Login

Register

Login

Register

Use of On-Screen Keyboard a necessity | #firefox | #chrome | #microsoftedge | #cybersecurity | #infosecurity | #hacker



dditional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021

Ran by fred (17-07-2021 23:53:07)

Running from C:Userskcav1Downloads

Windows 10 Pro Version 21H1 19043.1110 (X64) (2020-10-27 19:19:39)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-693290602-2950206285-2906115910-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-693290602-2950206285-2906115910-503 – Limited – Disabled)

fred (S-1-5-21-693290602-2950206285-2906115910-1003 – Administrator – Enabled) => C:Usersfred

Guest (S-1-5-21-693290602-2950206285-2906115910-501 – Limited – Enabled)

KCav45 (S-1-5-21-693290602-2950206285-2906115910-1002 – Limited – Enabled) => C:Userskcav1

WDAGUtilityAccount (S-1-5-21-693290602-2950206285-2906115910-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 20.02 alpha (x64) (HKLM…7-Zip) (Version: 20.02 alpha – Igor Pavlov)

Acronis Disk Director 12 (HKLM-x32…{FE6AA38C-8A06-41FB-B94C-5431743BB0BF}) (Version: 12.0.96 – Acronis)

Adobe Photoshop Elements 13 (HKLM-x32…{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 – Adobe Systems Incorporated)

Application Compatibility Toolkit (HKLM…{CE3829CE-559B-3BFA-BAE7-0F745FAFCD28}) (Version: 10.1.14393.0 – Microsoft)

Application Compatibility Toolkit (HKLM-x32…{25CFCC6F-FBD2-476D-548F-8D0ACDFADE6F}) (Version: 10.1.14393.0 – Microsoft)

Appman Auto Sequencer (HKLM-x32…{2942F2D5-2A6D-2061-A152-A736B3277068}) (Version: 10.1.19041.1 – Microsoft) Hidden

Appman Sequencer on amd64 (HKLM…{7A394A81-957E-FA00-5F3F-46CF5DDEAA4A}) (Version: 10.1.19041.1 – Microsoft) Hidden

Backup and Sync from Google (HKLM…{A0397FA8-34ED-4A41-A8C9-30EE0B89C464}) (Version: 3.56.3802.7766 – Google, Inc.)

Blender (HKLM…{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 – Blender Foundation)

Canon TS200 series On-screen Manual (HKLM-x32…Canon TS200 series On-screen Manual) (Version: 1.2.0 – Canon Inc.)

Canon TS200 series Printer Driver (HKLM…{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS200_series) (Version:  – Canon Inc.)

Cisco Webex Meetings Desktop App (HKLM-x32…{0384BC6E-D3AF-40C4-9AA4-9846AC8BE091}) (Version: 40.2.14.19 – Cisco Webex LLC)

D3DX10 (HKLM-x32…{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 – Microsoft) Hidden

Dragon 14 (HKLM-x32…{FEAB6184-0560-4EBF-A26B-C3F2B11FE9E1}) (Version: 14.00.000 – Nuance Communications Inc.)

Dropbox (HKLM-x32…Dropbox) (Version: 127.3.4263 – Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32…{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 – Dropbox, Inc.) Hidden

Echo Desktop (HKLM-x32…Echo Desktop 3.0.4) (Version: 3.0.4 – Livescribe Inc)

Evernote v. 6.25.1 (HKLM-x32…{CA92FF58-B652-11EA-A23A-42010A401FD0}) (Version: 6.25.1.9091 – Evernote Corp.)

GIMP 2.10.18 (HKLM…GIMP-2_is1) (Version: 2.10.18 – The GIMP Team)

Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.124 – Google LLC)

Google Update Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 – Google LLC) Hidden

Haali Media Splitter (HKLM-x32…HaaliMkx) (Version:  – )

HP 3D DriveGuard (HKLM…{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 – Hewlett-Packard Company)

HP Dropbox Plugin (HKLM-x32…{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 – HP)

HP ENVY 4520 series Basic Device Software (HKLM…{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 – HP Inc.)

HP ENVY 4520 series Help (HKLM-x32…{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 – Hewlett Packard)

HP Google Drive Plugin (HKLM-x32…{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 – HP)

HP Support Assistant (HKLM-x32…{54ECA61C-83AE-4EE3-A9F7-848155A33386}) (Version: 8.8.34.31 – HP Inc.)

HP Support Solutions Framework (HKLM-x32…{D0873D1A-C420-483C-A2B7-08AACD6CAC00}) (Version: 12.18.34.21 – HP Inc.)

Imaging And Configuration Designer (HKLM-x32…{8072F2F3-C269-A639-4626-9209FFF6DEDB}) (Version: 10.1.19041.1 – Microsoft) Hidden

Imaging Designer (HKLM-x32…{2852AE0C-1EEB-72F9-1C5D-FACF6C9304DE}) (Version: 10.1.19041.1 – Microsoft) Hidden

Imaging Tools Support (HKLM-x32…{30C24881-949F-D09C-5376-9F0DC6B412CD}) (Version: 10.1.19041.1 – Microsoft) Hidden

JMicron 1394 Filter Driver (HKLM-x32…{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 – JMicron Technology Corp.)

JMicron Flash Media Controller Driver (HKLM-x32…{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 – JMicron Technology Corp.)

Kits Configuration Installer (HKLM-x32…{8867E8B9-1539-18F3-54AB-B1F1E641AC14}) (Version: 10.1.19041.1 – Microsoft) Hidden

Logi Firmware Update Tool for C930e (HKLM-x32…FWUpdateC930e) (Version: 2.1.14.0 – Logitech Europe S.A.)

Logitech Capture (HKLM…Capture) (Version: 2.00.226 – Logitech)

LSI HDA Modem (HKLM…LSI Soft Modem) (Version: 2.2.100 – LSI Corporation)

Macrium Reflect Home Edition (HKLM…{409F3D44-EDA2-4BFE-86BD-2BC70DD9C198}) (Version: 6.3.1865 – Paramount Software (UK) Ltd.) Hidden

Macrium Reflect Home Edition (HKLM…MacriumReflect) (Version: 6.3 – Paramount Software (UK) Ltd.)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 86.0.622.51 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM…Office14.PROPLUSR) (Version: 14.0.7015.1000 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-693290602-2950206285-2906115910-1003…OneDriveSetup.exe) (Version: 21.119.0613.0001 – Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.16.27012 (HKLM-x32…{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.16.27012 (HKLM-x32…{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)

Movie Maker (HKLM-x32…{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 – Microsoft Corporation) Hidden

Movie Maker (HKLM-x32…{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 – Microsoft Corporation) Hidden

Nuance Cloud Connector (HKLM-x32…{90FFA3C2-2C24-4A48-B457-0213B5A80737}) (Version: 3.2.633 – Nuance Communications, Inc.)

Nuance OmniPage 18 (HKLM-x32…{4761F31F-291F-46AA-9F00-17BADAB76371}) (Version: 18.0.0000 – Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM…{F1F25693-126D-4228-8606-DF88977881AD}) (Version: 7.10.2264 – Nuance Communications, Inc)

NVIDIA Graphics Driver 341.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 – NVIDIA Corporation)

NVIDIA nView 141.36 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 – NVIDIA Corporation)

OEM Test Certificates (HKLM-x32…{DAF67B85-47AE-B13B-5C22-3A7149E46EB8}) (Version: 10.1.19041.1 – Microsoft) Hidden

PhotoPad Image Editor (HKLM-x32…PhotoPad) (Version: 5.50 – NCH Software)

Pixillion Image Converter (HKLM-x32…Pixillion) (Version: 6.15 – NCH Software)

Printer Registration (HKLM-x32…Canon EISRegistration) (Version: 1.5.0 – Canon Inc.)

Product Improvement Study for HP ENVY 4520 series (HKLM…{1DDC5451-BE8B-4092-AB04-E92127242886}) (Version: 40.11.1122.1796 – HP Inc.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM…{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  – Microsoft)

Skype version 8.57 (HKLM-x32…Skype_is1) (Version: 8.57 – Skype Technologies S.A.)

Switch Sound File Converter (HKLM-x32…Switch) (Version: 7.45 – NCH Software)

Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 19.0.12.0 – Synaptics Incorporated)

System Ninja version 3.2.10 (HKLM-x32…{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.2.10 – SingularLabs)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.3.2682 – TeamViewer)

Toolkit Documentation (HKLM-x32…{1978CD82-5D9C-F9BD-4FA3-17AFA5AE12B2}) (Version: 10.1.19041.1 – Microsoft) Hidden

UEV Tools on amd64 (HKLM…{91339917-AF30-9EC7-D5AA-05919BB21DB9}) (Version: 10.1.19041.1 – Microsoft) Hidden

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 – Microsoft Corporation) Hidden

UpdateAssistant (HKLM…{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 – Microsoft Corporation) Hidden

User State Migration Tool (HKLM-x32…{2AD80B8E-9213-FEA7-BA85-0EFED76D6F11}) (Version: 10.1.19041.1 – Microsoft) Hidden

vMix (HKLM-x32…{93D664E9-E81E-4277-9E90-6CDABAC7208F}_is1) (Version:  – StudioCoast)

vMix Social (HKLM-x32…{1A0C8557-EB4A-4DD1-B4F9-A974ADEFE05F}_is1) (Version:  – StudioCoast Pty Ltd)

vMix Video Codec version 1.2 (HKLM-x32…{9C262A06-E609-41AF-93C2-EAAE331F25B8}_is1) (Version: 1.2 – StudioCoast Pty Ltd)

Webex Teams (HKLM…{8E17A4A6-1F4A-4023-91A9-636025225D44}) (Version: 3.0.15164.0 – Cisco Systems, Inc)

Windows Assessment and Deployment Kit – Windows 10 (HKLM-x32…{9346016b-6620-4841-8ea4-ad91d3ea02b5}) (Version: 10.1.19041.1 – Microsoft Corporation)

Windows Assessment and Deployment Kit Windows Preinstallation Environment Add-ons – Windows 10 (HKLM-x32…{353df250-4ecc-4656-a950-4df93078a5fd}) (Version: 10.1.19041.1 – Microsoft Corporation)

Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 16.4.3528.0331 – Microsoft Corporation)

Windows Movie Maker 2012 (HKLM-x32…{3CC29C1A-B5FE-457B-8F22-32A2557A9217}}_is1) (Version:  – www.topwin-movie-maker.com)

WPT Redistributables (HKLM-x32…{AE00264D-F001-A1D3-F3B8-74A9D2193E7F}) (Version: 10.1.19041.1 – Microsoft) Hidden

WPTx64 (HKLM-x32…{FD439F85-AD64-B3E5-9FC5-444AE8C8AF7B}) (Version: 10.1.19041.1 – Microsoft) Hidden

Packages:

=========

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Studios) [MS Ad]

Skype -> C:Program FilesWindowsAppsMicrosoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-07-16] (Skype)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-693290602-2950206285-2906115910-1002_ClassesCLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:Userskcav1Dropbox [2020-10-20 16:29]

ShellExecuteHooks: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-06-18] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-06-18] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-06-18] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:Program Files (x86)NuanceNuance Cloud ConnectorGlOverlayIcon.dll [2011-05-09] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:Program Files (x86)NuanceNuance Cloud ConnectorGlOverlayIconU.dll [2011-05-09] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:Program Files (x86)NuanceNuance Cloud ConnectorGlOverlayIcon.dll [2011-05-09] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:Program Files (x86)NuanceNuance Cloud ConnectorGlOverlayIconU.dll [2011-05-09] (Gladinet, Inc. -> Gladinet, INC)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-06-18] (Google LLC -> Google)

ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:Program FilesMacriumReflectRContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:Program Files (x86)NuancePDF Create 7binDirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp.)

ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:Program FilesMacriumReflectRContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)

ContextMenuHandlers3: [Open With Gladinet] -> {81695C6B-C2CA-492F-951D-5469840B2098} => C:Program Files (x86)NuanceNuance Cloud ConnectorGladinetShellProxy.dll [2011-05-09] (Gladinet, Inc. -> Gladinet, INC)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-06-18] (Google LLC -> Google)

ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:Program FilesNVIDIA Corporationnviewnvshell.dll [2015-06-29] (NVIDIA Corporation -> )

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.48.0.dll [2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-06-27 17:58 – 2016-06-27 17:58 – 000275968 _____ () [File not signed] C:Program Files (x86)Common FilesLivescribePenCommPenCommSdk.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000114176 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_ctypes.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000172544 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_elementtree.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 002255872 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_hashlib.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000032256 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_multiprocessing.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000046080 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_psutil_windows.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000047616 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_socket.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 002825216 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_ssl.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000026112 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322_yappi.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000080896 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322bz2.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000015872 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322common.time34.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000007680 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322hashobjs_ext.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000301568 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322PIL._imaging.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000168448 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322pyexpat.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 001084416 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322pysqlite2._sqlite.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000548864 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322pythoncom27.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000137728 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322pywintypes27.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000010752 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322select.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000020992 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322thumbnails_ext.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000689664 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322unicodedata.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000119808 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322usb_ext.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000128512 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32api.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000438784 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32com.shell.shell.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000011776 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32crypt.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000023040 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32event.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000149504 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32file.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000223232 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32gui.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000048128 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32inet.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000029696 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32pdh.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000027648 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32pipe.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000044032 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32process.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000020480 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32profile.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000136192 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32security.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000026624 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322win32ts.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000034304 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322windows.conditional.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000037888 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322windows.connectivity.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000071680 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322windows.device_monitor.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000103936 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322windows.volumes.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000019968 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322windows.winwrap.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 001325056 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._controls_.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 001489408 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._core_.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 001007104 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._gdi_.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000103424 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._html2.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 000916992 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._misc_.pyd

2021-07-17 19:07 – 2021-07-17 19:07 – 001039872 _____ () [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wx._windows_.pyd

2020-12-05 22:13 – 2020-08-08 15:00 – 000076800 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2019-12-06 20:37 – 2019-12-06 20:37 – 000262144 _____ (Microsoft Corporation) [File not signed] C:Program Files (x86)Common FilesMicrosoft SharedPhone ToolsCoreCon11.0binIpOverUsbPc.DLL

2021-07-17 19:07 – 2021-07-17 19:07 – 003043328 _____ (Python Software Foundation) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322python27.dll

2011-02-09 07:04 – 2011-02-09 07:04 – 001032192 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)NuanceNuance Cloud ConnectorLIBEAY32.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000202240 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxbase30u_net_vc90_x64.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 002831872 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxbase30u_vc90_x64.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 001654784 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxmsw30u_adv_vc90_x64.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 006542336 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxmsw30u_core_vc90_x64.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000773632 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxmsw30u_html_vc90_x64.dll

2021-07-17 19:07 – 2021-07-17 19:07 – 000137216 _____ (wxWidgets development team) [File not signed] C:Userskcav1AppDataLocalTemp_MEI48322wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:ProgramDataTEMP:A303874F [224]

AlternateDataStreams: C:Userskcav1DocumentsSuppliers:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKUS-1-5-21-693290602-2950206285-2906115910-1002SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://www.msn.com/?OCID=IE11FREDHP&PC=UF01

BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:Program Files (x86)NuanceNaturallySpeaking14Programx64dgnriaie_x64.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> No File

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPluginx64.dll [2020-08-20] (HP Inc. -> HP Inc.)

BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:Program Files (x86)NuanceNaturallySpeaking14Programdgnriaie.dll [2015-08-22] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll [2020-06-24] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> No File

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll [2020-08-20] (HP Inc. -> HP Inc.)

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 19:38 – 2018-04-11 19:36 – 000000824 _____ C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-693290602-2950206285-2906115910-1002Control PanelDesktopWallpaper ->

HKUS-1-5-21-693290602-2950206285-2906115910-1003Control PanelDesktopWallpaper ->

DNS Servers: 75.75.75.75 – 75.75.76.76

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedStartupFolder: => “Nuance Cloud Connector.lnk”

HKLM…StartupApprovedRun: => “SecurityHealth”

HKLM…StartupApprovedRun32: => “DNS7reminder”

HKLM…StartupApprovedRun32: => “Nuance PDF Create 7-reminder”

HKLM…StartupApprovedRun32: => “OmniPage Preload”

HKLM…StartupApprovedRun32: => “PDFHook”

HKLM…StartupApprovedRun32: => “PDF7 Registry Controller”

HKLM…StartupApprovedRun32: => “Discord”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{540CC0BD-19DA-4813-900D-D16895FD547F}C:program filesmicrosoft officeoffice14groove.exe] => (Block) C:program filesmicrosoft officeoffice14groove.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{A7E2FA44-C966-4D9A-A424-71F830EDA4F5}C:program filesmicrosoft officeoffice14groove.exe] => (Block) C:program filesmicrosoft officeoffice14groove.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{7563DCF8-771D-430E-A03F-F46725B2DE4D}] => (Allow) LPort=51001

FirewallRules: [{933125CE-301D-4ECB-B6A0-53D275CD89BC}] => (Allow) LPort=51001

FirewallRules: [{210F07EA-4C52-4D48-8FA9-B85ECF910847}] => (Allow) C:Program Files (x86)NuanceOmniPage18OmniPage18.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{0DCDA37D-CC63-4E2D-8826-B832CFE715F0}] => (Allow) C:Program Files (x86)NuanceOmniPage18OmniPage18.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{74244C72-3AA7-4F32-83C6-0C1FF5CB4DEF}] => (Allow) C:Program Files (x86)NuanceOmniPage18PPMV.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{D296D75D-7BE1-4753-882B-CD4E395F4C26}] => (Allow) C:Program Files (x86)NuanceOmniPage18PPMV.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{F1BEDF62-0071-42EA-BF02-19238F0182BA}] => (Allow) C:Program Files (x86)NuanceOmniPage18EregEreg.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{9377FFC0-668B-4B6A-87C0-ADB6A2879655}] => (Allow) C:Program Files (x86)NuanceOmniPage18EregEreg.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.)

FirewallRules: [{D5CA19E4-7ABC-46B6-9C3F-9A7C692220F6}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorGladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [{4EF0B2F0-C76B-4E88-B61C-E9B93FB94BC4}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorGladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [{F68E4FA7-5B2D-4522-8299-87563D18D176}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorWOSVSSSvr.exe (Gladinet, Inc. -> )

FirewallRules: [{79003EA1-4BCE-42FD-9283-6033AD561BC6}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorWOSVSSSvr.exe (Gladinet, Inc. -> )

FirewallRules: [{09CFDF87-83AE-4914-98B9-29B22C4D1143}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorWOSVSSSvr2003.exe (Gladinet, Inc. -> )

FirewallRules: [{D0E72782-BDF4-4F81-A47F-B1F88448EADB}] => (Allow) C:Program Files (x86)NuanceNuance Cloud ConnectorWOSVSSSvr2003.exe (Gladinet, Inc. -> )

FirewallRules: [TCP Query User{883E87E0-BA66-4A4D-A4BC-BE70B94AE751}C:program files (x86)nuancenuance cloud connectorgladinetclient.exe] => (Block) C:program files (x86)nuancenuance cloud connectorgladinetclient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [UDP Query User{9122EE1A-0A91-4C74-B3EC-2CBD99DA5059}C:program files (x86)nuancenuance cloud connectorgladinetclient.exe] => (Block) C:program files (x86)nuancenuance cloud connectorgladinetclient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [TCP Query User{8769DA1C-513D-4ECC-BECD-9CDB11C5A9A1}C:program files (x86)microsoftskype for desktopskype.exe] => (Block) C:program files (x86)microsoftskype for desktopskype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [UDP Query User{2A20578F-7A51-4A72-BBA8-101FC44527DD}C:program files (x86)microsoftskype for desktopskype.exe] => (Block) C:program files (x86)microsoftskype for desktopskype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{07690654-EE14-4C56-88F1-2CC111E46D1F}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{672B6FBA-A2DF-4A62-B996-6064533A5F42}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{3BBB3F2B-0C00-45A4-B513-AB2D8A680A61}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{396ABA9B-8E03-402A-9C8C-7C5378F1C069}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{E2FFE4F9-A199-42AE-849D-DFF82A360DDA}] => (Allow) C:Program FilesHPHP ENVY 4520 seriesBinDeviceSetup.exe (Hewlett Packard -> HP Inc.)

FirewallRules: [{04A02280-C6E4-4703-904F-2591BC4F029E}] => (Allow) LPort=5357

FirewallRules: [{97F79F72-3254-43C7-BB6F-D2767D621B7D}] => (Allow) C:Program FilesHPHP ENVY 4520 seriesBinHPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)

FirewallRules: [{FC07106F-5821-4CE2-82F2-5771D2C3C44C}] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{8D827351-33D0-4CA9-ABFE-6CEFA9EDED14}] => (Allow) LPort=2869

FirewallRules: [{7209E383-1553-45C7-AE90-8A6BA2EFF4DE}] => (Allow) LPort=1900

FirewallRules: [{018D9E24-2338-4309-BF32-4A3F44E9330D}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{0AAF175A-AE2F-4F40-8CBA-C2E0062CF004}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{B4ED8194-4007-4100-B912-A99E156DFAB3}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{7780F2A9-9DA7-4268-A16F-1BF7A3561CB5}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{CBDA9660-CA74-4FCB-8BDC-B904B5845F03}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{2ACD3BF3-A3F1-4497-B050-877B90786CA3}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query User{BBE39435-E8E4-4B9B-9B90-254A5A3ADFFA}C:program files (x86)vmixsocialvmixsocial.exe] => (Block) C:program files (x86)vmixsocialvmixsocial.exe (StudioCoast Pty Ltd) [File not signed]

FirewallRules: [UDP Query User{4BBABFE3-DC4A-4E36-9EC5-EB9B76721530}C:program files (x86)vmixsocialvmixsocial.exe] => (Block) C:program files (x86)vmixsocialvmixsocial.exe (StudioCoast Pty Ltd) [File not signed]

FirewallRules: [TCP Query User{C7CDB041-D3B0-4E1C-BB0B-E7CC13707DDC}C:program files (x86)vmixsocialvmixsocial.exe] => (Block) C:program files (x86)vmixsocialvmixsocial.exe (StudioCoast Pty Ltd) [File not signed]

FirewallRules: [UDP Query User{B4A653E8-E8BC-429E-865C-FB2059ED3AF6}C:program files (x86)vmixsocialvmixsocial.exe] => (Block) C:program files (x86)vmixsocialvmixsocial.exe (StudioCoast Pty Ltd) [File not signed]

FirewallRules: [{CCF744CB-86BA-4F6E-AA77-477A6EF8BB39}] => (Allow) C:Program Files (x86)vMixvMix.exe (StudioCoast Pty Ltd -> StudioCoast Pty Ltd)

FirewallRules: [{6243A1E1-018F-495D-8040-F34D3203BCB8}] => (Allow) C:Program Files (x86)vMixvMix64.exe (StudioCoast Pty Ltd -> StudioCoast Pty Ltd)

FirewallRules: [{82F81ECA-61B0-41B7-8C5B-DCD67EB6DF4F}] => (Allow) C:Program Files (x86)vMixndivMixNDIHelper.exe (StudioCoast Pty Ltd) [File not signed]

FirewallRules: [{1212C8BD-8538-4BEC-9395-518B57E86694}] => (Allow) C:Program Files (x86)vMixvMixDesktopCapture.exe (StudioCoast Pty Ltd -> )

FirewallRules: [{DE57836A-3164-488F-A5E4-C3F40D9100A4}] => (Allow) C:Program Files (x86)vMixndix86NDIRecord.exe () [File not signed]

FirewallRules: [{F9F6C1C5-7040-447B-8DC2-43C08C73813E}] => (Allow) C:Program Files (x86)vMixndix64NDIRecord.exe () [File not signed]

FirewallRules: [{34F83818-829E-455F-82D0-F8B5C52227B2}] => (Allow) C:UsersOwnerAppDataRoamingZoombinZoom.exe => No File

FirewallRules: [{060700DA-B5D0-4E8D-8761-B489CDF67863}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{06A4C757-933A-4751-A350-719E031ECBD9}] => (Allow) C:Program Files (x86)DropboxClientDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.7 GB) (Free:53.77 GB) (45%)

==================== Faulty Device Manager Devices ============

Name: Base System Device

Description: Base System Device

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name: PCI Serial Port

Description: PCI Serial Port

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:

==================

Error: (07/17/2021 07:11:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 05:30:46 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 03:51:20 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 12:45:19 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 11:37:39 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 01:31:15 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 01:09:27 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/16/2021 12:53:07 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KCAV-NB7)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

System errors:

=============

Error: (07/16/2021 12:40:44 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 12:33:53 PM on ‎7/‎16/‎2021 was unexpected.

Error: (07/16/2021 11:58:57 AM) (Source: Ntfs) (EventID: 131) (User: NT AUTHORITY)

Description: The file system structure on volume F: cannot be corrected.

Please run the chkdsk utility on the volume F:.

Error: (07/16/2021 11:58:57 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume F:.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x10000000003a1.  The name of the file is “<unable to determine file name>”.

Error: (07/16/2021 11:46:11 AM) (Source: Ntfs) (EventID: 131) (User: NT AUTHORITY)

Description: The file system structure on volume F: cannot be corrected.

Please run the chkdsk utility on the volume F:.

Error: (07/16/2021 11:46:11 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: A corruption was discovered in the file system structure on volume F:.

The Master File Table (MFT) contains a corrupted file record.  The file reference number is 0x10000000003a1.  The name of the file is “<unable to determine file name>”.

Error: (07/16/2021 12:18:39 AM) (Source: DCOM) (EventID: 10010) (User: KCAV-NB7)

Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (07/16/2021 12:18:39 AM) (Source: DCOM) (EventID: 10010) (User: KCAV-NB7)

Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (07/15/2021 08:08:13 PM) (Source: DCOM) (EventID: 10001) (User: KCAV-NB7)

Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.19112.113.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca as Unavailable/Unavailable. The error:

“2147942402”

Happened while starting this command:

“C:Program FilesWindowsAppsMicrosoft.YourPhone_1.19112.113.0_x64__8wekyb3d8bbweYourPhone.exe” -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca

Windows Defender:

================

Date: 2021-07-17 20:06:49

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-07-17 19:36:38

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-07-16 16:52:23

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-07-16 14:44:19

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-12-13 20:52:42

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-07-15 14:21:05

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.343.1035.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.18300.4

Error code: 0x8050a003

Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

Date: 2021-07-15 14:21:05

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.343.1035.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiSpyware

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.18300.4

Error code: 0x8050a003

Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

Date: 2021-07-15 14:21:05

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.343.1035.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.18300.4

Error code: 0x8050a003

Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

Date: 2021-07-15 14:20:39

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.329.410.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.17700.4

Error code: 0x80240009

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-12-04 18:40:08

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.327.813.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.17600.5

Error code: 0x80072ee7

Error description: The server name or address could not be resolved

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCF Ver. F.22 12/22/2011

Motherboard: Hewlett-Packard 161C

Processor: Intel® Core™ i5-2520M CPU @ 2.50GHz

Percentage of memory in use: 84%

Total physical RAM: 4046.35 MB

Available physical RAM: 622.46 MB

Total Virtual: 5281.44 MB

Available Virtual: 764.27 MB

==================== Drives ================================

Drive c: (Sys) (Fixed) (Total:118.7 GB) (Free:53.77 GB) NTFS

?Volume{3aa7ea9f-0000-0000-0000-100000000000} (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 3AA7EA9F)

Partition 1: (Active) – (Size=549 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=118.7 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW