03-09 22:23 - 2014-04-17 10:54 - 000044544 _____ (Realtek) [File not signed]
C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2023-03-09 22:23 - 2014-04-17 10:54 - 001122304 _____ (The OpenSSL Project,
hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB
Wireless LAN Utility\LIBEAY32.dll
hxxps://www.openssl.org/) [File not signed] C:\Users\mahoj\AppData\Roaming\
BitTorrent Web\libcrypto-1_1.dll
hxxps://www.openssl.org/) [File not signed] C:\Users\mahoj\AppData\Roaming\
BitTorrent Web\libssl-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\
blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\
SysWOW64\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page =
HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\Software\Microsoft\Internet
Explorer\Main,Local Page = %11%\blank.htm
Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
URLSearchHook: HKU\S-1-5-21-1720479435-1288462160-2483743075-1001 - Microsoft Url
Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\
ieframe.dll (Microsoft Windows -> Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-1720479435-1288462160-2483743075-1001 - Microsoft Url
Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\
ieframe.dll (Microsoft Windows -> Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
SearchScopes: HKU\S-1-5-21-1720479435-1288462160-2483743075-1001 -> DefaultScope
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?
q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1720479435-1288462160-2483743075-1001 -> {0633EE93-D776-
472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-
SearchBox&FORM=IESR02
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files
(x86)\Microsoft\Edge\Application\116.0.1938.69\BHO\ie_to_edge_bho_64.dll [2023-08-
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\
Program Files (x86)\Siber Systems\AI RoboForm\9.5.1.1\RoboForm-x64.dll [2023-08-12]
(Siber Systems -> Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\
Program Files\Java\jre-1.8\bin\ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle
Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} ->
C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\
AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems
Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program
Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech,
Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\
Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-06-14] (Oracle America, Inc. ->
Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-
665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\
Incorporated)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files
(x86)\Microsoft\Edge\Application\116.0.1938.69\BHO\ie_to_edge_bho.dll [2023-08-31]
(Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\
Program Files (x86)\Siber Systems\AI RoboForm\9.5.1.1\roboform.dll [2023-08-12]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910}
-> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\
Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program
Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-20] (Logitech Inc ->
Logitech, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-
665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\
Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\
Program Files (x86)\Siber Systems\AI RoboForm\9.5.1.1\RoboForm-x64.dll [2023-08-12]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-
0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\
Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} -
C:\Program Files (x86)\Siber Systems\AI RoboForm\9.5.1.1\roboform.dll [2023-08-12]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-
0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\
Incorporated)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\
mshtml.dll [2023-07-30] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\
urlmon.dll [2023-08-09] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\
msvidctl.dll [2022-05-06] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\
itss.dll [2022-05-06] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\
SysWOW64\mshtml.dll [2023-07-30] (Microsoft Windows -> Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\
inetcomm.dll [2022-05-06] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\
inetcomm.dll [2022-05-06] (Microsoft Windows -> Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\
tbauth.dll [2023-05-05] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\
tbauth.dll [2023-05-05] (Microsoft Windows -> Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\
SysWOW64\mshtml.dll [2023-07-30] (Microsoft Windows -> Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\
System32\tbauth.dll [2023-05-05] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\
SysWOW64\tbauth.dll [2023-05-05] (Microsoft Windows -> Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Windows\System32\mscoree.dll [2022-05-06] (Microsoft Windows -> Microsoft
Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Windows\SysWOW64\mscoree.dll [2022-05-06] (Microsoft Windows -> Microsoft
Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\
Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 06:46 - 2023-04-25 23:17 - 000000857 _____ C:\WINDOWS\system32\drivers\

etc\hosts
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\

Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common
Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\
System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\
OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-1720479435-1288462160-2483743075-1001\Control Panel\Desktop\\Wallpaper
-> C:\Users\mahoj\AppData\Local\Microsoft\Windows\Themes\img2.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost =>
(EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{1180EEB8-3B9C-4951-80F4-6AE9AE214250}C:\program

files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\
samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{1ACA6864-074C-4708-831E-66B29BA6BB74}C:\program
files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\
samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DB7C04FA-370E-4EAA-B486-DDC70E37BD63}] => (Allow) C:\Program Files
(x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E09BB943-7922-4AC9-9503-F529A44E63AE}] => (Allow) C:\Program Files
(x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7DC688BE-10F7-40A3-A63B-B380FA58997A}] => (Allow) C:\Users\mahoj\
AppData\Roaming\BitTorrent\BitTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{86898B25-83A0-489E-BBE3-498050FDE8AD}] => (Allow) C:\Users\mahoj\
AppData\Roaming\BitTorrent\BitTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{9891EC6C-9FEE-4A48-9CDB-75705C72BD48}] => (Allow) C:\Users\mahoj\
AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{83877A06-13EA-4C4C-985F-168F91C33877}] => (Allow) C:\Users\mahoj\
AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{02DEAC1C-A18C-49F5-B007-4AE4C88853DB}] => (Allow) C:\Program Files
(x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems
Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{4ED9152E-EFDE-44CF-873F-20B766D7BB07}] => (Allow) C:\Program Files
(x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems
Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{2F6551DC-C032-408F-A0CA-EBB4EC70A19F}] => (Allow) LPort=5353
FirewallRules: [{71DDB80F-45FF-49FD-99D5-FBC14C45B195}] => (Allow) C:\Program Files
(x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp ->
Realtek)
FirewallRules: [{F814B95B-163B-47DF-ACD8-EF5820135BDB}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{F6861FC0-E97F-4A03-908A-842AB8850FC1}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{6B4E013B-D8B4-4C5D-8891-2172729C2633}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{8650224F-5D09-44C1-8BBB-BD9DACC1B349}] => (Allow) LPort=53
FirewallRules: [{3265B647-1D42-4A44-B783-0980A1495EA6}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{B8978FE7-432A-41BC-82D1-A0DC56E47E63}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{CD1003FC-E566-45D4-9D74-5438FA025806}] => (Allow) C:\Program Files
Realtek)
FirewallRules: [{7B201DCF-833F-4C2F-AB0B-0993022E8FB3}] => (Allow) LPort=53
FirewallRules: [{34217C20-D748-47F7-962E-8FCFCFCEDD0C}] => (Allow) LPort=1542
FirewallRules: [{471CD073-1035-4883-8C4A-B1DAA9F28054}] => (Allow) LPort=1542
FirewallRules: [{25A5A9A8-DB1F-41F2-8FCA-5E819B895E15}] => (Allow) C:\Program Files
(x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp ->
Realtek Semiconductor Corp.)
FirewallRules: [UDP Query User{67D97C28-D5E5-4CEA-80AA-8130E6981CA1}C:\users\mahoj\
appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\mahoj\appdata\
roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8D90C9B6-E7B8-4C89-BCD5-182BEBF9BF83}C:\users\mahoj\
appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\mahoj\appdata\
roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F7B9544C-A3F4-46DF-88D2-2513A2DA2A1B}] => (Allow) C:\Users\mahoj\
AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7A449730-9193-488D-A227-0A45DE06FC6D}] => (Allow) C:\Users\mahoj\
AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{22222DBA-CE88-4FCC-9A0B-B40DB6BFB888}] => (Allow) LPort=10777
FirewallRules: [{A24EB84A-CA11-4681-B43B-70E9A4078AA7}] => (Allow) C:\Program
Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer
Germany GmbH)
FirewallRules: [{67B5190E-9BF1-4AE8-8956-054F484656CA}] => (Allow) C:\Program
Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer
Germany GmbH)
FirewallRules: [{3A0F1C6E-A653-4BBA-BB63-A6DF79F39DFF}] => (Allow) C:\Program
Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany
GmbH)
FirewallRules: [{9355185F-14C3-413F-B381-CEEED8C67884}] => (Allow) C:\Program
Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany
GmbH)
FirewallRules: [UDP Query User{CEB5C2EA-C8E3-4468-984E-FCAECC4AA203}C:\program
files (x86)\clockworkmod\tether\win32\node.exe] => (Allow) C:\program files (x86)\
clockworkmod\tether\win32\node.exe (zune-tuner://windowsphone/ee3e3856%20-
%200df9b0e5%20-%2017eca2fe%20-%2092cb4849 -> Joyent, Inc) [File not signed]
FirewallRules: [TCP Query User{E0802E5C-710F-4E91-BA40-5D641FCD407C}C:\program
files (x86)\clockworkmod\tether\win32\node.exe] => (Allow) C:\program files (x86)\
clockworkmod\tether\win32\node.exe (zune-tuner://windowsphone/ee3e3856%20-
FirewallRules: [{FB4B6F65-FA36-4732-A45C-0A4C7D8AE386}] => (Allow) C:\Program Files
(x86)\ClockworkMod\Tether\win32\node.exe (zune-tuner://windowsphone/ee3e3856%20-
FirewallRules: [{10B96CE0-B8C3-4673-81C5-F0DECE9B1775}] => (Allow) C:\Program Files
(x86)\ClockworkMod\Tether\win32\node.exe (zune-tuner://windowsphone/ee3e3856%20-
FirewallRules: [{BEE8706F-7A7C-4692-BD30-0F01F5F53F9E}] => (Allow) C:\Program
Files\Passware\Passware Kit Agent 2023\PasswareKitAgent.exe (Passware OÜ ->
Passware)
FirewallRules: [TCP Query User{500EC3C7-0BD5-4B39-9A0D-E8E7C3EC4505}C:\programdata\
logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\
programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc
-> Logitech, Inc.)
FirewallRules: [UDP Query User{9C35E363-2C87-4272-838B-220C28CD2943}C:\programdata\
logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\
programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc
-> Logitech, Inc.)
FirewallRules: [{69FDF23D-6795-4164-BA4C-42A170CACD1E}] => (Allow) LPort=57209
FirewallRules: [{9BC15605-B7F0-44AA-AF9E-F60EEF977D97}] => (Allow) LPort=57210
FirewallRules: [{3D0D460B-0D28-4106-BD6D-AE5124371672}] => (Allow) LPort=57211
FirewallRules: [{4AF367C8-7172-484C-B8F8-8BD60EA90469}] => (Allow) LPort=57212
FirewallRules: [{71927173-58FD-4B59-8C1E-6B59915E98AC}] => (Allow) LPort=57213
FirewallRules: [{18C66409-170E-4F85-88BD-BBDEB3390EF6}] => (Allow) LPort=57214
FirewallRules: [{08386C94-B500-4254-9E8D-A3F6E808497E}] => (Allow) LPort=57215
FirewallRules: [{F449E6E3-0516-4EE1-96EC-E57E40B4B4D5}] => (Allow) LPort=57216
FirewallRules: [{A5D83709-7B24-4BC1-8D56-283A260986E9}] => (Allow) LPort=57217
FirewallRules: [{BD5B9DC3-C77F-4D34-847B-DF536C90F373}] => (Allow) LPort=57218
FirewallRules: [{B6E9995B-9B0A-4A45-BAD1-C09D4F231BC8}] => (Allow) LPort=57209
FirewallRules: [TCP Query User{4E2A6FF8-4DBC-4B56-9869-E9B33681B5E0}C:\users\mahoj\
appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] =>
(Allow) C:\users\mahoj\appdata\local\wondershare\wondershare nativepush\
wstoastnotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{93F96F40-3E84-4CBE-9D8E-DCCF32854ED5}C:\users\mahoj\
appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] =>
(Allow) C:\users\mahoj\appdata\local\wondershare\wondershare nativepush\
wstoastnotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{EA8FC245-9329-4C45-92B5-2E2847011723}] => (Allow) LPort=57210
FirewallRules: [{E7700C2D-797A-49CB-A73C-F1A2E160B67E}] => (Allow) LPort=57211
FirewallRules: [{26D6E225-4DB0-4BAF-86EA-68B2D9FCC6CF}] => (Allow) LPort=57212
FirewallRules: [{57BE4DAC-83AF-4F7F-88AE-D9F67E0470C6}] => (Allow) LPort=57213
FirewallRules: [{AD3AA3D1-74DB-4376-846D-39F64C25615C}] => (Allow) LPort=57214
FirewallRules: [{AE35BEAF-92F9-473D-9510-A1968051C69A}] => (Allow) LPort=57215
FirewallRules: [{C9255F5C-0210-497F-B62A-061FE40C7CE4}] => (Allow) LPort=57216
FirewallRules: [{ECD93784-1068-43FA-B9DB-516082DB11B3}] => (Allow) LPort=57217
FirewallRules: [{159A35FF-FB1F-446F-8F40-E00F9A21D0EC}] => (Allow) LPort=57218
FirewallRules: [{F9E81DDF-B9DB-4467-A289-0F839E5F0CE2}] => (Allow) LPort=23007
FirewallRules: [{1F919C0C-3C16-4A1F-BBC2-176899226C19}] => (Allow) LPort=23008
FirewallRules: [{31A3676D-D4CE-433B-9BDC-4FFE1B3BCCBC}] => (Allow) LPort=33009
FirewallRules: [{18574015-999F-44A6-B372-D64AC4FAA28B}] => (Allow) LPort=33010
FirewallRules: [{A1F70C89-7F13-406F-BC42-EAB9B8F16FBE}] => (Allow) LPort=33011
FirewallRules: [{B40902F8-61C8-46D9-BC22-67E645D0BE38}] => (Allow) LPort=43012
FirewallRules: [{A2EE2637-BA62-43A8-8202-A33976C70754}] => (Allow) LPort=43013
FirewallRules: [{54FD0A17-ED1C-40CF-B95B-62BF8D1FD1A1}] => (Allow) LPort=53014
FirewallRules: [{C4433B2D-DD1B-4A6E-AE16-67182BBBB533}] => (Allow) LPort=53015
FirewallRules: [{82D6DAA0-D93B-4049-8191-3CE1AB75763B}] => (Allow) LPort=53016
FirewallRules: [{354FC956-2AA7-4833-A6D8-1F15A7557AE3}] => (Allow) LPort=23007
FirewallRules: [{86D4108C-4CEC-4818-B134-03EB9FB52FAE}] => (Allow) LPort=23008
FirewallRules: [{06D61899-9F08-4DF2-8B0C-978C41DAD74F}] => (Allow) LPort=33009
FirewallRules: [{3718A85F-71EE-4591-A94F-E9CA6512299D}] => (Allow) LPort=33010
FirewallRules: [{AD97FE56-3D55-4B65-9324-7874B5F08D5C}] => (Allow) LPort=33011
FirewallRules: [{ADBCC1F0-5BF2-40FF-8928-75E5FF866DE0}] => (Allow) LPort=43012
FirewallRules: [{A521F9FD-699F-449D-898E-21189EDFEECE}] => (Allow) LPort=43013
FirewallRules: [{87EEACE4-5520-4FFA-B4BB-CBE4AFF7B3FF}] => (Allow) LPort=53014
FirewallRules: [{ED416D37-FD98-456E-AB35-6EE21EF8425F}] => (Allow) LPort=53015
FirewallRules: [{6EE1DD5F-E8BA-492B-BA43-44EF60CB2A4B}] => (Allow) LPort=53016
FirewallRules: [{5F580C8B-18EE-487C-BDE5-7120D62E227B}] => (Allow) LPort=50053
FirewallRules: [{EBAB4423-8B55-4B5C-999B-44BFCFCE4B59}] => (Allow) LPort=50053
FirewallRules: [{33440CA7-200E-40D6-9504-617D43F88F22}] => (Allow) C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe
FirewallRules: [{3EF94BDF-9F5E-4DB1-85F2-1EB29964F7AD}] => (Allow) C:\Program
Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
FirewallRules: [{2F781426-B922-45A3-B611-BD90E5C96980}] => (Allow) C:\Program
Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
FirewallRules: [{0668CD1E-FA8C-4DCD-81EF-D1540E82325E}] => (Allow) C:\Program
Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe
FirewallRules: [{3E7E943B-D6D7-4D37-A0B0-3EBA6692A93E}] => (Allow) C:\Program
Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe
FirewallRules: [{E1CEE98C-6D14-4888-BE46-B1815ABE6C87}] => (Allow) C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\
Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F82CA643-3070-46D2-B313-555A629E9330}] => (Allow) C:\Program
FirewallRules: [{656B77DB-C2A3-4E71-9C11-1A7F5DFDFCF7}] => (Allow) C:\Program
FirewallRules: [{A966E661-2F5D-41AD-88A0-B34E8A9AF906}] => (Allow) C:\Program
FirewallRules: [{0445C249-4694-4503-94A3-140FB8163483}] => (Allow) C:\Program
Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{16EE6F74-21D5-481F-8D1F-0264BBADFA73}] => (Allow) C:\Users\mahoj\
AppData\Local\Temp\7zS0715\HPEasyStart\HP.EasyStart.exe => No File
FirewallRules: [{838BABE1-CC0D-4E08-9AD9-3B1353B25B1F}] => (Allow) C:\Users\mahoj\
AppData\Local\Temp\7zS09AE\HPEasyStart\HP.EasyStart.exe => No File
FirewallRules: [{DF207FD8-B0E4-4BA4-8377-C760B7017E43}] => (Allow) C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft
Corporation -> Microsoft Corporation)
==================== Restore Points =========================
27-08-2023 08:01:05 Scheduled Checkpoint

30-08-2023 16:13:23 Windows Update
03-09-2023 03:56:09 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/03/2023 04:38:32 AM) (Source: Application Error) (EventID: 1000) (User:
PANASONIC)
Description: Faulting application name: msteamsupdate.exe, version:
23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0xc300
Faulting application start time: 0x0x1d9de5b272ffbc9
Faulting application path: C:\Program Files\WindowsApps\
MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 0407d24d-6f7c-4e0e-a440-cd18ed707d97
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe
Faulting package-relative application ID: msteamsupdate
Error: (09/01/2023 05:44:18 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\Program Files (x86)\
Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component
version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2070_none_2713e6537381f706.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2070_none_6ec11d2a87fe200c.manifest.
PANASONIC)
Description: Faulting application name: SideSync.exe, version: 4.7.5.203, time
stamp: 0x59f216bb
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Fault offset: 0xd85cb0dd
Faulting process id: 0x0x2fdc
Faulting application start time: 0x0x1d9ccf37cf80768
Faulting application path: C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
Faulting module path: unknown
Report Id: 1dbecafd-1c1a-481e-b0ee-e7d0adf9cee8
Faulting package full name:
Faulting package-relative application ID:
Error: (08/30/2023 04:37:56 PM) (Source: Application Error) (EventID: 1000) (User:
PANASONIC)
23231.411.2342.9597, time stamp: 0x64ed3548
Faulting process id: 0x0x972c
Faulting application start time: 0x0x1d9db9b008381d4
Report Id: f5e99deb-1654-4965-aef5-5cd955ee7e39
PANASONIC)
23216.905.2334.6698, time stamp: 0x64e799a8
Faulting process id: 0x0xa6e0
Faulting application start time: 0x0x1d9db79794976a7
Report Id: 2b4e7008-cc74-4fe8-8da6-e5b299bb4189
PANASONIC)
23216.905.2334.6698, time stamp: 0x64e799a8
Faulting process id: 0x0x83ac
Faulting application start time: 0x0x1d9db14e394511d
Report Id: 806dc02e-4c44-45ff-8ec4-58e04d08af54
PANASONIC)
23216.905.2334.6698, time stamp: 0x64e799a8
Faulting process id: 0x0x9bc0
Faulting application start time: 0x0x1d9dae298c5dc39
Report Id: 67e96233-53ec-4253-b551-24f1ed044858
Error: (08/29/2023 05:27:23 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\Program Files (x86)\
Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component
version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2070_none_2713e6537381f706.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.2070_none_6ec11d2a87fe200c.manifest.
System errors:
=============
Error: (09/03/2023 11:52:35 PM) (Source: DCOM) (EventID: 10010) (User: PANASONIC)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register
with DCOM within the required timeout.
Error: (09/03/2023 03:56:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

(EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update
with error 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Error: (09/02/2023 01:23:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient)




with error 0x8007000a: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.


with error 0x80073d02: 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE.
Windows Defender:
================
Date: 2023-09-02 13:46:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-01 13:43:00

Description:
Date: 2023-08-31 15:04:33

Description:
Date: 2023-08-30 15:04:32

Description:
Date: 2023-08-29 15:20:07

Description:
CodeIntegrity:
===============
Date: 2023-09-03 19:15:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\
Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to
load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\
igdlh64.inf_amd64_75270bfe0aa96c3b\igd10iumd64.dll that did not meet the Custom 3 /
Antimalware signing level requirements.#
==================== Memory info ===========================
BIOS: American Megatrends Inc. V3.00L23 07/19/2021

Motherboard: Panasonic Corporation CF54-3
Processor: Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz
Percentage of memory in use: 56%
Total physical RAM: 16275.3 MB
Available physical RAM: 7126.47 MB
Total Virtual: 19264.83 MB
Available Virtual: 3000.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.31 GB) (Free:99.51 GB) (Model: SAMSUNG MZ7LN256HAJQ-

00000) NTFS
\\?\Volume{8d42c991-0e48-49fa-a589-78a949c6ff0b}\ (Recovery) (Fixed) (Total:0.49

GB) (Free:0.47 GB) NTFS
\\?\Volume{4f6bba17-5da1-4939-953e-321d8c06c8de}\ () (Fixed) (Total:0.09 GB)
(Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 259B6197)
Partition: GPT.
==================== End of Addition.txt =======================

Addition

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Addition

Uploaded by

Copyright:

Available Formats

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023

Ran by mahoj (04-09-2023 01:01:24)

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1720479435-1288462160-2483743075-500 - Administrator -

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

.NET Core SDK 1.1.14 (x64) (HKLM\...\{BCB0834B-EC91-4237-AF17-A2F67FC93796})

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mahoj\Desktop\Jim - Chrome.lnk -> C:\Program Files\

==================== Loaded Modules (Whitelisted) =============

2023-03-09 22:23 - 2014-04-17 10:54 - 000863232 _____ ( Realtek Semiconductor

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

==================== Hosts content: =========================

2017-09-29 06:46 - 2023-04-25 23:17 - 000000857 _____ C:\WINDOWS\system32\drivers\

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

FirewallRules: [UDP Query User{1180EEB8-3B9C-4951-80F4-6AE9AE214250}C:\program

==================== Restore Points =========================

27-08-2023 08:01:05 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Error: (09/01/2023 05:44:18 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (08/29/2023 05:27:23 AM) (Source: SideBySide) (EventID: 78) (User: )

Error: (09/03/2023 03:56:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (09/02/2023 01:23:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (09/01/2023 11:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (09/01/2023 11:33:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (08/30/2023 06:58:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (08/30/2023 05:54:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient)

Error: (08/30/2023 05:26:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient)

Date: 2023-09-01 13:43:00

Date: 2023-08-31 15:04:33

Date: 2023-08-30 15:04:32

Date: 2023-08-29 15:20:07

==================== Memory info ===========================

BIOS: American Megatrends Inc. V3.00L23 07/19/2021

==================== Drives ================================

Drive c: () (Fixed) (Total:237.31 GB) (Free:99.51 GB) (Model: SAMSUNG MZ7LN256HAJQ-

\\?\Volume{8d42c991-0e48-49fa-a589-78a949c6ff0b}\ (Recovery) (Fixed) (Total:0.49

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

You might also like