Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019 Ran by Simi (26-12-2019 20:04:30) Running from C:\Users\Simi\Desktop Windows 10 Home Version 1903 18362.388 (X64) (2019-06-24 20:07:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-739093134-1882289950-3713944110-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-739093134-1882289950-3713944110-503 - Limited - Disabled) Guest (S-1-5-21-739093134-1882289950-3713944110-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-739093134-1882289950-3713944110-1005 - Limited - Enabled) Simi (S-1-5-21-739093134-1882289950-3713944110-1003 - Administrator - Enabled) => C:\Users\Simi WDAGUtilityAccount (S-1-5-21-739093134-1882289950-3713944110-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4K Video Downloader 4.4 (HKLM-x32\...\{E8B9BE4F-E978-4EAF-B093-373A012F5103}) (Version: 4.4.1.2245 - Open Media LLC) Adobe (HKLM\...\{C547A830-37D1-4594-ACA7-B4793741DAD0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe) Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated) AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.12.3 - Advanced Micro Devices, Inc.) Ancestors The Humankind Odyssey (HKLM-x32\...\Ancestors The Humankind Odyssey_is1) (Version: - ) Animate (HKLM\...\{F0857D72-1EA4-4296-ABB3-A92E70528206}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden APP Shop v1.0.31 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.31 - ASRock Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.) Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.) Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.9.0.0 - Canon Inc.) Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.8.0.0 - Canon Inc.) CC Magic (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\CC Magic) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.11.552 - Corel corporation) Hidden CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - IPM T (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation) CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.) CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.) Discord (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Discord) (Version: 0.0.305 - Discord Inc.) EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd) Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 12.2.30.0 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes) League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft OneDrive (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft Story Mode Episode 8 (HKLM-x32\...\Minecraft Story Mode Episode 8_is1) (Version: - ) NBTExplorer (HKLM-x32\...\{DC1E9E1A-86BE-491B-8DF9-A86045902F48}) (Version: 2.8.0.0 - Justin Aquadro) NewBlue plug-ins bundle patch build 121206 (HKLM-x32\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team) Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.) PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SPORE™ Collection (HKLM-x32\...\1948823323_is1) (Version: 2.0.0.5 - GOG.com) Spotify (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB) Starbound (HKLM-x32\...\1452598881_is1) (Version: 1.3.3 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Subtitle Edit 3.5.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.9.0 - Nikse) The Elder Scrolls V Skyrim - Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Special Edition_is1) (Version: - ) The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.0.0 - Electronic Arts) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.) The Sims™ 3 Ambitions (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.) The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.) The Sims™ 3 Island Paradise (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Island Paradise) (Version: 1.0.0.0 - Electronic Arts Inc.) The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.) The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts) The Sims™ 3 Supernatural (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Supernatural) (Version: 1.0.0.0 - Electronic Arts Inc.) The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.59.73.1020 - Electronic Arts Inc.) The Walking Dead (HKLM-x32\...\The Walking Dead_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) The Walking Dead A New Frontier Episode 5 (HKLM-x32\...\The Walking Dead A New Frontier Episode 5_is1) (Version: - ) The Walking Dead Season 2 (HKLM-x32\...\The Walking Dead Season 2_is1) (Version: - ) The Walking Dead The Final Season Episode 4 (HKLM-x32\...\The Walking Dead The Final Season Episode 4_is1) (Version: - ) Topaz Clean 3 (64-bit) (HKLM\...\{FA85C599-2569-4C48-9AA6-2B8D8F029FA7}) (Version: 3.0.2 - Topaz Labs) Hidden Topaz Clean 3 (64-bit) (HKLM-x32\...\Topaz Clean 3 (64-bit)) (Version: 3.0.2 - Topaz Labs) Topaz Clean 3 (HKLM-x32\...\{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}) (Version: 3.0.2 - Topaz Labs) Hidden Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH) Twitch (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) ViGEm Bus Driver (HKLM\...\{869109FC-8D5A-46D0-B619-47D7E4173D93}) (Version: 1.16.115 - Nefarius Software Solutions e.U.) voBrowserPluginHelper (HKLM-x32\...\{48DD7952-08CD-46F8-B16C-7E12ABB6F3C3}) (Version: 3.28.0.10679 - VisualOn Inc.) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.25-5 - Wacom Technology Corp.) Warframe (HKLM-x32\...\{69C430B7-8B9B-42F6-A578-7B7E12D287D4}) (Version: 1.0.0 - Digital Extremes) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-23] (HP Inc.) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-14] (INTEL CORP) Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-31] (Keeper Security Inc) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-09-28] (Netflix, Inc.) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-09-06] (Plex) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.21991.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-739093134-1882289950-3713944110-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-93B301549807} -> [Creative Cloud Files] => C:\Users\Simi\Creative Cloud Files [2019-02-14 22:33] CustomCLSID: HKU\S-1-5-21-739093134-1882289950-3713944110-1003_Classes\CLSID\{297D63E6-3E31-4291-8F9C-D2041919ACD0} -> [MEGA] => C:\Users\Simi\Documents\MEGA0 ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> ) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> ) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2017-09-14 22:59 - 2017-09-14 22:58 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2019-04-22 11:54 - 2016-03-07 17:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2019-04-22 11:54 - 2004-10-05 02:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-12-16 13:31 - 2019-12-16 13:31 - 001516544 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2017-09-14 23:00 - 2017-09-14 22:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.25\ASACPI.DLL 2019-04-22 11:54 - 2008-11-25 16:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2019-12-16 13:39 - 2019-12-16 13:39 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-12-05 02:48 - 2019-12-05 02:48 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2019-12-05 02:49 - 2019-12-05 02:49 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-10 20:13 - 2018-04-10 20:13 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-739093134-1882289950-3713944110-1003\Control Panel\Desktop\\Wallpaper -> D:\Simi\Downloads\921110.jpg DNS Servers: 192.168.1.1 - 195.146.128.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "RazerCortex" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "5KPlayer" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{645C175D-A209-4C19-AE15-AB40F93F6A8D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{70B0A13A-DC67-44B9-B3D3-E3E4E918A38D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{88EF4C0B-9C03-474E-BE3E-7840CC4BFF6B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{CDAA9FDF-D481-46D9-B07B-F103FF273151}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) FirewallRules: [{10AAFC83-DC4C-4D46-B717-7089DC7D2D7F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{60948A28-F1B4-4C41-952A-57B253789815}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{9DBCE6AE-3747-4D85-BE14-3B473956FE47}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{53FC3AEF-A62A-4CF9-A97D-115167C269C1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) FirewallRules: [{05AADF66-23BD-455D-91F6-B4A946D5367F}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed] FirewallRules: [{021524D6-E714-4D2B-B569-430F08153CF3}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed] FirewallRules: [{FF1AB3DF-6FAE-4CD8-8A7B-C638CE400352}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed] FirewallRules: [{826F157B-7543-4586-9247-2484188790A8}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed] FirewallRules: [{74C6AFC4-3403-401B-91B5-F761756BB521}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{35AF99AA-B77B-403D-B042-AC570F6D002A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [TCP Query User{9C9D1EAC-439A-4125-B4D4-5DB1282C9FAD}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{E2DDFE72-F985-4B04-A453-C593FD6AF80E}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{E13A845F-92A8-4FEF-A8F1-6D18BEC9AEBF}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{9268D28A-D46C-4DB5-B419-499EA8EFB171}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{692540EA-371A-4A22-B5C7-42CE8BBE8959}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6EF34FE5-0348-4A4D-B285-3A54CC286BD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{7E67B0BE-6A64-4592-8FE1-6E18000718DE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> ) FirewallRules: [{8C6C3DE9-B432-498E-92DC-14C12A7D74D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> ) FirewallRules: [{D81980E8-64E7-4685-8E77-09BE5B4A08A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> ) FirewallRules: [{274B44E2-2F85-43C1-97F5-FB498AAED8A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> ) FirewallRules: [{40551E0D-6DC2-470B-B078-46B8DDF77628}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{74CCF79C-DD9F-4D1B-AF36-7EBE964F4EF2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{931CADEF-E906-4DA3-B226-54ED77C65266}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{6A027EA1-85FB-4D80-A02F-9F9BEEDF2D4B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{35B75989-AF0B-4B08-BA84-FFA071E5D6C9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{F77DC591-630E-4747-8479-14F9801745ED}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{C5EADF2A-0105-4257-B5B4-2157B8677974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed] FirewallRules: [{1D4A92F6-9BED-4D20-B218-6DAF76F111D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed] FirewallRules: [{4B3F351F-0655-4062-A579-4169AF12D579}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{C2C61312-5B63-4ACB-8C91-419FE10B5ADB}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{1FCB382F-FB0C-462C-BBEC-8F3D6F2BD464}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{8BC8C39B-101E-4F3F-9830-8AAFCF75F8F3}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{4A0D7DA0-BD18-4BD9-86A9-6BD2D0165E9B}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{80BD3596-D2DE-4774-A15C-F1C24DE482EF}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.) FirewallRules: [{58C31899-9706-4794-B162-4AFFFCCC3551}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{17DE5642-ABD3-4219-8081-8B2C0B90AF0C}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{D9128391-2455-4730-AA9D-2BC4BA32B34C}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{28ACF2BE-EE92-4F11-9484-DAAFBE68575B}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{FC2F054B-991C-40E2-8512-A1404F5D693A}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{DAA6CF03-9498-4650-B099-A61C7F63D41A}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{E255C494-B28F-4CA4-8DFE-9C114616EA0D}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{03BCFC8A-8F47-4EDE-986C-DA02565FA07E}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{18436ABA-954E-4DDB-8E80-5164EAC763FA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios) FirewallRules: [{FDBE93AE-C1A5-412C-B65A-0F0878999FE1}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios) FirewallRules: [TCP Query User{EAA8ACE4-6BE1-480E-A346-A052A498DEA5}D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> ) FirewallRules: [UDP Query User{D37E526D-0CEB-4675-9632-11994748566C}D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> ) FirewallRules: [{13DB6364-A958-4634-A124-DCC47F14640F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D959DC53-F79E-4CEA-89F6-AB82746A3BC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed] FirewallRules: [{B6E53CC8-FBBE-4D40-8B6C-EDB4E266D815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed] FirewallRules: [{1ACB2668-88C1-441D-BC9E-C6764CF40359}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{C827361B-5B14-4B05-9A7C-9759CA9AEAEB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{E7B1A947-B151-45E8-8869-9FA2ED121976}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{134AF4BB-DFE5-4463-A2B6-9FD35D16EAF8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) ==================== Restore Points ========================= 25-12-2019 12:58:21 AMDCleanupUtility Restore Point ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (12/26/2019 07:59:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OriginWebHelperService.exe, version: 10.5.57.35162, time stamp: 0x5df243e3 Faulting module name: OriginWebHelperService.exe, version: 10.5.57.35162, time stamp: 0x5df243e3 Exception code: 0xc0000005 Fault offset: 0x00099d50 Faulting process id: 0x17f8 Faulting application start time: 0x01d5bc1e877661d1 Faulting application path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Faulting module path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe Report Id: 54b22cb4-7101-403d-96aa-b0b9a934c034 Faulting package full name: Faulting package-relative application ID: Error: (12/26/2019 07:59:03 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest. Error: (12/26/2019 07:59:01 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest. System errors: ============= Error: (12/26/2019 07:59:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s). Error: (12/26/2019 07:58:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AODDriver4.3 service failed to start due to the following error: The system cannot find the path specified. ==================== Memory info =========================== BIOS: American Megatrends Inc. F3 12/07/2016 Motherboard: Gigabyte Technology Co., Ltd. B250-HD3P-CF Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz Percentage of memory in use: 24% Total physical RAM: 16297.34 MB Available physical RAM: 12226.6 MB Total Virtual: 19625.34 MB Available Virtual: 13545.25 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.58 GB) (Free:57.48 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.05 GB) (Free:412.64 GB) NTFS \\?\Volume{5cbd9ebd-0000-0000-0010-000000000000}\ (Vyhradené systémom) (Fixed) (Total:0.07 GB) (Free:0.04 GB) NTFS \\?\Volume{5cbd9ebd-0000-0000-0000-d0a96f000000}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS \\?\Volume{d3fa92c6-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.44 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 5CBD9EBD) Partition 1: (Active) - (Size=74 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=488 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D3FA92C6) Partition 1: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=469 MB) - (Type=27) ==================== End of Addition.txt =======================