Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2020 Ran by mewtw_000 (09-12-2020 18:36:55) Running from C:\Users\mewtw_000\Desktop Windows 10 Home Version 20H2 19042.630 (X64) (2020-07-17 12:07:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3857839104-3952859072-2417217460-500 - Administrator - Disabled) alex (S-1-5-21-3857839104-3952859072-2417217460-1006 - Administrator - Enabled) => C:\Users\alex DefaultAccount (S-1-5-21-3857839104-3952859072-2417217460-503 - Limited - Disabled) Guest (S-1-5-21-3857839104-3952859072-2417217460-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3857839104-3952859072-2417217460-1003 - Limited - Enabled) mario (S-1-5-21-3857839104-3952859072-2417217460-1001 - Administrator - Enabled) => C:\Users\mario mewtw_000 (S-1-5-21-3857839104-3952859072-2417217460-1004 - Administrator - Enabled) => C:\Users\mewtw_000 veronica (S-1-5-21-3857839104-3952859072-2417217460-1005 - Administrator - Enabled) => C:\Users\veronica WDAGUtilityAccount (S-1-5-21-3857839104-3952859072-2417217460-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.) 12noon Display Changer (HKLM-x32\...\12noon Display Changer) (Version: 4.3.2.0 - 12noon) 7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Action Replay PowerSaves 3DS version 1.55 (HKLM-x32\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.55 - Datel Design & Development) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden AIM 7 (HKLM-x32\...\AIM_7) (Version: - ) AIM for Windows (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\AIM) (Version: - AOL Inc.) Amazon Music (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC) Amazon Music Importer (HKLM-x32\...\{3BAF1C25-33AA-AB09-0D89-1BAB227E5FB8}) (Version: 3.1.0 - Amazon Services LLC) Hidden Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.3.1 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Application Verifier x64 External Package (HKLM\...\{7346C35D-942D-3CCE-94CB-7008BA8D63CB}) (Version: 8.59.29722 - Microsoft) Hidden ArcSoft ShowBiz DVD 2 (HKLM-x32\...\{C7C5B767-9BA4-4296-82AA-1A3BFFA76CD1}) (Version: - ArcSoft) ArtMoney SE v7.43 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab) ASRock 3TB+ Unlocker v1.1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version: 1.1.1 - ASRock Inc.) ASRock eXtreme Tuner v0.1.425 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock RapidStart v1.0.7 (HKLM\...\ASRock RapidStart_is1) (Version: - ASRock Inc.) ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - ) ASRock SmartConnect v1.0.7 (HKLM\...\ASRock SmartConnect_is1) (Version: 1.0.7 - ASRock Inc.) Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team) AutoeDeaiLsApp (HKLM-x32\...\{B0EC0808-6922-8705-C255-F9C79C315BD5}) (Version: - ) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks) Black Chocobo (HKLM-x32\...\Black_Chocobo) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) Cheat Engine 6.8.3 (HKLM\...\Cheat Engine 6.8.3_is1) (Version: - Cheat Engine) Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine) Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) Citra (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\{2df19231-31f6-44fe-9615-88a38574fe73}) (Version: 1.0.0 - Citra Team) Citrix Online Launcher (HKLM-x32\...\{75FCE33E-4E0C-4CE1-ADF0-75F258DF27A0}) (Version: 1.0.445 - Citrix) CLIP STUDIO 1.6.2 (HKLM-x32\...\{D10EA45D-4594-4405-90C6-9E9ADD1192CA}) (Version: 1.6.2 - CELSYS) CLIP STUDIO PAINT 1.6.2 (HKLM-x32\...\{88B5A062-DDA1-4F62-A4DD-95D0C4F19979}) (Version: 1.6.2 - CELSYS) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes) CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.) Creation Kit: Fallout 4 (HKLM-x32\...\Creation Kit: Fallout 4) (Version: - Bethesda Softworks) Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0455 - Disc Soft Ltd) DC Universe Online Live (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment) devkitProUpdater 1.6.0 (HKLM-x32\...\devkitProUpdater) (Version: 1.6.0 - devkitPro) DiscAuthor (HKLM-x32\...\{D6CC65B0-B06E-41D5-83FA-25C29D73A2FF}) (Version: 9.3.00 - Sony Corporation) Hidden DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 2.0 - Nero AG) Hidden Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team) Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) DXGL 0.5.10 (HKLM-x32\...\DXGL) (Version: 0.5.10 - William Feely) Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Everything 1.5 (HKLM-x32\...\Everything 1.5) (Version: - ) Fallout 3 - The Garden of Eden Creation Kit (HKLM-x32\...\{B343B0E3-212A-40B9-8207-1BD299228F5D}) (Version: 1.00.0000 - Bethesda Softworks) Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip) FF7 XBox 360 Controller Fix (Steam) 2.1 (HKLM-x32\...\{4FAA5121-ABE1-46AA-B5E7-31584FA33795}_is1) (Version: 2.1 - Johnny "ThunderPeel2001" Walker) FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse) Firestorm SecondLife and OpenSim viewer (HKLM\...\{D033BB2F-B227-4577-848F-E9D82D9BFF8A}) (Version: 4.7.50527 - The Phoenix Firestorm Project, Inc.) Hidden Firestorm-Releasex64 (HKLM\...\Firestorm-Releasex64) (Version: 6.3.9.58205 - The Phoenix Firestorm Project, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Google Video Support Plugin (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.) GoToMeeting 8.9.0.7454 (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\GoToMeeting) (Version: 8.9.0.7454 - LogMeIn, Inc.) gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) HackingToolkit3DS version 9 (HKLM-x32\...\{DFCCDD37-4B7E-4E7D-ABAC-06AA7C1DEFB5}_is1) (Version: 9 - Asia81) HackingToolkit9DS version 12 (HKLM-x32\...\{2BB35841-AB00-4127-8CBC-B23599BA8426}_is1) (Version: 12 - Asia81) HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.) iFreeUp 1.0 (HKLM-x32\...\iFreeUp_is1) (Version: 1.0.11 - IObit) ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Internet Explorer 11 (HKLM-x32\...\{66732EEE-ECBC-4CA6-A474-1122}_is1) (Version: - Microsoft Corporation) iTunes (HKLM\...\{79951B67-3DC8-45DF-A516-86F89DA95924}) (Version: 12.11.0.26 - Apple Inc.) Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) join.me (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\JoinMe) (Version: 3.13.0.5479 - LogMeIn, Inc.) Keysticks (HKLM-x32\...\{0CA309CD-E575-4066-9DB5-EDCB331F32EF}) (Version: 1.9 - Keysticks.net) Kits Configuration Installer (HKLM-x32\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.) LOOT version 0.15.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.15.1 - LOOT Team) Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes) ManyCam 7.7.0 (HKLM-x32\...\ManyCam) (Version: 7.7.0 - Visicom Media Inc.) Mega Man 11 (HKLM-x32\...\Mega Man 11_is1) (Version: - ) Menu Templates - Starter Kit (HKLM-x32\...\{B78120A0-CF84-4366-A393-4D0A59BC546C}) (Version: 9.4.6.0 - Nero AG) Hidden MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden Microsoft .NET Core 2.2.4 - Windows Server Hosting (HKLM-x32\...\{5d8f7680-da6d-4a3f-9c64-e1898ce55d7f}) (Version: 2.2.4.0 - Microsoft Corporation) Microsoft .NET Core Runtime - 2.2.4 (x64) (HKLM-x32\...\{04f61b60-63e7-4d49-96bb-89a82825740d}) (Version: 2.2.4.27522 - Microsoft Corporation) Microsoft .NET Core Runtime - 2.2.4 (x86) (HKLM-x32\...\{a341d2db-9f15-411a-898b-588c52d4d894}) (Version: 2.2.4.27522 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (Partnernet) (HKLM-x32\...\{57672BEC-E777-4D4B-944A-719414E84D3F}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.61 - mIRC Co. Ltd.) Moguri Mod (HKLM\...\{E48FACAC-E924-48AD-B905-0E64871849DA}) (Version: 8.2.1.0 - Moguri Mod) Movie Templates - Starter Kit (HKLM-x32\...\{E498385E-1C51-459A-B45F-1721E37AA1A0}) (Version: 9.4.6.0 - Nero AG) Hidden Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.19 - MSI) Nero 9 Essentials (HKLM-x32\...\{f46131ff-cf2d-419c-8c13-60d9d513a3f7}) (Version: - Nero AG) New Vegas Enhanced Content Complete (HKLM-x32\...\NVEC Complete) (Version: - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.72.3 - Black Tree Gaming) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NVIDIA Graphics Driver 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.7.1001 - ooVoo LLC.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.7 (HKLM-x32\...\{A09D951F-4BA3-4383-97B3-D1B91835E779}) (Version: 4.17.9800 - Apache Software Foundation) Opera Stable 72.0.3815.400 (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Opera 72.0.3815.400) (Version: 72.0.3815.400 - Opera Software) PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation) PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.) Progress Telerik Fiddler (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Fiddler2) (Version: 5.0.20194.41348 - Progress Software EAD) Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - ) Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - ) Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation) qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project) QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.2.12.485 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games) RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software) RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain) RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain) Ruby 2.3.1-p112-x64 (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\{96A4CEEE-5ACC-4FB2-AAB6-8152D5AB0C9E}_is1) (Version: 2.3.1-p112 - RubyInstaller Team) SDK Debuggers (HKLM-x32\...\{E63A3353-003C-E4C2-230B-F155212D1479}) (Version: 8.59.29746 - Microsoft Corporation) Hidden SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.9.549455 - Linden Research, Inc.) SecondLifeViewer (HKLM-x32\...\SecondLifeViewer) (Version: 5.0.6.326593 - Linden Research, Inc.) Secret of Mana (HKLM-x32\...\Secret of Mana_is1) (Version: - ) Singularity (64 bit) Viewer (HKLM\...\Singularity) (Version: 1.8.9.8338 - Singularity Viewer Project) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype version 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.) SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group) Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.6.5 - IObit) SMB3 Randomizer version 1.1.2 (HKLM-x32\...\{B5EFC201-ECA6-4B7C-80F7-F7D1923D9E70}_is1) (Version: 1.1.2 - Fcoughlin) Sound Editor 2018 (HKLM-x32\...\Sound Editor 2018) (Version: 1.4.1 - TheVisitorX) Sound Editor 2019 (HKLM-x32\...\Sound Editor 2019) (Version: 1.1.0.1 - TheVisitorX) Spear of Destiny (HKLM-x32\...\1441705126_is1) (Version: 2.0.0.6 - GOG.com) Star Wars The Force Unleashed (HKLM-x32\...\Star Wars The Force Unleashed) (Version: 1.2 - Aspyr) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab Detection (HKLM-x32\...\{9A4082EA-66C8-405C-B772-3058DA0A94C9}) (Version: 6.1.4.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer) Telegram Desktop version 2.4.11 (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.4.11 - Telegram FZ-LLC) Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.4.9 - Tweaking.com) Ulead Straight-to-Disc SDK (HKLM-x32\...\{8D2C1E44-7685-4D05-8342-B0DC6422FA47}) (Version: 2.2 - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Updated Unofficial Fallout 3 Patch v2.1.0 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 2.1.0 - ) Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN) VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version: - ) Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic) Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WeMod (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\WeMod) (Version: 6.3.11 - WeMod) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation) Windows Driver Package - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7.0) (HKLM\...\5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB) (Version: 04/27/2014 3.0.7.0 - libusbK) Windows Driver Package - libusbK Tinfoil (04/27/2014 3.0.7.0) (HKLM\...\893999C0C528467FAAD39E11ECB171314FCF1113) (Version: 04/27/2014 3.0.7.0 - libusbK) Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation) WinImage (HKLM-x32\...\WinImage) (Version: - ) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Wolfenstein 3D (HKLM-x32\...\1441705046_is1) (Version: 2.0.0.4 - GOG.com) Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.) WPT Redistributables (HKLM-x32\...\{A5D42D71-4036-5F88-5085-657C9DF9F1DD}) (Version: 8.59.29750 - Microsoft) Hidden WPTx64 (HKLM-x32\...\{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}) (Version: 8.59.29722 - Microsoft) Hidden Wrestling MPire Remix (Career) (HKLM-x32\...\Wrestling MPire Remix (Career)) (Version: - MDickie) Wrestling MPire Remix (Management) (HKLM-x32\...\Wrestling MPire Remix (Management)) (Version: - MDickie) Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 307.2017.1223.2300 - Wrye & Wrye Bash Development Team) Wwise Launcher (HKLM-x32\...\{1FCD58E2-1D63-495C-A58D-AC1BB82F2799}) (Version: 18.6.27.800 - Audiokinetic Inc.) XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn) Xiph QuickTime Components (HKLM-x32\...\XiphQT) (Version: - ) Yahoo Messenger (HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\yahoomessenger) (Version: 0.8.266 - Yahoo! Inc) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Z2Randomizer (HKLM-x32\...\{64373BA0-1FAB-4479-907E-0D3F1483C608}) (Version: 3.13 - digshake) Z2Randomizer (HKLM-x32\...\{976E6A54-F17C-40C1-B28E-914CB117ADE5}) (Version: 2.27 - digshake) Zelda Classic 1.92 beta 183 (HKLM-x32\...\ZC192B183) (Version: - ) Zelda Randomizer version 3.1.7 (HKLM-x32\...\{EF6E3EAB-ADF6-4D70-A868-6631B14F2B9B}_is1) (Version: 3.1.7 - Fcoughlin) ZeldaShark version 1.1.0.0 (HKLM-x32\...\{1C15C046-F4E9-4A25-A543-4E1F03B4BCB1}_is1) (Version: 1.1.0.0 - AviSoft) Packages: ========= Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13] (eyeo GmbH) AE Spider Solitaire -> C:\Program Files\WindowsApps\AEMobile.AESpiderSolitaire_1.4.2.4583_x64__83q3e6twn0vfe [2018-06-16] (AE Mobile) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.6.181.0_x64__rz1tebttyb220 [2020-11-07] (Dolby Laboratories) Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2018-07-31] (Dolby Laboratories) iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.0.0.0_x64__a76a11dkgb644 [2020-12-02] (iHeartMedia.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-03] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad] MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-06-16] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-06-16] (Microsoft Corporation) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-26] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-06-16] (Microsoft Corporation) [MS Ad] Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-19] (Microsoft Corporation) TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad] Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2018-06-16] (Microsoft Corporation) [MS Ad] Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2011.9001.0_x64__8wekyb3d8bbwe [2020-11-12] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2018-06-16] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\mewtw_000\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\mewtw_000\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mewtw_000\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-09-24] (Nero AG -> Nero AG) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (Alexander Roshal) [File not signed] ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (Alexander Roshal) [File not signed] ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\mewtw_000\Desktop\Steam Games\Bionic Commando Rearmed.lnk -> C:\Program Files (x86)\R.G. Mechanics\Bionic Commando Rearmed\Launcher.bat () Shortcut: C:\Users\mewtw_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) ShortcutWithArgument: C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.1-p112-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat ==================== Loaded Modules (Whitelisted) ============= 2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll 2020-05-21 00:57 - 2020-05-21 01:00 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2020-05-21 01:00 - 2020-05-21 01:00 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2020-05-21 01:00 - 2020-05-21 01:00 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2020-12-09 11:58 - 2020-12-07 09:50 - 001113319 _____ () [File not signed] C:\Program Files (x86)\Steam\SDL2.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll 2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll 2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll 2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll 2020-12-01 12:06 - 2020-12-01 12:06 - 004577280 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\e2ec78df6c89f9730c204f45c430ba7a\DiscSoft.NET.Common.ni.dll 2020-12-01 12:07 - 2020-12-01 12:07 - 003112960 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\88a2c94c3aba2e53c9a11e98bb7580a8\DotNetCommon.ni.dll 2019-11-09 23:26 - 2019-09-05 11:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2020-12-07 16:25 - 2020-12-07 16:25 - 000069337 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\System\symsrv.dll 2020-05-20 16:46 - 2020-05-20 16:52 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2020-03-17 16:10 - 2020-03-17 16:10 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2019-07-18 11:11 - 2019-07-18 11:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-03-17 16:10 - 2020-03-17 16:10 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll 2020-12-09 11:58 - 2020-12-07 10:20 - 000466151 _____ (Valve Corporation) [File not signed] C:\Program Files (x86)\Steam\crashhandler.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131358385855436104&GUID=B756660F-FB80-489A-8C54-D7DABD75E8EC HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wwe.com/ SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> DefaultScope {485FB592-C44A-4977-9E09-D3FF6B9B106B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> {485FB592-C44A-4977-9E09-D3FF6B9B106B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> {5421EF7A-6AE6-4263-B615-F36B3F4E9684} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle SearchScopes: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> {5A77507A-83E5-4338-8F9B-6AE514405682} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-19] (Google Inc -> Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-19] (Google Inc -> Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-19] (Google Inc -> Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-19] (Google Inc -> Google Inc.) Toolbar: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-19] (Google Inc -> Google Inc.) Toolbar: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> AOL Messaging Toolbar - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll [2015-12-17] (AOL Inc. -> AOL Inc.) DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxps://qtinstall.apple.com/qtactivex/qtplugin.cab DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1444419421570 Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\100sexlinks.com -> 100sexlinks.com There are 4750 more sites. ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-05-25 15:50 - 2019-05-25 15:50 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2020-05-16 04:03 - 2020-05-16 04:04 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;c:\devkitPro\msys\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Kits\8.0\Windows Performance Toolkit;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\RogueKiller;C:\Python34;C:\devkitPro\devkitPPC\bin;C:\Program Files (x86)\Skype\Phone;C:\ProgramData\chocolatey\bin;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\mewtw_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: Disc Soft Pro Bus Service => 3 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: VIAKaraokeService => 2 HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "EKIJ5000StatusMonitor" HKLM\...\StartupApproved\Run32: => "Discord" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\StartupFolder: => "Mortal.Kombat.X.Goro.Character.Preorder.Bonus.DLC-BAT.lnk" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\StartupFolder: => "MK.X.U4.rar.lnk" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\StartupFolder: => "Mortal.Kombat.X.Proper-RELOADED.lnk" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\StartupFolder: => "Mortal.Kombat.X.Update.v20150418-RELOADED.lnk" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "GameCompanion" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "Amazon Music" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "join.me.launcher" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "Yahoo Messenger" HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\StartupApproved\Run: => "AIM for Windows" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0964796B-3EFD-4F1E-A40D-3E8547CC1DED}] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CB68AE25-7517-4677-9FAD-F306738E5751}] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AEEDF943-957F-47EC-A3B5-B71BD2FACFCA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{623EA453-25F3-4573-A867-67DFC2111354}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{A796D6BE-CDEC-4861-9767-788528CF18AB}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{E9C92382-BAEB-40C2-B2F4-D54AFBDD315E}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{FE67C040-CDD4-4D30-89A4-BF7D836E4BDA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{74B8C615-6BE5-4B49-88A2-87473325F5B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{568A748B-1C7C-4C99-A794-8C50CECD4610}] => (Allow) E:\SteamLibrary\steamapps\common\Mega Man X Legacy Collection\RXC1.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{0915FE0D-92DD-4A2A-B595-012D99B6C1C8}] => (Allow) E:\SteamLibrary\steamapps\common\Mega Man X Legacy Collection\RXC1.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{14749AEE-2405-460D-97DD-352F80290FBC}] => (Allow) E:\SteamLibrary\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe (Movegames Co.,Ltd. -> ⓒMove Games Co., Ltd. All Rights Reserved.) FirewallRules: [{C363C8A0-D178-4D62-9BBE-EAE0097ED661}] => (Allow) E:\SteamLibrary\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe (Movegames Co.,Ltd. -> ⓒMove Games Co., Ltd. All Rights Reserved.) FirewallRules: [{D21F61EF-316C-411E-BECC-2DF34E4D05CF}] => (Allow) E:\SteamLibrary\steamapps\common\Power Rangers Battle for the Grid\BattleForTheGrid.exe () [File not signed] FirewallRules: [{03664F36-7DC6-4E7C-AF41-C0EA5E904A54}] => (Allow) E:\SteamLibrary\steamapps\common\Power Rangers Battle for the Grid\BattleForTheGrid.exe () [File not signed] FirewallRules: [{885F4A61-0E7F-4B6E-8506-8600838C8F73}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{9F217F42-F213-4991-9C97-6A47D348F3DD}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{A8F1D2E4-1A6C-43ED-A62E-723A5A30CD25}] => (Allow) E:\SteamLibrary\steamapps\common\FNAFVRHelpWanted\freddys.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{B643E348-879B-4134-B3C1-F0A535C66787}] => (Allow) E:\SteamLibrary\steamapps\common\FNAFVRHelpWanted\freddys.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{8D2EACA8-41AF-479A-85D3-F8E839E349E4}] => (Allow) E:\SteamLibrary\steamapps\common\Portal\hl2.exe (Valve -> ) FirewallRules: [{A500C9AE-FE77-443B-A857-F1572D7FF1D3}] => (Allow) E:\SteamLibrary\steamapps\common\Portal\hl2.exe (Valve -> ) FirewallRules: [{9F0D0C56-490E-4D07-A96C-22FC4ADE13A6}] => (Allow) E:\SteamLibrary\steamapps\common\PHANTASYSTARONLINE2_NA_STEAM\pso2_bin\pso2launcher.exe (SEGA Games Co., Ltd. -> SEGA) FirewallRules: [{6B4B037E-119A-4314-8F68-8DFDA95EC370}] => (Allow) E:\SteamLibrary\steamapps\common\PHANTASYSTARONLINE2_NA_STEAM\pso2_bin\pso2launcher.exe (SEGA Games Co., Ltd. -> SEGA) FirewallRules: [{86B819A6-FC3A-4D11-90F4-4DCA47486D8C}] => (Allow) E:\SteamLibrary\steamapps\common\AAW Wrestle Lab\WrestleLab.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{FAEB60D3-0D76-48B5-9229-E1E0C8B16F71}] => (Allow) E:\SteamLibrary\steamapps\common\AAW Wrestle Lab\WrestleLab.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{820F894A-4F34-4A91-8DBB-99D574DBBC69}] => (Allow) E:\SteamLibrary\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed] FirewallRules: [{0A140B86-7750-4253-AC1F-123DE320DF75}] => (Allow) E:\SteamLibrary\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed] FirewallRules: [{27201848-FB12-4D0A-803A-CDB22D963030}] => (Allow) E:\SteamLibrary\steamapps\common\Oddworld Abes Exoddus\Exoddus.exe (Oddworld Inhabitants, Inc.) [File not signed] FirewallRules: [{EA9E8F4F-B613-4E37-A39D-59EC19346B98}] => (Allow) E:\SteamLibrary\steamapps\common\Oddworld Abes Exoddus\Exoddus.exe (Oddworld Inhabitants, Inc.) [File not signed] FirewallRules: [{922AD942-28D7-4B35-8584-BCDC2A9A0610}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\Winquake.exe () [File not signed] FirewallRules: [{996306D0-700F-46F3-AC41-AD085362A1A1}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\Winquake.exe () [File not signed] FirewallRules: [{CDDA384A-9A56-4EEB-8C0D-782C436D742F}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\qwcl.exe () [File not signed] FirewallRules: [{6E80BAEB-D735-46BA-A8CF-1695CB013FC1}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\qwcl.exe () [File not signed] FirewallRules: [{851C9DDA-A31B-49FC-8742-15FC1D92F4BF}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\Glquake.exe () [File not signed] FirewallRules: [{2F452CFB-C870-45A7-90F9-92C653D2B932}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\Glquake.exe () [File not signed] FirewallRules: [{212749DE-309A-4B07-9BA7-5A5D09BCF10F}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\glqwcl.exe () [File not signed] FirewallRules: [{3D3633C1-EA14-4B5D-BDEF-C428B9054D96}] => (Allow) E:\SteamLibrary\steamapps\common\Quake\glqwcl.exe () [File not signed] FirewallRules: [{4F9F37D4-29FB-4256-B9DF-548757B33A57}] => (Allow) E:\SteamLibrary\steamapps\common\Quake 2\quake2.exe () [File not signed] FirewallRules: [{BC2712BA-659C-4A05-8FB3-C642A3D935F5}] => (Allow) E:\SteamLibrary\steamapps\common\Quake 2\quake2.exe () [File not signed] FirewallRules: [{146A20EB-3D34-4369-B77B-49CE308F8FF5}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed] FirewallRules: [{033E4BA4-4C9F-4BFA-B47A-B611BE679E9C}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed] FirewallRules: [{5F52D575-371A-4CDE-BB60-FFBE0B727504}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{064AB538-0719-45BD-BA19-CC3B6C0D79DE}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{5D74C00A-F3F5-4754-AEDE-28F8DC4FAA3C}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 0\re0hd.exe (CAPCOM) [File not signed] FirewallRules: [{89017C67-CA8F-460F-8FA9-2B0E0F018A97}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 0\re0hd.exe (CAPCOM) [File not signed] FirewallRules: [{62C28DEA-3AB8-4BCF-BEA6-E476FDDA0304}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL REVELATIONS\rerev.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{7A3DF537-0B94-43C5-A60F-E78CC535D931}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL REVELATIONS\rerev.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{831E8A79-2C7C-4974-B636-3492680C11FF}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{4A5026EC-8342-4192-BE8D-05A4719592FC}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{90EDC561-A1B2-4946-A702-FDA5A3D3E0F8}] => (Allow) E:\SteamLibrary\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed] FirewallRules: [{0637A46D-C08F-4D35-9510-C84A9F0936CC}] => (Allow) E:\SteamLibrary\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed] FirewallRules: [{EA876EDF-41D4-48F1-970E-2D1C0040DA7F}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> ) FirewallRules: [{67E40ECD-64FF-4EB8-8626-2165E2C141AF}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> ) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ Name: AMD Radeon(TM) RX Vega 11 Graphics Description: AMD Radeon(TM) RX Vega 11 Graphics Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Advanced Micro Devices, Inc. Service: amdkmdag Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ======================== Application errors: ================== Error: (12/09/2020 03:05:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sdxhelper.exe, version: 16.0.13426.20308, time stamp: 0x5fc6e8fc Faulting module name: ntdll.dll, version: 10.0.19041.610, time stamp: 0xd49544eb Exception code: 0xc0000005 Fault offset: 0x00062b57 Faulting process id: 0x1834 Faulting application start time: 0x01d6ce7fc7aecfdb Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 537e3f6f-738c-4601-93fd-14f9d87e9fac Faulting package full name: Faulting package-relative application ID: Error: (12/09/2020 10:38:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sdxhelper.exe, version: 16.0.13426.20308, time stamp: 0x5fc6e8fc Faulting module name: ntdll.dll, version: 10.0.19041.610, time stamp: 0xd49544eb Exception code: 0xc0000005 Fault offset: 0x00062b57 Faulting process id: 0x1e9c Faulting application start time: 0x01d6ce5a8d78f9fc Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 6d511fea-fb75-45b8-bda0-fa2f20a7f0b6 Faulting package full name: Faulting package-relative application ID: Error: (12/09/2020 10:37:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sdxhelper.exe, version: 16.0.13426.20308, time stamp: 0x5fc6e8fc Faulting module name: ntdll.dll, version: 10.0.19041.610, time stamp: 0xd49544eb Exception code: 0xc0000005 Fault offset: 0x00062b57 Faulting process id: 0x78c Faulting application start time: 0x01d6ce5a67ee364e Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 68b24443-3bff-4966-bb33-9f69d6c28453 Faulting package full name: Faulting package-relative application ID: Error: (12/09/2020 10:23:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AdwCleaner.exe, version: 8.0.8.0, time stamp: 0x5f7f1978 Faulting module name: AdwCleaner.exe, version: 8.0.8.0, time stamp: 0x5f7f1978 Exception code: 0xc0000005 Fault offset: 0x0157c22e Faulting process id: 0x2014 Faulting application start time: 0x01d6ce584f9ba77e Faulting application path: C:\Users\mewtw_000\Desktop\AdwCleaner.exe Faulting module path: C:\Users\mewtw_000\Desktop\AdwCleaner.exe Report Id: 17844e6d-fc10-488f-9973-d599388b4f4f Faulting package full name: Faulting package-relative application ID: Error: (12/09/2020 01:50:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/09/2020 12:14:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sdxhelper.exe, version: 16.0.13426.20308, time stamp: 0x5fc6e8fc Faulting module name: ntdll.dll, version: 10.0.19041.610, time stamp: 0xd49544eb Exception code: 0xc0000005 Fault offset: 0x00062b57 Faulting process id: 0x3ce8 Faulting application start time: 0x01d6ce035b671c82 Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: b84e7c23-f339-453f-b5dc-a2531d1ea288 Faulting package full name: Faulting package-relative application ID: Error: (12/08/2020 09:39:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sdxhelper.exe, version: 16.0.13426.20308, time stamp: 0x5fc6e8fc Faulting module name: ntdll.dll, version: 10.0.19041.610, time stamp: 0xd49544eb Exception code: 0xc0000005 Fault offset: 0x00062b57 Faulting process id: 0x3a20 Faulting application start time: 0x01d6cded9ec0af38 Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 3edcf263-9b67-4ee6-b80b-80b1feaf5769 Faulting package full name: Faulting package-relative application ID: Error: (12/08/2020 09:24:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AdwCleaner.exe, version: 8.0.8.0, time stamp: 0x5f7f1978 Faulting module name: AdwCleaner.exe, version: 8.0.8.0, time stamp: 0x5f7f1978 Exception code: 0xc0000005 Fault offset: 0x0157c22e Faulting process id: 0x2218 Faulting application start time: 0x01d6cdeb883e98b1 Faulting application path: C:\Users\mewtw_000\Desktop\AdwCleaner.exe Faulting module path: C:\Users\mewtw_000\Desktop\AdwCleaner.exe Report Id: fb7c86a9-4665-4a0e-a20f-54c357bcbe8e Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (12/09/2020 10:52:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Intel(R) Security Assist service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/09/2020 10:52:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Security Assist service to connect. Error: (12/09/2020 10:26:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Downloaded Maps Manager service hung on starting. Error: (12/09/2020 10:26:20 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (12/09/2020 10:24:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/09/2020 10:24:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Management and Security Application Local Management Service service to connect. Error: (12/09/2020 10:24:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/09/2020 10:24:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. Windows Defender: =================================== Date: 2020-12-09 18:29:17.6850000Z Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/CandyOpen&threatid=213956&enterprise=0 Name: PUA:Win32/CandyOpen ID: 213956 Severity: Low Category: Potentially Unwanted Software Path: containerfile:_C:\Users\mewtw_000\Desktop\Emulators\updates\3.4.5_41202.exe; containerfile:_C:\Users\mewtw_000\Desktop\Emulators\uTorrent.exe; driver:_VASDeviceDrm; file:_C:\Users\mario\Downloads\advanced-systemcare-setup.exe; file:_C:\Users\mewtw_000\Desktop\Emulators\updates\3.4.5_41202.exe->(UPX); file:_C:\Users\mewtw_000\Desktop\Emulators\uTorrent.exe->(UPX); file:_C:\WINDOWS\system32\drivers\vasdDev.sys Detection Origin: Local machine Detection Type: Concrete Detection Source: System Process Name: C:\Users\mewtw_000\Desktop\FRST64.exe Security intelligence Version: AV: 1.329.104.0, AS: 1.329.104.0, NIS: 1.329.104.0 Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4 Date: 2020-12-09 12:39:48.1920000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {ABE81752-2BAD-4E18-BA73-BF36081D4D49} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-09 12:27:13.7610000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {45F2E760-9BC3-40A2-B7FE-225E510F78AA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-09 11:45:28.4360000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {1875C239-F661-4B88-B877-6A42C3EDA3B4} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-12-09 10:45:34.5810000Z Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan ID: {04D2E08B-EAB1-4A62-A332-AAB885D36142} Scan Type: Antimalware Scan Parameters: Quick Scan ==================== Memory info =========================== BIOS: American Megatrends Inc. 2.B0 12/08/2017 Motherboard: MSI B350M GAMING PRO (MS-7A39) Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics Percentage of memory in use: 84% Total physical RAM: 7885.44 MB Available physical RAM: 1191.85 MB Total Virtual: 20173.44 MB Available Virtual: 7412.54 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.66 GB) (Free:294.39 GB) NTFS Drive e: (Seagate Expansion Drive) (Fixed) (Total:3725.9 GB) (Free:1543.49 GB) NTFS \\?\Volume{a6388144-bd87-11e4-824e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS \\?\Volume{f6c0a0f2-0000-0000-0000-10c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.05 GB) NTFS ==================== MBR & Partition Table ==================== ==================== End of Addition.txt =======================