possível invasão anti-virus fechando netsat ip estranho

cometa8899 · 24 de outubro de 2023

utilizei o comando netstat no meu pc e notei um ip estranho apos isso instalei o eset online scanner e ele foi fechado sozinho varias vezes antes do scanner ser realizado

acredito que meu pc foi invadido provavelmente vou ter que formatar se não me ajudarem!

Segue os logs

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-24-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3570)
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\WinThruster

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1451 octets] - [24/10/2023 07:19:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~ ZHPCleaner v2023.10.18.48 by Nicolas Coolman (2023/10/18)
~ Run by Jack (Administrator) (24/10/2023 07:31:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\Jack\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Jack\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19045)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (10)
FOUND file: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\History =>.SUP.BrowserHistoric
FOUND file: C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\History =>.SUP.BrowserHistoric
FOUND file: C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric
FOUND folder: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\BraveSoftware\Brave-BrowserUser Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\Opera Software\Opera Stable\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\Mozilla\Firefox\Profiles\idw5sya4.Jack User\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\Mozilla\Firefox\Profiles\h4ep0r8q.default\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Jack\AppData\Local\Mozilla\Firefox\Profiles\c129bme1.default-release\Cache2 =>.SUP.BrowserCache

---\\ Hosts file (1)
~ The hosts file is legitimate (21)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (11)
FOUND file: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>ChromiumPreference
FOUND file: C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\Jack\AppData\Roaming\TeraBox\terabox.exe [Flextech Inc. - TeraBox] =>Adware.Pirrit
FOUND folder: C:\Users\Jack\AppData\Roaming\TeraBox =>Adware.Pirrit
FOUND file: C:\Windows\Prefetch\SETUP_FILEVIEWPRO_2022.EXE-2117D2DB.pf =>SUP.Optional.Solvusoft
FOUND file: C:\Windows\Prefetch\SETUP_WINTHRUSTER_2023.TMP-D22B5F79.pf =>SUP.Optional.WinThruster
FOUND folder: C:\Users\Jack\AppData\Local\Solvusoft_Corporation\FileViewPro.exe_Url_dnaugtvmzfhczvych303evrzkmck3wnr =>SUP.Optional.Solvusoft
FOUND folder: C:\Users\Jack\AppData\Local\Solvusoft_Corporation =>SUP.Optional.Solvusoft
FOUND folder: C:\Users\Jack\AppData\Local\AdvinstAnalytics =>.SUP.Various

---\\ Registry ( Key, Value, Data) (4)
FOUND key: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 576] =>.SUP.FirefoxRestriction
FOUND key: [X64] HKLM\SOFTWARE\Classes\com.adobe.animate.flv [FLV Vídeo for Flash Player] =>Riskware.FlashPlayer
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e1832e0d-f4a6-4178-9c01-15628e6fe6c4}\\DhcpNameServer [Bad : 181.213.132.4 181.213.132.5] =>Hijacker.Browser
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.213.132.4 181.213.132.5] =>Hijacker.Browser

---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Microsoft Edge OK
~ Brave OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK
~ Opera Stable OK

---\\ Statistics
~ Items scanned : 100524
~ Items found : 29
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 10/18

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h07mn25s

---\\ Reports (0)
ZHPCleaner-[S]-24102023-07_38_52.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Jack (administrator) on DESKTOP-CJ6LTSN (24-10-2023 07:51:32)
Running from C:\Users\Jack\Desktop\FRST64.exe
Loaded Profiles: Jack
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2308.3.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [11338776 2023-10-18] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-03-07] (Adobe Inc. -> )
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [23855464 2023-10-03] (Urban Cyber Security Inc. -> )
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [Keybase.Keybase.GUI] => C:\Users\Jack\AppData\Local\Keybase\Gui\Keybase.exe [166008624 2023-09-28] (Zoom Vídeo Communications, Inc. -> GitHub, Inc.)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBox] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBox.exe" AutoRun (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBoxWeb] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBoxWebService.exe" (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [MicrosoftEdgeAutoLaunch_3C32DD8DCCCF754B3FFB51F344CC4011] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [23855464 2023-10-03] (Urban Cyber Security Inc. -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2023-02-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\118.0.5993.89\Installer\chrmstp.exe [2023-10-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\Installer\chrmstp.exe [2023-10-18] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-03-09]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Jack\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C07D028C-8164-45F5-B80E-B5C883D005EB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{ADAC9FB7-75D2-4B97-9D86-CD0835B1A5D5} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {05AD2806-8576-4D7E-BB7B-86931BAACF70} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{60DC2823-4DBA-4BE4-A3CD-58E4C8ED2450} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {3EA7EE1D-E17F-447D-A6A2-E57802B1FAC3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem120.0.6077.0{E7E6E24D-037C-4E5E-A4C2-241F238A7241} => C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC) <==== ATTENTION
Task: {70633076-BA4D-46D9-B19C-36C594EA0DEE} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3678229789-2673764803-1741663152-1001 => C:\Users\Jack\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-08-18] (Mega Limited -> )
Task: {AF76DB51-1C23-4425-A413-46C3D05D0417} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA55AAF8-0DFB-4034-B5B8-FB794EB531B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06D8E2F6-EE2D-4A70-95E8-5460A6FFFE8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {671BB3F5-3AB1-49D6-84CC-90B94459DE0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FA5EF41-FDF7-4B96-AAF4-82DA70398409} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {4C46A488-2F77-49B4-8C6B-E3976565F21B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E661B1D9-F42F-4FC1-B337-577460D43C93} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {90A85282-9539-479A-9FD0-47DC873FD689} - System32\Tasks\Opera scheduled Autoupdate 1678107536 => C:\Users\Jack\AppData\Local\Programs\Opera\launcher.exe [42724048 2021-09-13] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0e4a800f-87e4-4c12-a7a8-d6309e00c4bc}: [DhcpNameServer] 192.168.43.30

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-10-20]
Edge Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-20]
Edge Extension: (Edge relevant text changes) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-20]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: h4ep0r8q.default
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\idw5sya4.Jack User [2023-10-23]
FF Session Restore: Mozilla\Firefox\Profiles\idw5sya4.Jack User -> is enabled.
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\h4ep0r8q.default [2023-03-27]
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\c129bme1.default-release [2023-03-27]
FF Session Restore: Mozilla\Firefox\Profiles\c129bme1.default-release -> is enabled.
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default [2023-10-24]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-27]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-16]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-05]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-04-26]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-24]
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-31]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 10 [2023-04-22]
CHR Session Restore: Profile 10 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 11 [2023-03-08]
CHR Session Restore: Profile 11 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 12 [2023-03-08]
CHR Session Restore: Profile 12 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 13 [2023-03-07]
CHR Session Restore: Profile 13 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 14 [2023-06-14]
CHR Session Restore: Profile 14 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-14]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 15 [2023-07-13]
CHR Session Restore: Profile 15 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-08]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16 [2023-10-12]
CHR Session Restore: Profile 16 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-12]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-09]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 17 [2023-09-29]
CHR Session Restore: Profile 17 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-12]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 18 [2023-09-10]
CHR Session Restore: Profile 18 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-14]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 19 [2023-07-14]
CHR Session Restore: Profile 19 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-18]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-10-22]
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 20 [2023-09-10]
CHR Session Restore: Profile 20 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-09]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-23]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 21 [2023-05-31]
CHR Session Restore: Profile 21 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-23]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 22 [2023-03-24]
CHR Session Restore: Profile 22 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-24]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 23 [2023-09-06]
CHR Session Restore: Profile 23 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-03]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 24 [2023-08-12]
CHR Session Restore: Profile 24 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-04]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25 [2023-09-23]
CHR Session Restore: Profile 25 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-23]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-05]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 26 [2023-10-03]
CHR Session Restore: Profile 26 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 27 [2023-04-07]
CHR Session Restore: Profile 27 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 28 [2023-09-10]
CHR Session Restore: Profile 28 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-11]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 29 [2023-04-19]
CHR Session Restore: Profile 29 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-19]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-10-20]
CHR Session Restore: Profile 3 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 30 [2023-09-10]
CHR Session Restore: Profile 30 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-19]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31 [2023-04-26]
CHR Session Restore: Profile 31 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-23]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 32 [2023-10-22]
CHR Session Restore: Profile 32 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34 [2023-10-18]
CHR Session Restore: Profile 34 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-18]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 34\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-04]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 35 [2023-06-07]
CHR Session Restore: Profile 35 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 35\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 35\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 35\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-13]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 36 [2023-09-11]
CHR Session Restore: Profile 36 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 36\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 36\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 36\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-13]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 37 [2023-06-18]
CHR Session Restore: Profile 37 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 37\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 37\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 37\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-15]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38 [2023-10-24]
CHR DownloadDir: C:\Users\Jack\Downloads
CHR Session Restore: Profile 38 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 38\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-02]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 39 [2023-06-25]
CHR Session Restore: Profile 39 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 39\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-25]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 39\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 39\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-25]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-09-18]
CHR Session Restore: Profile 4 -> is enabled.
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-18]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 40 [2023-09-10]
CHR Session Restore: Profile 40 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 40\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 40\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 40\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 40\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-10]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 41 [2023-07-13]
CHR Session Restore: Profile 41 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 41\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 41\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-13]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 41\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 41\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-13]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42 [2023-10-19]
CHR Session Restore: Profile 42 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-19]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 42\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-11]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43 [2023-10-12]
CHR Notifications: Profile 43 -> hxxps://www.crio.do
CHR Session Restore: Profile 43 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-12]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 43\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-12]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 44 [2023-09-01]
CHR Session Restore: Profile 44 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 44\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 44\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-01]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 44\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 44\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45 [2023-10-03]
CHR Session Restore: Profile 45 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-03]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 45\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 46 [2023-09-09]
CHR Session Restore: Profile 46 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 46\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 46\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-01]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 46\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 46\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47 [2023-10-22]
CHR Session Restore: Profile 47 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 47\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-05]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48 [2023-10-12]
CHR Session Restore: Profile 48 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-05]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 48\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-05]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 49 [2023-09-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 49\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 49\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 49\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 49\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-08]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-10-22]
CHR Session Restore: Profile 5 -> is enabled.
CHR Extension: (AMZ Suggestion Expander) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cpeaihkccbeemkfefcapijechkbfjlhb [2023-10-22]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (DS Amazon Quick View) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2023-10-22]
CHR Extension: (Helium 10) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2023-10-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50 [2023-10-23]
CHR Session Restore: Profile 50 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-19]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 50\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-10]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 51 [2023-09-21]
CHR Session Restore: Profile 51 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 51\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 51\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 51\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 51\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-10]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 52 [2023-09-11]
CHR Session Restore: Profile 52 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 52\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 52\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 52\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 52\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-11]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53 [2023-10-12]
CHR Session Restore: Profile 53 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 53\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-03]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54 [2023-10-19]
CHR Session Restore: Profile 54 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-19]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 54\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-05]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55 [2023-10-18]
CHR Session Restore: Profile 55 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Online Security) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2023-10-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 55\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-08]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-09-10]
CHR Session Restore: Profile 6 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7 [2023-10-18]
CHR Session Restore: Profile 7 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 8 [2023-10-12]
CHR Session Restore: Profile 8 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 9 [2023-04-22]
CHR Session Restore: Profile 9 -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-07]
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-22]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Jack\AppData\Roaming\TeraBox\terabox_ext_chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]

Opera:
=======
OPR Profile: C:\Users\Jack\AppData\Roaming\Opera Software\Opera Stable [2023-03-06]

Brave:
=======
BRA Profile: C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-10-24]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-01]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-06-01]
BRA Extension: (Brave NTP background images) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-03-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-24]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-06-01]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-06-01]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2023-03-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2023-06-01]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-06-01]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-06-01]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Jack\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-06-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\brave_vpn_helper.exe [3073048 2023-10-18] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [11338776 2023-10-18] (Brave Software, Inc. -> Brave Software, Inc.)
S2 GoogleUpdaterInternalService120.0.6077.0; C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC)
S2 GoogleUpdaterService120.0.6077.0; C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [450768 2023-09-06] (Urban Cyber Security Inc. -> )
S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1022312 2023-10-03] (Urban Cyber Security Inc. -> Urban Security)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 TeraBoxUtility; C:\Users\Jack\AppData\Roaming\TeraBox\YunUtilityService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [31140 2007-09-21] (Compuware Corporation) [File not signed]
R3 MpKsl35cc157a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55C49D16-2616-40CD-999A-7FCEFD949A6E}\MpKslDrv.sys [263560 2023-10-23] (Microsoft Windows -> Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-24 07:46 - 2023-10-24 07:51 - 000090078 _____ C:\Users\Jack\Desktop\Addition.txt
2023-10-24 07:45 - 2023-10-24 07:52 - 000062560 _____ C:\Users\Jack\Desktop\FRST.txt
2023-10-24 07:44 - 2023-10-24 07:51 - 000000000 ____D C:\FRST
2023-10-24 07:42 - 2023-10-24 07:42 - 000013415 _____ C:\Users\Jack\Desktop\ZHPCleaner (R).html
2023-10-24 07:42 - 2023-10-24 07:42 - 000005467 _____ C:\Users\Jack\Desktop\ZHPCleaner (R).txt
2023-10-24 07:38 - 2023-10-24 07:38 - 000013492 _____ C:\Users\Jack\Desktop\ZHPCleaner (S).html
2023-10-24 07:38 - 2023-10-24 07:38 - 000005521 _____ C:\Users\Jack\Desktop\ZHPCleaner (S).txt
2023-10-24 07:30 - 2023-10-24 07:42 - 000000000 ____D C:\Users\Jack\AppData\Roaming\ZHP
2023-10-24 07:30 - 2023-10-24 07:30 - 000000874 _____ C:\Users\Jack\Desktop\ZHPCleaner.lnk
2023-10-24 07:30 - 2023-10-24 07:30 - 000000000 ____D C:\Users\Jack\AppData\Local\ZHP
2023-10-24 07:19 - 2023-10-24 07:20 - 000000000 ____D C:\AdwCleaner
2023-10-24 07:18 - 2023-10-24 07:18 - 002383360 _____ (Farbar) C:\Users\Jack\Desktop\FRST64.exe
2023-10-24 07:16 - 2023-10-24 07:17 - 003344032 _____ (Nicolas Coolman) C:\Users\Jack\Desktop\ZHPCleaner.exe
2023-10-24 07:13 - 2023-10-24 07:13 - 008791352 _____ (Malwarebytes) C:\Users\Jack\Desktop\adwcleaner.exe
2023-10-24 06:55 - 2023-10-24 06:55 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-10-23 19:14 - 2023-10-24 06:00 - 000001381 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-10-23 19:14 - 2023-10-24 05:59 - 000001275 _____ C:\Users\Jack\Desktop\ESET Online Scanner.lnk
2023-10-23 19:14 - 2023-10-23 19:14 - 000000000 ____D C:\Users\Jack\AppData\Local\ESET
2023-10-23 19:12 - 2023-10-23 19:13 - 015274968 _____ (ESET) C:\Users\Jack\Downloads\esetonlinescanner.exe
2023-10-23 11:37 - 2023-10-23 11:37 - 000000000 ____D C:\Users\Jack\Desktop\Google marketing
2023-10-23 09:38 - 2023-10-23 09:38 - 000551979 _____ C:\Users\Jack\Downloads\Laudo Completo 27_02_2023 (1).pdf
2023-10-23 09:22 - 2023-10-23 09:22 - 000583686 _____ C:\Users\Jack\Downloads\Laudo Completo 13_09_2023 (1).pdf
2023-10-22 21:29 - 2023-10-23 12:32 - 000000062 _____ C:\Users\Jack\Desktop\New Text Document (7).txt
2023-10-22 17:09 - 2023-10-22 17:09 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Python
2023-10-22 16:40 - 2023-10-22 16:40 - 000300090 _____ C:\Users\Jack\Downloads\coursera-dl-master.zip
2023-10-22 15:53 - 2023-10-22 15:53 - 028978512 _____ (Python Software Foundation) C:\Users\Jack\Downloads\python-3.10.8-amd64.exe
2023-10-22 15:53 - 2023-10-22 15:53 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
2023-10-22 15:21 - 2023-10-22 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-22 15:21 - 2023-10-22 15:21 - 000000000 ____D C:\Program Files\Git
2023-10-22 15:18 - 2023-10-22 15:19 - 061263968 _____ (The Git Development Community ) C:\Users\Jack\Downloads\Git-2.42.0.2-64-bit.exe
2023-10-22 14:45 - 2023-10-22 14:45 - 000000000 ____D C:\Users\Jack\AppData\Local\pip
2023-10-22 14:37 - 2023-10-22 15:53 - 000000000 ____D C:\Users\Jack\AppData\Local\Package Cache
2023-10-22 14:37 - 2023-10-22 14:37 - 026507904 _____ (Python Software Foundation) C:\Users\Jack\Downloads\python-3.12.0-amd64.exe
2023-10-22 14:31 - 2023-10-22 17:08 - 000000000 ____D C:\Users\Jack\Desktop\Coursera
2023-10-20 16:15 - 2023-10-20 16:15 - 000000219 _____ C:\Users\Jack\Desktop\Counter-Strike 2.url
2023-10-18 19:51 - 2023-10-18 19:51 - 000000000 _____ C:\Users\Jack\Desktop\New Text Document (5).txt
2023-10-16 14:45 - 2023-10-16 14:45 - 000081571 _____ C:\Users\Jack\Downloads\boleto abrace.pdf
2023-10-16 10:26 - 2023-10-16 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UrbanVPN
2023-10-16 10:26 - 2023-10-16 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2023-10-16 10:26 - 2023-10-16 10:26 - 000000000 ____D C:\Program Files\UrbanVPN
2023-10-16 10:26 - 2023-10-16 10:26 - 000000000 ____D C:\Program Files\TAP-Windows
2023-10-13 08:33 - 2023-10-14 09:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-12 09:54 - 2023-10-12 09:54 - 000000000 ____D C:\ProgramData\PLUG
2023-10-11 21:00 - 2023-10-11 21:00 - 000000000 ____D C:\Program Files\RUXIM
2023-10-11 09:28 - 2023-10-11 09:28 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-10-11 09:21 - 2023-10-11 09:21 - 000000000 ___HD C:\$WinREAgent
2023-10-11 09:21 - 2023-10-11 09:21 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2023-10-10 08:40 - 2023-10-10 08:40 - 000297532 _____ C:\Users\Jack\Downloads\matematica-2017-prova.pdf
2023-10-10 08:40 - 2023-10-10 08:40 - 000137531 _____ C:\Users\Jack\Downloads\matematica-2017-gabarito.pdf
2023-10-06 19:42 - 2023-10-10 16:50 - 000000057 _____ C:\Users\Jack\Desktop\New Text Document (4).txt
2023-10-06 16:42 - 2023-10-06 16:42 - 002661737 _____ C:\Users\Jack\Downloads\The non-resident-Survival-Guide V1.3.pdf
2023-10-05 17:17 - 2023-10-05 17:17 - 000002440 _____ C:\Users\Jack\Desktop\Tiktok from USA - Chrome.lnk
2023-10-03 11:01 - 2023-10-03 11:01 - 000002440 _____ C:\Users\Jack\Desktop\print on demand 2 - Chrome.lnk
2023-10-02 14:39 - 2023-10-02 14:39 - 000156777 _____ C:\Users\Jack\Downloads\grafico-taxa-de-alcool-no-sangue.pdf
2023-10-02 13:23 - 2023-10-02 13:23 - 001320434 _____ C:\Users\Jack\Downloads\matematica-capitulo-9.pdf
2023-10-02 10:29 - 2023-10-02 10:29 - 001106309 _____ C:\Users\Jack\Downloads\matematica-capitulo-8.pdf
2023-10-02 10:03 - 2023-10-02 10:03 - 003844523 _____ C:\Users\Jack\Downloads\matematica-capitulo-7.pdf
2023-10-02 09:33 - 2023-10-02 09:33 - 002039620 _____ C:\Users\Jack\Downloads\matematica-capitulo-6.pdf
2023-09-30 15:40 - 2023-09-30 15:40 - 001909751 _____ C:\Users\Jack\Downloads\matematica-capitulo-5.pdf
2023-09-30 15:29 - 2023-09-30 15:29 - 001801822 _____ C:\Users\Jack\Downloads\matematica-capitulo-4.pdf
2023-09-30 14:43 - 2023-09-30 14:43 - 001303669 _____ C:\Users\Jack\Downloads\matematica-capitulo-3.pdf
2023-09-30 13:58 - 2023-09-30 13:58 - 001563936 _____ C:\Users\Jack\Downloads\matematica-capitulo-2.pdf
2023-09-30 13:15 - 2023-09-30 13:15 - 001790773 _____ C:\Users\Jack\Downloads\matematica-capitulo-1.pdf
2023-09-29 08:36 - 2023-09-29 08:36 - 000001335 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keybase.lnk
2023-09-28 10:31 - 2023-09-28 10:31 - 017934074 _____ C:\Users\Jack\Downloads\encceja_matematica_ens_medio.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-24 07:47 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2023-10-24 07:43 - 2023-03-06 10:02 - 000002392 _____ C:\Users\Jack\Desktop\Jacques - Chrome.lnk
2023-10-24 07:33 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-24 07:20 - 2023-04-07 14:01 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Keybase
2023-10-24 07:20 - 2023-03-05 19:43 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-24 07:19 - 2023-03-25 14:09 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-24 07:10 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-24 06:50 - 2023-03-06 03:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-24 05:31 - 2023-03-06 10:14 - 000000000 ___HD C:\Users\Jack\Downloads\.opera
2023-10-24 05:31 - 2023-03-06 10:14 - 000000000 ___HD C:\Users\Jack\.opera
2023-10-24 02:42 - 2023-04-07 14:01 - 000000000 ____D C:\Users\Jack\AppData\Local\Keybase
2023-10-23 19:17 - 2023-03-06 16:29 - 000000000 ____D C:\Users\Jack\AppData\Local\CrashDumps
2023-10-23 19:04 - 2023-03-05 19:47 - 000004166 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{55308F34-82BC-4769-B34F-B89C57BE5719}
2023-10-23 17:52 - 2023-03-07 09:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-23 02:28 - 2022-09-08 00:12 - 000000000 ____D C:\Windows\SystemTemp
2023-10-22 16:36 - 2023-03-05 19:37 - 000840878 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-22 16:30 - 2023-04-03 16:52 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-10-22 16:29 - 2023-03-06 11:19 - 000000000 ____D C:\ProgramData\UrbanVPN
2023-10-22 16:29 - 2023-03-06 03:29 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-22 16:29 - 2023-03-06 03:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-22 16:28 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-22 15:53 - 2023-03-06 09:58 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-22 10:47 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-22 10:47 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-22 10:41 - 2023-03-06 03:29 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-21 10:25 - 2023-09-23 09:14 - 000002380 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-21 10:25 - 2023-03-05 19:51 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3678229789-2673764803-1741663152-1001
2023-10-21 10:25 - 2023-03-05 19:40 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3678229789-2673764803-1741663152-1001
2023-10-20 16:15 - 2023-04-11 15:05 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-10-20 10:57 - 2023-05-05 10:53 - 000000445 _____ C:\Users\Jack\Desktop\New Text Document (2).txt
2023-10-20 10:41 - 2023-03-05 19:37 - 000000000 ____D C:\Users\Jack\AppData\Local\Packages
2023-10-20 10:41 - 2023-03-05 19:37 - 000000000 ____D C:\ProgramData\Packages
2023-10-20 10:40 - 2023-03-05 19:41 - 000000000 ____D C:\Users\Jack\AppData\Local\PlaceholderTileLogoFolder
2023-10-19 19:23 - 2023-03-05 19:42 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-19 19:23 - 2023-03-05 19:42 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-18 16:39 - 2023-03-18 10:14 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-10-18 16:39 - 2023-03-18 10:14 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2023-10-14 09:49 - 2023-03-25 13:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-13 13:52 - 2023-03-25 13:52 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-12 10:09 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-12 09:54 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-10-11 21:47 - 2023-03-06 03:29 - 000259896 _____ C:\Windows\system32\FNTCACHE.DAT
2023-10-11 21:46 - 2019-12-07 06:54 - 000000000 ___SD C:\Windows\system32\AppV
2023-10-11 21:46 - 2019-12-07 06:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-11 21:46 - 2019-12-07 06:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-11 21:46 - 2019-12-07 06:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\F12
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Com
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellComponents
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\Provisioning
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\IME
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-11 21:46 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-11 21:46 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\servicing
2023-10-11 16:19 - 2023-03-11 10:13 - 000000000 ____D C:\Users\Jack\Downloads\Marketing more book
2023-10-11 16:19 - 2023-03-07 09:31 - 000000000 ____D C:\Users\Jack\AppData\LocalLow\Mozilla
2023-10-11 09:34 - 2019-12-07 06:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-10-11 09:34 - 2019-12-07 06:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-10-11 09:34 - 2019-12-07 06:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-10-11 09:28 - 2023-03-05 19:31 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-10-11 09:11 - 2023-03-08 11:24 - 000000000 ____D C:\Windows\system32\MRT
2023-10-11 09:07 - 2023-03-08 11:24 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 10:21 - 2023-09-01 16:25 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-10-06 21:08 - 2023-03-05 19:37 - 000000000 ____D C:\Users\Jack
2023-10-06 21:07 - 2023-03-06 09:58 - 000000000 ____D C:\Users\Jack\AppData\Roaming\utorrent
2023-10-05 11:33 - 2023-03-06 03:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-28 09:32 - 2023-03-05 19:44 - 000000000 ____D C:\Users\Jack\AppData\Local\D3DSCache

==================== Files in the root of some directories ========

2023-03-05 20:11 - 2023-03-05 20:11 - 000000023 _____ () C:\Users\Jack\AppData\Roaming\epm_user.ini
2023-04-25 14:47 - 2023-06-07 15:20 - 000001456 _____ () C:\Users\Jack\AppData\Local\Adobe Save for Web 13.0 Prefs

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Jack (24-10-2023 07:52:48)
Running from C:\Users\Jack\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) (2023-03-05 22:31:16)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3678229789-2673764803-1741663152-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3678229789-2673764803-1741663152-503 - Limited - Disabled)
Guest (S-1-5-21-3678229789-2673764803-1741663152-501 - Limited - Disabled)
Jack (S-1-5-21-3678229789-2673764803-1741663152-1001 - Administrator - Enabled) => C:\Users\Jack
WDAGUtilityAccount (S-1-5-21-3678229789-2673764803-1741663152-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe After Effects 2023 (HKLM-x32\...\AEFT_23_2_1) (Version: 23.2.1 - Adobe Inc.)
Adobe Animate 2023 (HKLM-x32\...\FLPR_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_2) (Version: 23.2 - Adobe Inc.)
Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_2) (Version: 13.0.2 - Adobe Inc.)
Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_1) (Version: 23.1 - Adobe Inc.)
Adobe Dimension (HKLM-x32\...\ESHR_3_4_7) (Version: 3.4.7 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_8_1) (Version: 27.8.1 - Adobe Inc.)
Adobe InCopy 2023 (HKLM-x32\...\AICY_18_1) (Version: 18.1 - Adobe Inc.)
Adobe InDesign 2023 (HKLM-x32\...\IDSN_18_1) (Version: 18.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_2) (Version: 12.2 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_2_1) (Version: 23.2.1 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Premiere Pro 2023 (HKLM-x32\...\PPRO_23_2) (Version: 23.2 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_7) (Version: 2.7 - Adobe Inc.)
Adobe Speech to Text (Cantonese Chinese) (HKLM-x32\...\S2T_yue_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Chinese) (HKLM-x32\...\S2T_cmn_12_1_0_5) (Version: 12.1.0.5 - Adobe Inc.)
Adobe Speech to Text (Danish) (HKLM-x32\...\S2T_da_12_1_0_5) (Version: 12.1.0.5 - Adobe Inc.)
Adobe Speech to Text (Duch) (HKLM-x32\...\S2T_nl_12_1_2_5) (Version: 12.1.2.5 - Adobe Inc.)
Adobe Speech to Text (English) (HKLM-x32\...\S2T_en_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (French) (HKLM-x32\...\S2T_fr_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (German) (HKLM-x32\...\S2T_de_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Hindi) (HKLM-x32\...\S2T_hi_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Italian) (HKLM-x32\...\S2T_it_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Japanese) (HKLM-x32\...\S2T_ja_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Korean) (HKLM-x32\...\S2T_ko_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Norwegian) (HKLM-x32\...\S2T_no_12_1_1_5) (Version: 12.1.1.5 - Adobe Inc.)
Adobe Speech to Text (Portuguese) (HKLM-x32\...\S2T_pt_12_2_0_5) (Version: 12.2.0.5 - Adobe Inc.)
Adobe Speech to Text (Russian) (HKLM-x32\...\S2T_ru_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Spanish) (HKLM-x32\...\S2T_es_12_0_10_5) (Version: 12.0.10.5 - Adobe Inc.)
Adobe Speech to Text (Swedish) (HKLM-x32\...\S2T_sv_12_1_2_5) (Version: 12.1.2.5 - Adobe Inc.)
Adobe Substance 3D Designer (HKLM-x32\...\SBSTD_12_4_0) (Version: 12.4.0 - Adobe Inc.)
Adobe Substance 3D Modeler (HKLM-x32\...\SHPR_1_1_4) (Version: 1.1.4 - Adobe Inc.)
Adobe Substance 3D Painter (HKLM-x32\...\SBSTP_8_3_0) (Version: 8.3.0 - Adobe Inc.)
Adobe Substance 3D Sampler (HKLM-x32\...\SBSTA_4_0_1) (Version: 4.0.1 - Adobe Inc.)
Adobe Substance 3D Stager (HKLM-x32\...\STGR_2_0_0) (Version: 2.0.0 - Adobe Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 118.1.59.120 - Brave Software Inc)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\17b806b9413bc12a74f2e071cd43be11) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\1fc2b55f4a45228459e3caf27197e553) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\2771e0c7918cbddb772bbaf3aa4f1acb) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\31b2f630faea7b8e71ea752e768dff8e) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\3446a7abf57c2a9a1ba1da7544345793) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\374d14d276032c28fe93d0df9f0fe3de) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\4d1642a157612b1ff87de650dadbd67b) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\5722fe8a671f28e2c94e67d4e8e7bcc9) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\58fdf0b1cafcd4f025981025c7105d2e) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\7709d87eb5ceb5803ddebaff5202a656) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\7a0b4be64298d879320a9636ae91aaa4) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\7f6bbf7433c003707df9321531d4f469) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ca572a391795a98a850ed26c0b777aec) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\dcc5184dca0309ee685a1e3a83fbb543) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\df8a0b75353354ed85675e7f555221f1) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ea15c3e8b77c25f9c9d17107afe05923) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ef339de577c49e48cb3638cfb7653ff9) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\f14a1a5cab9f77fec00ede7b1fa3557f) (Version: 1.0 - Google\Chrome)
Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\05267314d14b5adc7508ea2551cf385c) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\0821a0d7fdced135c68cec5ddf86fec9) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\0afb94ec286551fe1045abbde9b595b2) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\1e410478477de4d91ab76f009c239e4c) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\26e6daba6d072a43f6ef20a63a425ab8) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\3c6210633bf23591861d8f3e0d643b9d) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\53a07a9a58f7450a44f53bfa2a4d03c7) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\5a0c4aef5986a1a21b36309def05cd97) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\5cf141b76852d8a47205c9d8cd19110b) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\6e86d0546fbd24db48218fec007a2499) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\8f2da6d058020e9cc77bdd66ecf81a68) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\af9228ec5dadb58b9f09cec9677eedb8) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\b5c3f037da8f790efe704367920e8218) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\bcf51b856ff77599945bf21821d617b5) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\c5f51042593b3189f20cabb53d42d75d) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\d95d07d7f1f629f5c7df3ca15d3681c7) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\df4f4a0f6e6d6a06460e4e7789b67c4f) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ea5dc9085006c06cf41314fd9f446f91) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 118.0.5993.89 - Google LLC)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\025d25729c94faa89601279632c0cb19) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\053c440d22a9c95472c3e53368fb88a2) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\19b3104529e21adcb7e6fbd65615a91d) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\36c7b9914627e2c5916c558b568387b3) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\3ff0561cd0362c034d5032ba4765839b) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\419a532cfdd26b2fea92e0ee364fd7ed) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\60b2776c6d70dde4c62c64f6c1d0e74b) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\622a8cdef7ee67b202676284b271b801) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\643dbf6c7e8d8a07a4a16793edb96e96) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\65f13b15ead6090e41204bb7c6051169) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\73732c110e41581f0dcc4c191ad53b0c) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\8732fea119f24539bf5b4eb2d2097d06) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\95e84bae62fcd9f9281134bd43fd7f78) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\a217945d848e53c83a4aaa7cdfaf868d) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\babd152912cb7090a769e2a002455744) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\e8ef6a84e306986dc90dea1cae2b44d1) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\f0557d785ac57c2e7751fa0b85a2fffc) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\fe771019c15b86070136dfbbceb0184f) (Version: 1.0 - Google\Chrome)
HandBrake 1.6.1 (HKLM-x32\...\HandBrake) (Version: 1.6.1 - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Keybase (HKLM\...\{6B4FB18E-534C-402C-9E08-1E9A5BA14150}) (Version: 6.2.3.1 - Keybase, Inc.)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH)
Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.21 (x64) (HKLM\...\{26FF35F7-ADBB-4C9F-97DA-79120DB80EC6}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 118.0.2088.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 118.0.2088.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\OneDriveSetup.exe) (Version: 23.204.1001.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation)
MiniTool Partition Wizard Free 12.7 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.7 - MiniTool Software Limited)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 118.0.2 (x64 en-US)) (Version: 118.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 111.0.1 - Mozilla)
NVIDIA Graphics Driver 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Planilhas (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\068f94661bba54fe1a960505fe771368) (Version: 1.0 - Google\Chrome)
PS TO PC CONVERTER (HKLM-x32\...\{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2007.01.01 - )
Python 3.10.8 (64-bit) (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\{371d0d73-d418-4ffe-b280-58c3e7987525}) (Version: 3.10.8150.0 - Python Software Foundation)
Python 3.10.8 Add to Path (64-bit) (HKLM\...\{2F64CAF0-C8D6-4E7C-B263-D837C5888EC9}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Core Interpreter (64-bit) (HKLM\...\{6463E43B-54B1-4407-818D-DD90D11CDD06}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Development Libraries (64-bit) (HKLM\...\{B7DEC02E-E147-40A2-86C9-1F910DC43D1C}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Documentation (64-bit) (HKLM\...\{02E2EFF4-C685-4151-9A40-E50DE7A8A5D7}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Executables (64-bit) (HKLM\...\{361761A0-847E-4A8B-B375-1F77E475321E}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 pip Bootstrap (64-bit) (HKLM\...\{12EB4B8C-1F27-4A73-9B33-4545D52637D6}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Standard Library (64-bit) (HKLM\...\{9D731829-C401-4DFE-8906-79EBFAD18AF7}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Tcl/Tk Support (64-bit) (HKLM\...\{5ADA7829-A477-4BE0-8112-7C0C720F7093}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Test Suite (64-bit) (HKLM\...\{025F829D-844C-4E80-8C2C-ECBD6FB455BC}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python 3.10.8 Utility Scripts (64-bit) (HKLM\...\{BBF729BB-B0D3-4180-A4A7-3A713F0BE254}) (Version: 3.10.8150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{59AF356A-6B03-4A12-ADD4-43419963EBB5}) (Version: 3.10.7953.0 - Python Software Foundation)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\0bb5606c84ad30fa41d28d262c531880) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\14a854d88f56ae6c8578537c77a2b205) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\287ef9919d222c21f0ab92beae99f292) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\2bb7d39f91ec62f1eb4c80d189d47741) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\459ac3573ace35f74e261579b8f6247b) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\81b02d179b5ab91b1a565b5311f01796) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\81f5eeb3a3deab5b4f5bc6b5aa8fecfc) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\88e6770242a843df8f3d42727dc27a25) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\8ca8ad9162dc67f5b5f58cb815aaed08) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\9b9caa2bb5b79b484934df8f1c8aa2d5) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\b417ce7fadb8207108e67d71d54e80ed) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\b811c626235c77f5dba586918936112c) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\be39ce9df278c135d945f659dae48820) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\c681240145788630a979f362a52dca8a) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\c8c420ae0c717b9d79e601a9f883919e) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\d3ab0b0667a98c3881b7708bd4e93d9c) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\e76e2903375d52f2be1abdedab7b5b78) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ea217f60c1af17ae5efa454d95bc193b) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\118998194e09823f3b24c7b49e03d39c) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\422f2f2e304e3d256ae94cb580adc6db) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\4cc250e7c001dcc3e704edbd90a94fc6) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\5a69aab5010267ad2ce88dab63603dce) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\680671e382e84a4dc5f5e3ef6da2ffab) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\6a79ad0cbdc062960feb3c0fa1d4d95e) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\6abce7d200ef8768eace6e8b7882fd97) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\7222df7e3d5c4b57232182de2420382c) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\8286ec69ebc6054952da7f1b21913f33) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\87711f8089521b5316b7c218e669feaa) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\88ab81506b7c8f972e0de7020c9c547a) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\8c158667b5ece04761119f6a1affc541) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\93a834eb6def3e2fc534eab7a2c9631a) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\a08550d701ce6b97b5f6e0757135021f) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\a5fdd75d963df8468365402d604a851c) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\ce96c2fa9074835e7a3e59d346cd51ac) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\cf8dbe38c063646342902cdede39eba2) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\dfc519e4aac74c4b55ce5451c8e3024f) (Version: 1.0 - Google\Chrome)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeraBox (HKLM-x32\...\TeraBox) (Version: 1.21.0 - Flextech Inc.)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UrbanVPN (HKLM\...\{2138A4F4-FE1A-427A-9734-49D6EC21F47B}) (Version: 2.2.14.6 - Urban Security) Hidden
UrbanVPN (HKLM\...\UrbanVPN 2.2.14.6) (Version: 2.2.14.6 - Urban Security)
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: V3.70a - )
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\038cd6c831bb929392c493aa698a99fa) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\06bb2dbd8d8809f5f4b52fd721f79d12) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\167711f2757f995dc96f68b3d48ee767) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\18195443cb380ebad1e3664d61d77fbf) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\1a95d2bc62b686bd70603116d2bf1332) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\1b7a4454d52fee1df0101c8310ae7e9b) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\2ad29145094d412b333158f63a652044) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\4aff4d23a68e5de3ab69244b252b7600) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\643ddbd2e0e1f281e6e9ee767f3eb11f) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\6ddd37ec418c6ba24b879af8b39f3dc9) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\726018fcf099179fa9e4be252967c814) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\7bd6d28a67adaea4b3d6c1c75d2d20c5) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\9e87cc9e0d407cc9aeb4bf7811bacf1a) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\a486ebc782ac6d930e86b64b30c85f60) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\bd787fe738329aefbf701b2a10bb0d7f) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\c1563b2785f461dad85761813272c40f) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\c405b8d495a50e526d28e62e57b310c5) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\e23e6f9ce67607b06bb053f79e60b92d) (Version: 1.0 - Google\Chrome)

Packages:
=========
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_56.1.12.1_x64__pc75e8sa7ep4e [2023-03-07] (Adobe Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.8.31.0_neutral__6rarf9sa4v8jt [2023-10-19] (Disney)
Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_4.3.0.1156_x64__pc75e8sa7ep4e [2023-03-07] (Adobe Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2310.10001.0_x64__8wekyb3d8bbwe [2023-10-20] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-09] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.10160.0_x64__8wekyb3d8bbwe [2023-10-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0 [2023-10-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> C:\Users\Jack\AppData\Roaming\TeraBox\terabox.exe -diskopen
CustomCLSID: HKU\S-1-5-21-3678229789-2673764803-1741663152-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [TeraBox] => C:\Users\Jack\AppData\Roaming\TeraBox\
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-22] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-22] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-22] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-22] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jack\AppData\Local\MEGAsync\ShellExtX64.dll [2023-08-18] (Mega Limited -> )
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-22] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Jack\Desktop\Ai - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 15"
ShortcutWithArgument: C:\Users\Jack\Desktop\Ai work - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Jack\Desktop\army - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 32"
ShortcutWithArgument: C:\Users\Jack\Desktop\chinese - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 46"
ShortcutWithArgument: C:\Users\Jack\Desktop\Computer science - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Jack\Desktop\Courses - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Jack\Desktop\Courses 3 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Jack\Desktop\courses 4 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 47"
ShortcutWithArgument: C:\Users\Jack\Desktop\Design art - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 24"
ShortcutWithArgument: C:\Users\Jack\Desktop\Digital products - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Jack\Desktop\Entrepreneur - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 20"
ShortcutWithArgument: C:\Users\Jack\Desktop\Estudos - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 17"
ShortcutWithArgument: C:\Users\Jack\Desktop\exercicies - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 42"
ShortcutWithArgument: C:\Users\Jack\Desktop\fabrica de velas aromaticas - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Jack\Desktop\frances - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 44"
ShortcutWithArgument: C:\Users\Jack\Desktop\game dev - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 19"
ShortcutWithArgument: C:\Users\Jack\Desktop\graphic design - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 37"
ShortcutWithArgument: C:\Users\Jack\Desktop\Health - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Jack\Desktop\Health 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Jack\Desktop\healthy 3 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 34"
ShortcutWithArgument: C:\Users\Jack\Desktop\healthy 4 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 38"
ShortcutWithArgument: C:\Users\Jack\Desktop\Hindi - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 48"
ShortcutWithArgument: C:\Users\Jack\Desktop\home spray soaps making - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Jack\Desktop\IT - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Jack\Desktop\Jacques (Courses 2) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Jack\Desktop\Jacques - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Jack\Desktop\jewelry print on deman - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Jack\Desktop\language - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Jack\Desktop\Learn journey 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 50"
ShortcutWithArgument: C:\Users\Jack\Desktop\Make money - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 16"
ShortcutWithArgument: C:\Users\Jack\Desktop\Marketing - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Jack\Desktop\miscellaneous - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 35"
ShortcutWithArgument: C:\Users\Jack\Desktop\photoshop - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 31"
ShortcutWithArgument: C:\Users\Jack\Desktop\Print on Demand - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Jack\Desktop\print on demand 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 53"
ShortcutWithArgument: C:\Users\Jack\Desktop\Robotic Eletrical - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Jack\Desktop\Robotic self driving car - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Jack\Desktop\Robotics - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\Jack\Desktop\Robotics Mechanical - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Jack\Desktop\Robotics Software Engineer 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Jack\Desktop\russian - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 45"
ShortcutWithArgument: C:\Users\Jack\Desktop\SEO - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 40"
ShortcutWithArgument: C:\Users\Jack\Desktop\sites courses development - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 43"
ShortcutWithArgument: C:\Users\Jack\Desktop\SMMA - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Jack\Desktop\Solidworks - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 14"
ShortcutWithArgument: C:\Users\Jack\Desktop\Tiktok from USA - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 54"
ShortcutWithArgument: C:\Users\Jack\Desktop\Vídeo editing - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 36"
ShortcutWithArgument: C:\Users\Jack\Desktop\Work area - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 18"
ShortcutWithArgument: C:\Users\Jack\Desktop\work Print on Demand - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 26"
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 46" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (10).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 55" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 47" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (3).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 45" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (4).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 48" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (5).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 28" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (6).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 51" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (7).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 50" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (8).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 53" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube (9).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 54" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 44" --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 64-bit.lnk:AB2E8888A0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 64-bit.lnk:F81525EFBA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk:348C7DE18C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2023.lnk:7A3B09A8B9 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2023.lnk:778EB4E778 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk:4E1D8CA03D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk:9BB623C8A3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dimension.lnk:5E8D08BF30 [3442]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Users\Jack\Desktop\Coursera\coursera-dl;C:\Users\Jack\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\Scripts);
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1FFBA933-E1F1-46CE-902A-A4814200BD8D}] => (Allow) C:\Users\Jack\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4F232D7C-FB30-4E04-A864-836F4CDAC6C8}] => (Allow) C:\Users\Jack\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{C3404438-822F-4F39-A847-2A0B01B48DA9}] => (Allow) C:\Users\Jack\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{CCFB33EA-3E53-4681-8380-DB156EC3276D}] => (Allow) C:\Users\Jack\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{C1C2FA90-09A2-4153-B3CF-7DA87868C0FB}] => (Allow) C:\Users\Jack\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{D9B76F94-47EA-468C-9399-E8C237625C98}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{3B9C76A4-60ED-4D12-ABE3-F4D73F0868C8}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrobat_sl.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{AAAB8A2E-0D0D-48ED-8661-402B69BC7715}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcrobatInfo.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{1296B6A6-5F83-4A84-9AE4-EF5FA9B8B78B}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroBroker.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{2C80523B-125D-41E2-8FDC-C455DA972B0A}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrodist.exe (Adobe Inc. -> Adobe Systems Incorporated.)
FirewallRules: [{B11267B2-0B0B-4C83-AF9C-E5867C44C845}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroShareTarget.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{C1709199-94B6-4D8F-BAB9-B3DB2F1AF7F1}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroTextExtractor.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{E68DCE54-D56F-4D1C-991A-805ED6E06AD3}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{ADAC5AEE-7EC1-4FFD-A4C5-F681EB9B5283}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\ADelRCP.exe (Adobe Inc. -> Adobe Systems, Inc.)
FirewallRules: [{FFACC7EE-BDDF-4237-845B-E1F9569DF276}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{160EDB4F-D148-431F-A2DE-5AA0734E29D2}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\CRLogTransport.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{2B8EDAF9-AB12-48FA-8D5E-BA2E2DB5A1B6}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\CRWindowsClientService.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{97DBC404-DA03-4F8D-8BEC-AB17898E1E76}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Eula.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{ADE72115-2198-4E3E-A6B0-EF91DC8DDF25}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\LogTransport2.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{1115D00A-ABEB-4E03-88D4-4CA4E8FABA42}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{742EA889-BF38-495C-9DFC-29871EFCD45B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14532AC3-7625-47CC-8BFD-6748989F6055}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{096748F7-3E0B-42C8-972E-763466654F2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8283C068-8093-4B10-B6FB-2F49F7F07FF7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{37950053-6A71-4300-808C-AABAA457DE26}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{1F9CAFE3-DFDE-484E-AAD7-50D0AD9A7C5B}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9C146E05-FA94-49DA-BA2F-7BEBE02A63E0}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{36CEB017-9BEA-4B99-8A5D-FAF5A3766C94}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [UDP Query User{2805D9FB-C729-4B1C-A8ED-385C244B68F9}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [TCP Query User{81605925-0AC5-492B-8F34-D456CD4DB88B}C:\users\jack\appdata\roaming\terabox\teraboxhost.exe] => (Block) C:\users\jack\appdata\roaming\terabox\teraboxhost.exe => No File
FirewallRules: [UDP Query User{8BA57D72-942B-4B7E-9D56-D430DBA19221}C:\users\jack\appdata\roaming\terabox\teraboxhost.exe] => (Block) C:\users\jack\appdata\roaming\terabox\teraboxhost.exe => No File
FirewallRules: [TCP Query User{C1A1D065-3B5E-49DE-A24D-ED5A45E9A9D6}C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe] => (Block) C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe => No File
FirewallRules: [UDP Query User{F8F5B64F-A5D2-4813-B0DE-54F6BF30DA5A}C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe] => (Block) C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe => No File
FirewallRules: [TCP Query User{C86BBEFE-7F4B-4481-80FD-81305427AD8E}C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe] => (Allow) C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe => No File
FirewallRules: [UDP Query User{2DACBFC7-5646-47CA-AD0C-0ECC23EA76BD}C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe] => (Allow) C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe => No File
FirewallRules: [{9D5D1326-2501-4737-A227-B45000C28306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{93196420-73E1-4BB0-B918-F34473E4212E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [TCP Query User{6DCE25FE-F16B-4E7F-806F-681276D2EA49}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{0782DBAF-EC52-4CC8-BF59-86C99880697A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{A34BB810-CFCF-4B67-9DFF-4B8A82A34781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [{8C147BF9-C8FF-4B4D-A978-057432ACFD6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [{011BB6EE-86D2-4DC3-A6DD-B430648F3EB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEAB3530-B7D1-4563-A48F-5CD7AEDD0E8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D34C099C-876A-4151-948F-DFA8F634E5B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6549724C-C0C0-4AB3-92DC-FA4B9B5DBD10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8EDDA714-4307-404C-8795-E4D6F89A68CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{74B5CF4D-B739-4736-9FF3-81894025CAD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{06222349-003B-4817-B899-FAEBAA66B773}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{483366F0-04CD-43A9-B979-D708B51568BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B6BCF6C-3DFE-40A9-89A6-546E1BB8A19B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B22A88DF-5142-4168-A908-AE3D89BB4A70}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.222.982.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0784EC40-ABFE-466C-A0CA-4BC2AE58DF95}] => (Allow) C:\Program Files\UrbanVPN\bin\urbanvpn.exe (Urban Cyber Security Inc. -> Urban Cyber Security Inc.)
FirewallRules: [{D3E79C2C-A80B-4146-BD72-25F247A91EAD}] => (Allow) C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2149E9FF-07C1-45D0-B421-A20A467C68D9}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{9E2D5CFD-0C58-497F-B719-D181898B1A87}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{642439A9-91C7-4A93-8CFB-6A41FE31588C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0E8F90D-25C3-4EFA-B4ED-993DAFA4CD83}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB129FC2-A4EB-4B94-A331-7C99090A341B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{73A93320-5516-453F-9055-68A05024F54F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBE8602B-6C40-4E2C-ADB3-CE43AD4B9E6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{0EA7F23A-9263-4788-9EA9-0EE50B91AC25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{7BCB1AAA-4B40-45FB-B7DB-67E64763697F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

19-10-2023 10:27:14 Scheduled Checkpoint
22-10-2023 15:52:04 Removed Python Launcher
24-10-2023 07:41:14 ZHPcleaner

==================== Faulty Device Manager Devices ============

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (10/24/2023 05:31:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/24/2023 05:31:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/23/2023 07:16:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.19041.3570, time stamp: 0x4f5c0207
Exception code: 0xc0000005
Fault offset: 0x00313a68
Faulting process id: 0x1d48
Faulting application start time: 0x01da05fe91970eaf
Faulting application path: C:\Users\Jack\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\Windows\SYSTEM32\WININET.dll
Report Id: 4c29c216-0b1a-4559-960a-cc93a586124a
Faulting package full name:
Faulting package-relative application ID:

Error: (10/23/2023 07:15:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: ntdll.dll, version: 10.0.19041.3570, time stamp: 0xf0fc3229
Exception code: 0xc0000409
Fault offset: 0x000cd5ed
Faulting process id: 0x3a38
Faulting application start time: 0x01da05fe55496558
Faulting application path: C:\Users\Jack\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 735d538c-a33c-474a-814a-9fd04133c73a
Faulting package full name:
Faulting package-relative application ID:

Error: (10/23/2023 07:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.19041.3570, time stamp: 0x4f5c0207
Exception code: 0xc0000005
Fault offset: 0x00313a68
Faulting process id: 0x269c
Faulting application start time: 0x01da05fe477c45f0
Faulting application path: C:\Users\Jack\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\Windows\SYSTEM32\WININET.dll
Report Id: f457b08d-bfb1-415f-ab58-138810f8b97e
Faulting package full name:
Faulting package-relative application ID:

Error: (10/23/2023 04:29:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/22/2023 09:32:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: updatechecker.exe, version: 0.0.0.0, time stamp: 0x5e4c6e6e
Faulting module name: Qt5Core.dll, version: 5.6.3.0, time stamp: 0x59ba22ce
Exception code: 0xc0000005
Fault offset: 0x00000000001b3093
Faulting process id: 0x23f4
Faulting application start time: 0x01da051e15cba1ec
Faulting application path: C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
Faulting module path: C:\Program Files\MiniTool Partition Wizard 12\Qt5Core.dll
Report Id: 24edf2ae-76b7-442d-91bb-34f24030f367
Faulting package full name:
Faulting package-relative application ID:

Error: (10/22/2023 04:29:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

System errors:
=============
Error: (10/24/2023 07:20:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/24/2023 07:20:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/24/2023 07:20:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management Engine WMI Provider Registration service terminated unexpectedly. It has done this 1 time(s).

Error: (10/24/2023 07:20:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The UrbanVPNServiceInteractive service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (10/24/2023 07:20:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (10/24/2023 06:00:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Error: (10/24/2023 06:00:53 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jack\AppData\Local\Temp\ehdrv.sys

Error: (10/24/2023 06:00:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading

Windows Defender:
================
Date: 2023-10-21 13:46:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-10-21 12:53:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-10-21 12:04:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-10-20 18:11:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-10-20 18:06:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-07-02 12:15:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.391.3322.0
Previous security intelligence Version: 1.391.3144.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.23050.3
Previous Engine Version: 1.1.23050.3
Error code: 0x80004004
Error description: Operation aborted

Date: 2023-07-02 12:15:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.391.3322.0
Previous security intelligence Version: 1.391.3144.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.23050.3
Previous Engine Version: 1.1.23050.3
Error code: 0x80004004
Error description: Operation aborted

CodeIntegrity:
===============
Date: 2023-09-23 09:23:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-07-03 14:05:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvpcf.inf_amd64_6f89430b247466bc\nvpcf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-07-03 14:05:05
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhda.inf_amd64_590fd0c3fa373577\nvhda64v.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-07-03 14:05:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_26255692c8b1c6b6\e1dmsg.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-07-03 14:05:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\JHI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-07-03 14:04:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\JHI64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2811 05/27/2020
Motherboard: ASUSTeK COMPUTER INC. TUF H310M-PLUS GAMING/BR
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 57%
Total physical RAM: 8104.5 MB
Available physical RAM: 3475.28 MB
Total Virtual: 13992.5 MB
Available Virtual: 7262.01 MB

==================== Drives ================================

Drive () (Fixed) (Total:1862.51 GB) (Free:1557.84 GB) (Model: Samsung SSD 870 QVO 2TB) NTFS
Drive d: (New Volume) (Fixed) (Total:3726.01 GB) (Free:1158.88 GB) (Model: ST4000DM004-2U9104) NTFS

\\?\Volume{2873ea28-bc21-40fd-ab13-3355c360e576}\ () (Fixed) (Total:0.5 GB) (Free:0.47 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0274D4E9)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

AdwCleaner[C00].txt ZHPCleaner (S).txt FRST.txt Addition.txt

Lusitano · 25 de outubro de 2023

Olá,

Execução FRST:

Clique direito do mouse no icone do FRST e selecione executar como administrador
Selecione TODO o conteúdo da caixa abaixo e pressione ao mesmo tempo as teclas Ctrl + C, para que tudo seja copiado. Não é necessário colar a informação. A ferramenta FRST fará isso automaticamente.

Citação

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-03-07] (Adobe Inc. -> )
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBox] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBox.exe" AutoRun (No File)
HKU\S-1-5-21-3678229789-2673764803-1741663152-1001\...\Run: [TeraBoxWeb] => "C:\Users\Jack\AppData\Roaming\TeraBox\TeraBoxWebService.exe" (No File)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.120\elevation_service.exe" [X]
S3 TeraBoxUtility; C:\Users\Jack\AppData\Roaming\TeraBox\YunUtilityService.exe [X]
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Jack\AppData\Roaming\TeraBox\YunShellExt64.dll -> No File
FirewallRules: [{1FFBA933-E1F1-46CE-902A-A4814200BD8D}] => (Allow) C:\Users\Jack\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4F232D7C-FB30-4E04-A864-836F4CDAC6C8}] => (Allow) C:\Users\Jack\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{C3404438-822F-4F39-A847-2A0B01B48DA9}] => (Allow) C:\Users\Jack\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{CCFB33EA-3E53-4681-8380-DB156EC3276D}] => (Allow) C:\Users\Jack\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{1F9CAFE3-DFDE-484E-AAD7-50D0AD9A7C5B}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9C146E05-FA94-49DA-BA2F-7BEBE02A63E0}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{36CEB017-9BEA-4B99-8A5D-FAF5A3766C94}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [UDP Query User{2805D9FB-C729-4B1C-A8ED-385C244B68F9}C:\users\jack\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\jack\appdata\roaming\terabox\teraboxrender.exe => No File
FirewallRules: [TCP Query User{81605925-0AC5-492B-8F34-D456CD4DB88B}C:\users\jack\appdata\roaming\terabox\teraboxhost.exe] => (Block) C:\users\jack\appdata\roaming\terabox\teraboxhost.exe => No File
FirewallRules: [UDP Query User{8BA57D72-942B-4B7E-9D56-D430DBA19221}C:\users\jack\appdata\roaming\terabox\teraboxhost.exe] => (Block) C:\users\jack\appdata\roaming\terabox\teraboxhost.exe => No File
FirewallRules: [TCP Query User{C1A1D065-3B5E-49DE-A24D-ED5A45E9A9D6}C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe] => (Block) C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe => No File
FirewallRules: [UDP Query User{F8F5B64F-A5D2-4813-B0DE-54F6BF30DA5A}C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe] => (Block) C:\program files (x86)\iometer.org\iometer 1.1\iometer.exe => No File
FirewallRules: [TCP Query User{C86BBEFE-7F4B-4481-80FD-81305427AD8E}C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe] => (Allow) C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe => No File
FirewallRules: [UDP Query User{2DACBFC7-5646-47CA-AD0C-0ECC23EA76BD}C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe] => (Allow) C:\program files (x86)\iometer.org\iometer 1.1\dynamo.exe => No File
FirewallRules: [TCP Query User{6DCE25FE-F16B-4E7F-806F-681276D2EA49}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{0782DBAF-EC52-4CC8-BF59-86C99880697A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File

StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
"AutoReboot"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Update\AU]
"NoAutoUpdate"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableLUA"=dword:00000001

EndRegedit:

StartBatch:
pushd\windows\system32
bcdedit.exe /export C:\exportBCDfile
bcdedit.exe /set {default} recoveryenabled yes
bcdedit /enum
DISM.exe /Online /Cleanup-image /Restorehealth
sfc /scannow
Endbatch:

StartBatch:
SETLOCAL ENABLEEXTENSIONS
echo userprofile=%USERPROFILE%
if not defined userprofile echo no userprofile&goto :eof
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.dl*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.ex*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.zi*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.sy*"
del /f /q "%userprofile%\AppData\Roaming\{*.*"
rd /s /q "%userprofile%\AppData\Roaming\discord\Cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\code cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache"
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
del /f /q "%userprofile%\AppData\Local\*-gui"
del /f /q "%userprofile%\AppData\Roaming\*-gui"
:eof
EndBatch:

startpowershell:
Write-Output "PowerShell run 1"

Set-Service -Name "BITS" -StartupType Manual -Verbose
Set-Service -Name "Dhcp" -StartupType Automatic -Verbose
Set-Service -Name "EventLog" -StartupType Automatic -Verbose
Set-Service -Name "EventSystem" -StartupType Automatic -Verbose
Set-Service -Name "nsi" -StartupType Automatic -Verbose
Set-Service -Name "RasMan" -StartupType Manual -Verbose
Set-Service -Name "SDRSVC" -StartupType Manual -Verbose
Set-Service -Name "SstpSvc" -StartupType Manual -Verbose
Set-Service -Name "TrustedInstaller" -StartupType Manual -Verbose
Set-Service -Name "VSS" -StartupType Manual -Verbose
Set-Service -Name "Winmgmt" -StartupType Automatic -Verbose
Set-Service -Name "wuauserv" -StartupType Manual -Verbose
Set-Service -Name "windefend" -StartupType Automatic -Verbose
Set-Service -Name "securityhealthservice" -StartupType Manual -Verbose
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 1
Endpowershell:

StartBatch:
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start winmgmt
net start msiserver
net start bfe
net start trustedinstaller
net start windefend
net start mpssvc
net start mpsdrv
Winmgmt /salvagerepository
Winmgmt /resetrepository
Winmgmt /resyncperf
Endbatch:

startpowershell:
Write-Output "PowerShell run 2"

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -force
# Check computer status again after setting to make sure changes were applied
Get-MpComputerStatus
Get-MpPreference
Get-MpThreatDetection
# get statuses of services
Get-Service 'Terminal Server' | Select-Object -Property Name, StartType, Status
Get-Service BITS | Select-Object -Property Name, StartType, Status
Get-Service Dhcp | Select-Object -Property Name, StartType, Status
Get-Service EventLog | Select-Object -Property Name, StartType, Status
Get-Service EventSystem | Select-Object -Property Name, StartType, Status
Get-Service mbamservice | Select-Object -Property Name, StartType, Status
Get-Service mpsdrv | Select-Object -Property Name, StartType, Status
Get-Service MpsSvc | Select-Object -Property Name, StartType, Status
Get-Service msiserver | Select-Object -Property Name, StartType, Status
Get-Service nsi | Select-Object -Property Name, StartType, Status
Get-Service RasMan | Select-Object -Property Name, StartType, Status
Get-Service rpcss | Select-Object -Property Name, StartType, Status
Get-Service SDRSVC | Select-Object -Property Name, StartType, Status
Get-Service sense | Select-Object -Property Name, StartType, Status
Get-Service securityhealthservice | Select-Object -Property Name, StartType, Status
Get-Service SstpSvc | Select-Object -Property Name, StartType, Status
Get-Service TrustedInstaller | Select-Object -Property Name, StartType, Status
Get-Service UsoSvc | Select-Object -Property Name, StartType, Status
Get-Service VSS | Select-Object -Property Name, StartType, Status
Get-Service wdnissvc | Select-Object -Property Name, StartType, Status
Get-Service windefend | Select-Object -Property Name, StartType, Status
Get-Service Winmgmt | Select-Object -Property Name, StartType, Status
Get-Service wscsvc | Select-Object -Property Name, StartType, Status
Get-Service wuauserv | Select-Object -Property Name, StartType, Status
New-NetFirewallRule -DisplayName "Block Inb" -Direction Inbound –LocalPort 135-139, 445, 1234, 3389, 5555 -Protocol tcp -Action Block
New-NetFirewallRule -DisplayName "Block Inb" -Direction Inbound –LocalPort 135-139, 445, 1234, 3389, 5555 -Protocol udp -Action Block
wevtutil el | Foreach-Object {Write-Host "Clearing $_"; wevtutil cl "$_"}
Get-CimInstance SoftwareLicensingProduct -Filter "Name like 'Windows%'" | where { $_.PartialProductKey } | select Description, LicenseStatus
EndPowerShell:

startbatch:
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\Js\*.*"
del /s /q "%userprofile%\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\*.*"
del /s /q "%userprofile%\AppData\Local\Temp\*.exe"
del /s /q "%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\uwj5v52h.default\cache2\*.*"
del /s /q "%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\9drvj32f.default-release\cache2\*.*"
endbatch:
cmd: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled
exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions
exportkey: hkcu\software\classes\ms-settings\shell\open\command
exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Update\AU
exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
exportkey: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager

C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\system32\drivers\*.tmp
C:\WINDOWS\syswow64\*.tmp
cmd: "%WINDIR%\SYSTEM32\lodctr.exe" /R
cmd: "%WINDIR%\SysWOW64\lodctr.exe" /R
cmd: "C:\Windows\SysWOW64\lodctr.exe" /R
cmd: "C:\Windows\SYSTEM32\lodctr.exe" /R

Removeproxy:

cmd: fltmc instances
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: ipconfig /flushdns
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: Bitsadmin /Reset /Allusers

Empytemp:
End::

Clique em Corrigir.
Quando a ferramenta terminar, irá gerar um arquivo com o nome Fixlog.txt. Anexe na sua próxima resposta e por gentileza me informe se tem notado mais esse sintoma relatado anteriormente.
Nota: Um dos comandos acima, irá remover cookies e com isso pode resultar em dificuldades em aceder a algumas páginas web (nomeadamente bancos) e poderá ser necessário reaplicar o código verificação da própria instituição. Os procedimentos acima poderão ser demorados. Por gentileza seja paciente e aguarde. Serão removidos os arquivos temporários.

cometa8899 · 25 de outubro de 2023

Olá descobri que o ip estranho era da valve corporation uma empresa de games então foi coisa da minha cabeça mesmo, porém o antivírus eset fechando foi estranho não sei se foi problema do programa ou se realmente foi alguém, depois no outro dia consegui abri o anti-virus porém agora não consigo desinstala-lo pois não aparece em remover programas. mais não notei nada estranho depois disso.

segue o log Fixlog

Fixlog.txt

Lusitano · 25 de outubro de 2023

6 horas atrás, cometa8899 disse:

porém agora não consigo desinstala-lo pois não aparece em remover programas

Como nada é instalado, o programa não aparece. Para remove-lo bastará apagar a pasta que no seu caso:

C:\Users\Jack\AppData\Local\ESET

cometa8899 · 26 de outubro de 2023

quando estava rodando o FRST pela primeira vez ele perguntou se eu tinha instalado servidor isso e normal ? e mostro 2 ip servers!

Lusitano · 31 de outubro de 2023

Seu Sistema é pro. Em todo o caso você está livre de malwares.

Ainda nota comportamento estranho no pc?

cometa8899 · 1 de novembro de 2023

não estou notando nada alem de vez em quando abrir algumas janelas (raramente) de command prompt do nada e fechar rapidamente.

cometa8899 · 1 de novembro de 2023

meu windows não esta ativado, não tem lisenca mais não e pirata eu so não ativei!

Lusitano · 2 de novembro de 2023

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.