Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020 Ran by mewtw_000 (administrator) on GAMERPC2 (MSI MS-7A39) (10-12-2020 01:44:35) Running from C:\Users\mewtw_000\Desktop Loaded Profiles: mewtw_000 Platform: Windows 10 Home Version 20H2 19042.630 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubPlatform.exe (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe (Nixart) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FakeFullscreen.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Opera Software AS -> Opera Software) C:\Users\mewtw_000\AppData\Local\Programs\Opera\launcher.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH -> cFos Software GmbH) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed] HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [60074328 2018-12-22] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [Amazon Music] => C:\Users\mewtw_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-05-07] (Amazon Services LLC -> ) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [AIM for Windows] => C:\Users\mewtw_000\AppData\Local\AOL\AIM\aim.exe [1075608 2016-10-03] (AOL Inc. -> AOL Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [Google Update] => C:\Users\mewtw_000\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe [297871 2020-12-03] (Google LLC) [File not signed] HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952552 2020-11-12] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [GameCompanion] => C:\Users\mewtw_000\AppData\Roaming\GameCompanion\GameCompanion.exe [484408 2013-10-12] () [File not signed] HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe [2489528 2020-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33138576 2020-12-08] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [23335904 2020-10-28] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [uTorrent] => C:\Users\mewtw_000\AppData\Roaming\uTorrent\uTorrent.exe [2113240 2020-11-06] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [Discord] => C:\Users\mewtw_000\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation) HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3857839104-3952859072-2417217460-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [580096 2020-07-17] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\KODAK EASYSHARE All-in-One Printer: C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll [232960 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company) HKLM\...\Print\Monitors\KODAK EASYSHARE All-in-One Printer: C:\Windows\system32\EKIJ5000MON.dll [612352 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC) AppInit_DLLs-x32: C:\WINDOWS\system32\dlcoer.dll => C:\WINDOWS\SysWOW64\dlcoer.dll [69337 2020-12-10] (Microsoft Corporation) [File not signed] Startup: C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-08-24] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01BF5165-A0C1-48E8-95F1-FA324B833513} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe Task: {119E0283-3C39-4D01-914C-D23D8160F140} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {188F58BC-F948-4FB4-89D4-D9AA5AC72B93} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {18D74226-F812-4445-8A46-85860F5FADE1} - System32\Tasks\Opera scheduled Autoupdate 1592177058 => C:\Users\mewtw_000\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-24] (Opera Software AS -> Opera Software) Task: {1AB334B5-12DC-41DA-88B2-573C56C97FE6} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [302439 2020-06-21] (Microsoft Corporation) [File not signed] Task: {1E50346E-D168-490C-8703-29314C37A2DA} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files (x86)\microsoft\edge\application\msedge.exe [2964368 2020-12-03] (Microsoft Corporation -> Microsoft Corporation) Task: {242C6426-724C-4EE9-ACB1-D2D1A96542D7} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3857839104-3952859072-2417217460-1004 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-13] (Microsoft Windows -> ) Task: {25AADE8D-DCEB-4C59-AF2A-92BCD192C1EB} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) Task: {288BD941-4EC3-4C27-92C9-1959C9001898} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {310985A9-0507-4E35-A02B-B903E5CC23A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {357162EA-CB63-4813-8756-3C3E3AC00890} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [302439 2020-06-21] (Microsoft Corporation) [File not signed] Task: {3CEE3290-2DC8-42BE-A843-93E48096574D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {45A6E21F-4382-4C1C-AB5B-725940059E5E} - System32\Tasks\{E454B194-C458-4524-875A-BBDD341E9245} => C:\Windows\system32\pcalua.exe -a C:\Users\mario\Downloads\FirmwareFlashLauncher(3).exe -d C:\Users\mario\Downloads Task: {47F88C44-2DD6-4E0C-9838-4C46D1127997} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {49D36591-3FC5-4126-B6F2-15EE8F466C4D} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3031824 2020-07-07] (IObit Information Technology -> IObit) Task: {4D0E675A-FA1D-4C9F-ABB5-FC7EAE815EA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [231447 2017-12-05] (Google Inc.) [File not signed] Task: {5EAA5B40-11EA-4E0E-AE68-C4B917E454D6} - System32\Tasks\{98850D8D-D672-45FA-99AD-029F06250334} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe" -d C:\Users\mewtw_000\Desktop Task: {649A63A7-76CC-49C6-A879-EB864EFB7A90} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6CDDBA91-726C-4ADC-B126-9EB8BF74F108} - System32\Tasks\ASC_SkipUac_mewtw_000 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {6E66C15F-086E-4943-B62C-53C50CD8D281} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {768AD179-E48F-429D-B21D-59D59484B3E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {82C4ABA5-2DFD-47DA-8107-F7C9868C4D93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {873E6C9D-8348-4FF4-B8BC-EC5F05AA430E} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {8AC79E55-11E0-456E-8663-1C68F7435B6D} - System32\Tasks\Opera scheduled assistant Autoupdate 1592177072 => C:\Users\mewtw_000\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-24] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mewtw_000\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {8F1C983E-E536-4D43-B94A-9EBBDF347F92} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [860599 2019-10-26] () [File not signed] Task: {8F78C466-564D-4C90-90E1-99F3DA0F85C9} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe Task: {91949731-B0CA-4D7E-8D7C-E537E6D6BEB6} - System32\Tasks\{F39B6A7A-9212-4FE4-99F7-580C5E3B634F} => C:\Windows\system32\pcalua.exe -a C:\Users\mewtw_000\Desktop\dgca_v110.exe -d C:\Users\mewtw_000\Desktop Task: {9F9C6169-66F9-4C6F-BD3D-12346E9DC9FB} - System32\Tasks\Fake Fullscreen => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FakeFullscreen.exe [44032 2016-10-06] (Nixart) [File not signed] Task: {A2AE4D1D-4FDE-4DEB-856A-4FCE26A4167A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A64DEBF1-A72D-4BBA-BFA1-21BF594616E8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe) Task: {AC552665-E719-4405-9186-713556EF1591} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [231447 2017-12-05] (Google Inc.) [File not signed] Task: {BBEB78B4-5D0E-4A20-9012-A33937084426} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5938960 2020-10-27] (IObit Information Technology -> IObit) Task: {BCEF23F9-6E1A-4F17-A80A-A0E23B469BCF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {C49967AE-2C17-4165-87DE-7E6F2E012A6E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {CA87B026-A07A-4225-A61B-888A5A3E5BD8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D8F62EF4-4D4E-4EF9-9260-06E22BFC1277} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DAD43C07-7077-4E41-A111-9BD54B725AA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {DFF2716A-9978-4791-98AE-2BF5C363692A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {E744E851-2AD8-4C07-95A1-6EBB82AF2394} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe) Task: {E7F81A66-67D2-4C72-8A23-130CAF0667CA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E8A69D7A-3013-48F5-808A-64437B8247BA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EDB8D6B6-D0F6-4AA6-8A8C-DB7C2DB427F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe) Task: {EEA07602-DD3B-498E-9FED-41BEFB213A1E} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-03-17] (Advanced Micro Devices, Inc.) [File not signed] Task: {F0060515-9863-4613-BD11-C1BD0EEBA9DC} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware) Task: {F2AB3E1C-74A2-4231-AB1B-1BDE3FC24EEA} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F8194146-C4A2-487C-87EA-5896345BD1E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F93E2654-F014-4F19-828E-87A3D166D727} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FB09ACF0-A598-4358-9375-1933B00E11A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {FC06B909-808E-43B2-9E89-69327F92E982} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {FE679D04-0972-4DEE-8D99-515F2DA05CE8} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [13135528 2017-11-06] (Tim Kosse -> FileZilla Project) Task: {FF370F45-BECF-44BD-BD18-41D8366C79D7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-03-17] (Advanced Micro Devices, Inc.) [File not signed] (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{414d8f97-7b89-435e-96db-7782dc537395}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{50474d97-8078-467b-b411-eda12ed350b4}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{6a3289c7-bd23-427e-bdc4-302ef88a4a73}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b0fe0bb4-e96f-4581-af43-3fbc3f340851}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d554030d-c919-4e80-8a80-32394b3d22f9}: [DhcpNameServer] 192.168.1.1 Edge: ====== DownloadDir: C:\Users\mewtw_000\Downloads Edge HomeButtonPage: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> hxxp://www.wwe.com/ Edge Notifications: HKU\S-1-5-21-3857839104-3952859072-2417217460-1004 -> hxxps://aminoapps.com Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13] Edge DefaultProfile: Default Edge Profile: C:\Users\mewtw_000\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-10] Edge DownloadDir: C:\Users\mewtw_000\Downloads Edge Notifications: Default -> hxxps://aminoapps.com; hxxps://anotepad.com; hxxps://bleedingcool.com; hxxps://floof.me; hxxps://pomf.tv; hxxps://tii.ai; hxxps://www.reddit.com; hxxps://www.tapatalk.com; hxxps://www.youtube.com; hxxps://www1a.delmarmora.pro; hxxps://www1a.michellehardin.pro; hxxps://www1a.moshemartin.pro; hxxps://www1a.samcunningham.pro Edge HomePage: Default -> hxxp://www.wwe.com/ Edge StartupUrls: Default -> "hxxp://www.wwe.com/" Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\mewtw_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-11-20] FireFox: ======== FF DefaultProfile: ig34uzeg.default FF ProfilePath: C:\Users\mewtw_000\AppData\Roaming\Mozilla\Firefox\Profiles\ig34uzeg.default [2020-12-10] FF Notifications: Mozilla\Firefox\Profiles\ig34uzeg.default -> hxxps://discordbots.org; hxxps://top.gg FF Extension: (Adblock Plus - free ad blocker) - C:\Users\mewtw_000\AppData\Roaming\Mozilla\Firefox\Profiles\ig34uzeg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-18] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-30] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin HKU\S-1-5-21-3857839104-3952859072-2417217460-1004: @citrixonline.com/appdetectorplugin -> C:\Users\mewtw_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-16] (Citrix Online -> Citrix Online) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\mewtw_000\AppData\Local\Google\Chrome\User Data\Default [2020-12-08] CHR Notifications: Default -> hxxps://acadestypicallic.info; hxxps://install.stream-all.com; hxxps://ouo.io; hxxps://piczel.tv; hxxps://pomf.tv; hxxps://skidrowcpygames.com; hxxps://voice.google.com; hxxps://www.4shared.com; hxxps://www.myinstants.com; hxxps://www.onlinevideoconverter.com; hxxps://www.reddit.com; hxxps://www.techradar.com; hxxps://www.tomshardware.com; hxxps://www.youtube.com; hxxps://zoomnewsupdate.info CHR HomePage: Default -> hxxp://www.wwe.com/ CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mewtw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-10-11] CHR Extension: (Tampermonkey) - C:\Users\mewtw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-05-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\mewtw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Chrome Media Router) - C:\Users\mewtw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-27] CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Opera: ======= OPR Notifications: hxxps://mycoolfeed.com; hxxps://switchxci.org; hxxps://www.reddit.com; hxxps://www.youtube.com OPR Extension: (AdBlock) - C:\Users\mewtw_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2020-06-14] OPR Extension: (Rich Hints Agent) - C:\Users\mewtw_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [60600 2020-03-17] (Advanced Micro Devices, Inc. -> AMD) R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH -> cFos Software GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3638888 2018-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [302439 2020-06-21] (Microsoft Corporation) [File not signed] S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [302439 2020-06-21] (Microsoft Corporation) [File not signed] S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed] S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-18] (NVIDIA Corporation -> NVIDIA) S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [231447 2017-12-05] (Google Inc.) [File not signed] S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [231447 2017-12-05] (Google Inc.) [File not signed] S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [272311 2017-04-19] (Google) [File not signed] R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S3 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation -> Sony Corporation) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-06-15] (Razer USA Ltd. -> Razer Inc) S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> ) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1711232 2020-07-01] (Rockstar Games, Inc. -> Rockstar Games) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-13] (Razer USA Ltd. -> Razer Inc.) S3 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-06-21] (Razer USA Ltd. -> Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed] S3 wampapache64; c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [5004560 2016-02-17] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 ADSPIDEREX; C:\WINDOWS\system32\drivers\adspiderex.sys [55664 2015-12-27] (digitalonnet -> (주)디지탈온넷) S3 AMDSoundWireAudioService; C:\WINDOWS\System32\drivers\amdsndwireafd.sys [374248 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S1 cfosspeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [2004904 2015-09-09] (cFos Software GmbH -> cFos Software GmbH) S3 CySmb; C:\WINDOWS\System32\drivers\cysmb.sys [10752 2016-03-08] (Cypress Semiconductor, Inc.) [File not signed] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-06] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-06] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-03-02] (Disc Soft Ltd -> Disc Soft Ltd) S3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft Inc. -> SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft Inc. -> SlySoft, Inc.) R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-11-12] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider) S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2020-03-26] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2020-06-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.) S3 mcdevice; C:\WINDOWS\system32\DRIVERS\mcdevice.sys [334400 2015-07-17] (Hefei GreenXin Technology Co. Ltd. -> ShiningMorning Inc.) S3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [41624 2020-12-09] (Adlice -> ) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-08-10] (Razer Inc. -> Razer, Inc.) S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-18] (Bruce James -> Scarlet.Crush Productions) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-09] (Adlice -> ) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-10 01:48 - 2020-12-10 01:48 - 000000175 _____ C:\WINDOWS\SysWOW64\dlcoer.dll.000 2020-12-10 01:47 - 2020-12-10 01:47 - 000001392 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk 2020-12-10 01:47 - 2020-12-10 01:47 - 000001392 _____ C:\ProgramData\Desktop\YTD Video Downloader.lnk 2020-12-10 01:47 - 2020-12-10 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2020-12-10 01:47 - 2020-12-10 01:47 - 000000000 ____D C:\Program Files (x86)\GreenTree Applications 2020-12-10 01:44 - 2020-12-10 01:51 - 000039543 _____ C:\Users\mewtw_000\Desktop\FRST.txt 2020-12-10 01:40 - 2020-12-10 01:40 - 000003120 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2020-12-10 01:39 - 2020-12-10 01:39 - 000069337 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlcoer.dll 2020-12-10 01:33 - 2020-12-10 01:33 - 000000000 ____D C:\ProgramData\NTUSER.pol 2020-12-10 01:32 - 2020-12-10 01:35 - 000005813 _____ C:\Users\mewtw_000\Desktop\Fixlog.txt 2020-12-09 22:42 - 2020-12-09 22:42 - 002086424 _____ (Malwarebytes) C:\Users\mewtw_000\Desktop\MBSetup.exe 2020-12-09 18:16 - 2020-12-09 18:16 - 002288640 _____ (Farbar) C:\Users\mewtw_000\Desktop\FRST64.exe 2020-12-09 10:22 - 2020-12-09 10:22 - 000041624 _____ C:\WINDOWS\system32\Drivers\rkflt.sys 2020-12-09 10:22 - 2020-12-09 10:22 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2020-12-08 21:33 - 2020-12-09 10:50 - 000000822 _____ C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2020-12-08 21:33 - 2020-12-08 21:33 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\ESET 2020-12-08 11:10 - 2020-12-08 11:10 - 000001538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2020-12-07 22:44 - 2020-12-07 22:44 - 008525431 ___SH (Malwarebytes) C:\Users\mewtw_000\Desktop\AdwCleaner.exe 2020-12-07 20:37 - 2020-12-07 20:37 - 009142272 _____ C:\Users\mewtw_000\Desktop\hamachi.msi 2020-12-07 20:20 - 2020-12-07 20:20 - 000000863 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2020-12-07 20:20 - 2020-12-07 20:20 - 000000863 _____ C:\ProgramData\Desktop\RogueKiller.lnk 2020-12-07 20:03 - 2020-12-07 20:05 - 040473968 ___SH (Adlice Software ) C:\Users\mewtw_000\Desktop\setup.exe.dat 2020-12-07 19:51 - 2020-12-07 19:51 - 000000000 ___HD C:\$SysReset 2020-12-07 18:19 - 2020-12-07 18:19 - 000001090 _____ C:\Users\mewtw_000\Desktop\Telegram.lnk 2020-12-07 17:44 - 2020-12-10 01:48 - 000000000 ____D C:\FRST 2020-12-07 17:07 - 2020-12-10 01:38 - 000000000 ____D C:\Program Files (x86)\Steam 2020-12-07 17:07 - 2020-12-07 17:07 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk 2020-12-07 17:07 - 2020-12-07 17:07 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk 2020-12-07 17:07 - 2020-12-07 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2020-12-07 16:50 - 2020-12-07 20:02 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Discord 2020-12-07 16:50 - 2020-12-07 16:51 - 000002289 _____ C:\Users\mewtw_000\Desktop\Discord.lnk 2020-12-07 16:44 - 2020-12-07 16:45 - 068900607 _____ (Discord Inc.) C:\Users\mewtw_000\Desktop\DiscordSetup.exe 2020-12-07 16:44 - 2020-12-07 16:45 - 068822328 ___SH (Discord Inc.) C:\Users\mewtw_000\Desktop\DiscordSetup.exe.dat 2020-12-07 16:43 - 2020-12-07 16:44 - 025814072 _____ (Telegram FZ-LLC ) C:\Users\mewtw_000\Desktop\tsetup.2.4.7.exe 2020-12-07 16:41 - 2020-12-07 16:41 - 000001391 _____ C:\Users\Public\Desktop\Skype.lnk 2020-12-07 16:41 - 2020-12-07 16:41 - 000001391 _____ C:\ProgramData\Desktop\Skype.lnk 2020-12-07 12:59 - 2020-12-07 12:59 - 000079098 _____ C:\Users\mewtw_000\Documents\cc_20201207_125912.reg 2020-12-07 12:28 - 2020-12-07 12:28 - 000003136 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2020-12-03 03:13 - 2020-12-03 03:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2020-12-03 03:10 - 2020-11-23 06:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-12-03 03:10 - 2020-11-23 06:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-12-03 03:10 - 2020-11-23 06:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-12-03 03:10 - 2020-11-23 06:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-12-03 03:10 - 2020-11-23 06:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-12-03 03:10 - 2020-11-23 06:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-12-03 03:10 - 2020-11-23 06:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-12-03 03:10 - 2020-11-23 06:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-12-03 03:10 - 2020-11-23 06:40 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-12-03 03:10 - 2020-11-23 06:40 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-12-03 03:10 - 2020-11-23 06:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 007706352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445751.dll 2020-12-03 03:10 - 2020-11-23 06:37 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445751.dll 2020-12-03 03:10 - 2020-11-23 06:32 - 007006712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2020-12-03 03:10 - 2020-11-23 06:32 - 005978008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-12-03 03:10 - 2020-11-22 05:29 - 000058620 _____ C:\WINDOWS\system32\nvinfo.pb 2020-12-01 09:17 - 2020-12-01 09:17 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1592177058 2020-12-01 09:17 - 2020-12-01 09:17 - 000001459 _____ C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2020-11-30 20:21 - 2020-11-30 21:32 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Vortex 2020-11-26 11:29 - 2020-12-07 16:15 - 000000000 ____D C:\Users\mewtw_000\AppData\LocalLow\IGDump 2020-11-26 11:22 - 2020-11-26 11:22 - 000004458 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1592177072 2020-11-22 20:11 - 2020-11-22 20:11 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra 2020-11-20 17:26 - 2020-11-20 17:26 - 000001776 _____ C:\Users\Public\Desktop\iTunes.lnk 2020-11-20 17:26 - 2020-11-20 17:26 - 000001776 _____ C:\ProgramData\Desktop\iTunes.lnk 2020-11-20 17:26 - 2020-11-20 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2020-11-20 03:36 - 2020-11-20 03:36 - 134688768 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit 2020-11-20 03:36 - 2020-11-20 03:36 - 004714496 _____ C:\WINDOWS\system32\config\DEFAULT.iobit 2020-11-20 03:36 - 2020-11-20 03:36 - 000151552 _____ C:\WINDOWS\system32\config\SAM.iobit 2020-11-20 03:36 - 2020-11-20 03:36 - 000040960 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2020-11-19 05:41 - 2020-11-19 05:41 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Canary 2020-11-18 20:56 - 2020-11-18 20:56 - 000002217 _____ C:\Users\mewtw_000\Desktop\WeMod.lnk 2020-11-18 20:55 - 2020-11-18 20:56 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\WeMod 2020-11-17 18:33 - 2020-11-18 12:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-11-15 11:54 - 2020-11-15 11:54 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-11-15 11:53 - 2020-11-15 11:53 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-15 11:52 - 2020-11-15 11:52 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-15 11:52 - 2020-11-15 11:52 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2020-11-15 11:52 - 2020-11-15 11:52 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-10 01:54 - 2015-06-02 01:35 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\CrashDumps 2020-12-10 01:49 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-10 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-10 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-10 01:47 - 2015-02-26 13:43 - 000000000 ____D C:\Users\mewtw_000\Desktop\Emulators 2020-12-10 01:42 - 2018-10-22 12:24 - 000000000 ____D C:\Program Files\CCleaner 2020-12-10 01:38 - 2020-09-13 04:25 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-10 01:38 - 2020-07-17 04:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-10 01:38 - 2019-08-28 01:35 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-10 01:38 - 2018-06-16 15:42 - 000000000 ____D C:\Program Files (x86)\ManyCam 2020-12-10 01:37 - 2019-12-07 01:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2020-12-10 01:33 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System 2020-12-10 00:42 - 2019-12-07 01:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-10 00:24 - 2016-11-20 00:56 - 000000000 ____D C:\Users\mewtw_000\AppData\LocalLow\Mozilla 2020-12-10 00:21 - 2015-02-25 23:39 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-09 19:03 - 2020-07-17 02:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-09 00:42 - 2019-05-22 20:45 - 000000000 ____D C:\Users\mewtw_000\Desktop\Steam Games 2020-12-09 00:42 - 2015-02-26 03:09 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-12-08 21:43 - 2016-09-26 02:22 - 000000000 ____D C:\Users\mewtw_000\Desktop\randomizers 2020-12-08 21:03 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-08 20:25 - 2020-07-17 04:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-12-08 20:25 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2020-12-08 20:25 - 2017-02-28 22:51 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Telegram Desktop 2020-12-08 20:25 - 2013-08-22 07:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2020-12-08 19:53 - 2015-07-07 22:09 - 000000000 ____D C:\Users\mewtw_000\AppData\LocalLow\Adblock Plus for IE 2020-12-08 19:07 - 2020-10-13 10:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2020-12-08 19:07 - 2020-10-13 10:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2020-12-08 19:07 - 2020-07-17 04:03 - 000004594 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-12-08 19:07 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-12-08 19:07 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-12-08 18:16 - 2020-07-17 04:03 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-12-08 14:19 - 2020-11-07 11:33 - 000000000 ____D C:\Program Files\Cheat Engine 7.2 2020-12-08 11:22 - 2015-03-16 13:28 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\ElevatedDiagnostics 2020-12-08 11:10 - 2016-10-27 17:08 - 000000000 ____D C:\ProgramData\Package Cache 2020-12-08 11:10 - 2016-03-08 12:47 - 000000000 ____D C:\Program Files (x86)\Intel 2020-12-08 04:16 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-07 22:57 - 2015-02-26 01:51 - 000000000 ____D C:\Program Files (x86)\ooVoo 2020-12-07 22:55 - 2018-06-13 21:53 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\IObit 2020-12-07 22:55 - 2015-02-26 00:29 - 000000000 ____D C:\ProgramData\IObit 2020-12-07 21:55 - 2019-08-08 02:29 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2020-12-07 20:26 - 2015-07-27 17:07 - 000000000 ____D C:\ProgramData\RogueKiller 2020-12-07 20:20 - 2016-04-12 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2020-12-07 20:20 - 2016-04-12 15:54 - 000000000 ____D C:\Program Files\RogueKiller 2020-12-07 18:19 - 2017-02-28 22:51 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2020-12-07 17:51 - 2018-06-14 00:16 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\D3DSCache 2020-12-07 16:57 - 2015-02-26 03:53 - 000000000 ____D C:\Program Files\WinRAR 2020-12-07 16:51 - 2018-12-22 13:01 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\discord 2020-12-07 16:51 - 2016-04-18 13:41 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\SquirrelTemp 2020-12-07 16:50 - 2017-08-08 16:29 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2020-12-07 16:41 - 2018-07-20 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2020-12-07 16:28 - 2019-07-06 19:27 - 000000000 ____D C:\Users\mewtw_000\Desktop\DesktopOK 2020-12-07 16:23 - 2020-07-14 20:56 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\citra2 2020-12-07 16:23 - 2019-04-03 20:51 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2020-12-07 16:23 - 2016-08-01 18:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-12-07 14:16 - 2018-06-13 21:53 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\LogMeIn Hamachi 2020-12-07 12:10 - 2018-06-13 21:53 - 000000000 ____D C:\Users\alex\AppData\Roaming\IObit 2020-12-07 12:10 - 2015-04-17 03:58 - 000000000 ____D C:\Users\alex\AppData\LocalLow\IObit 2020-12-07 12:10 - 2015-02-26 19:04 - 000000000 ____D C:\Users\mewtw_000\AppData\LocalLow\IObit 2020-12-07 12:10 - 2015-02-26 00:29 - 000000000 ____D C:\Program Files (x86)\IObit 2020-12-07 10:38 - 2015-02-25 23:52 - 000000000 ___RD C:\Users\mewtw_000\OneDrive 2020-12-07 10:34 - 2016-10-24 13:00 - 000000000 ____D C:\ProgramData\ProductData 2020-12-06 02:11 - 2015-02-26 03:31 - 000000000 ____D C:\Users\mewtw_000\Documents\Nexus Mod Manager 2020-12-05 20:42 - 2015-11-11 23:02 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Fallout4 2020-12-05 10:14 - 2020-06-21 13:47 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-05 10:14 - 2020-06-21 13:47 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-12-05 10:14 - 2020-06-21 13:47 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2020-12-05 09:56 - 2016-08-11 12:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-12-04 15:04 - 2019-09-15 01:47 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\WeMod 2020-12-04 10:57 - 2019-08-28 01:51 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\NVIDIA 2020-12-04 09:54 - 2018-02-27 23:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-03 18:58 - 2020-07-17 04:03 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-03 18:58 - 2020-07-17 04:03 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-02 21:03 - 2017-04-04 22:43 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-02 18:17 - 2017-12-05 13:00 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Packages 2020-12-02 12:28 - 2016-10-27 17:11 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Skyrim Special Edition 2020-12-01 16:45 - 2015-11-19 17:23 - 000000000 ____D C:\Users\mewtw_000\Desktop\Game Trainers 2020-11-30 21:33 - 2018-06-21 18:38 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd 2020-11-29 05:42 - 2020-07-17 03:04 - 000000000 ____D C:\Users\mewtw_000 2020-11-28 03:30 - 2017-02-28 23:01 - 000000000 ____D C:\Users\mewtw_000\Downloads\Telegram Desktop 2020-11-27 20:37 - 2020-07-17 04:03 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-27 20:37 - 2020-07-17 04:03 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-27 10:35 - 2018-12-24 05:06 - 000000000 ____D C:\Users\alex\AppData\Roaming\discord 2020-11-27 10:27 - 2020-07-17 04:03 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3AA3E72E-62AD-49C2-84DE-DDBC88CD9C80} 2020-11-27 10:07 - 2015-02-27 12:00 - 000000000 ___RD C:\Users\alex\OneDrive 2020-11-27 10:06 - 2018-06-13 21:53 - 000000000 ____D C:\Users\alex\AppData\Local\LogMeIn Hamachi 2020-11-26 11:14 - 2015-08-23 17:46 - 000000000 ____D C:\Users\alex\AppData\Local\CrashDumps 2020-11-26 06:54 - 2017-12-05 13:04 - 000000000 ____D C:\Users\alex\AppData\Local\Packages 2020-11-26 02:53 - 2019-04-23 16:04 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\MK11 2020-11-25 10:55 - 2017-05-01 23:47 - 000000000 ____D C:\Users\mewtw_000\Desktop\Gamejolt games 2020-11-25 10:54 - 2015-06-21 23:54 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\MMFApplications 2020-11-24 12:05 - 2020-02-28 20:21 - 000000000 ____D C:\Users\mewtw_000\Desktop\NEW9.1.0CFW 2020-11-22 20:39 - 2018-08-06 03:14 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Citra 2020-11-22 01:45 - 2020-09-29 21:15 - 005510968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 002636264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 000194360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2020-11-22 01:45 - 2020-09-29 21:15 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2020-11-20 22:35 - 2020-07-17 22:29 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\ManyCam 2020-11-20 22:35 - 2018-06-16 15:42 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\ManyCam 2020-11-20 17:26 - 2015-10-04 10:24 - 000000000 ____D C:\Program Files\iTunes 2020-11-20 17:26 - 2015-10-04 10:24 - 000000000 ____D C:\Program Files\iPod 2020-11-20 02:26 - 2017-08-25 13:14 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\vlc 2020-11-19 21:22 - 2018-11-03 23:31 - 000000000 ____D C:\Users\mewtw_000\Desktop\MKP4.1_S2.9_Ultimate_Update 2020-11-18 20:56 - 2019-09-15 01:47 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod 2020-11-18 12:32 - 2015-02-25 23:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-18 01:53 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-11-18 00:01 - 2018-10-28 01:33 - 000001238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-17 11:27 - 2020-07-17 03:22 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-17 05:28 - 2020-07-17 02:57 - 005141000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\setup 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-11-17 05:22 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-11-16 22:29 - 2018-10-14 23:31 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\Randovania 2020-11-15 11:52 - 2020-07-17 03:03 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2020-11-12 13:33 - 2018-12-11 13:25 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore 2020-11-12 13:33 - 2015-02-28 03:19 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-12 13:11 - 2015-02-28 03:19 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-12 06:25 - 2015-08-17 17:17 - 000000000 ____D C:\Users\mewtw_000\AppData\Local\yabause 2020-11-12 00:16 - 2015-08-03 02:11 - 000000000 ____D C:\Users\mewtw_000\AppData\Roaming\uTorrent ==================== Files in the root of some directories ======== 2017-07-10 19:44 - 2017-07-10 19:44 - 000286720 _____ () C:\Program Files\AlphaFS.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000053760 _____ () C:\Program Files\AxInterop.WMPLib.dll 2017-09-07 19:24 - 2017-09-07 19:24 - 000086016 _____ (Be) C:\Program Files\Be.Windows.Forms.HexBox.dll 2017-07-10 19:44 - 2017-07-10 19:44 - 000008192 _____ () C:\Program Files\CommonCompressors.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000060416 _____ (MaximeC) C:\Program Files\DokanNet.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000012800 _____ () C:\Program Files\HelperChat.dll 2017-11-24 04:36 - 2017-11-24 04:36 - 000134656 _____ (Simon Mourier) C:\Program Files\HtmlAgilityPack.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000330752 _____ ( ) C:\Program Files\Interop.WMPLib.dll 2017-07-10 19:44 - 2017-07-10 19:44 - 000123904 _____ () C:\Program Files\LibEveryFileExplorer.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000152064 _____ () C:\Program Files\LiveCharts.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000019456 _____ () C:\Program Files\LiveCharts.WinForms.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000217600 _____ () C:\Program Files\LiveCharts.Wpf.dll 2017-03-26 21:22 - 2017-03-26 21:22 - 000370070 _____ () C:\Program Files\logo2T.png.ico 2017-03-26 21:22 - 2017-07-10 19:44 - 000105984 _____ (Microsoft) C:\Program Files\Microsoft.WindowsAPICodePack.dll 2017-03-26 21:22 - 2017-07-10 19:44 - 000542720 _____ (Microsoft) C:\Program Files\Microsoft.WindowsAPICodePack.Shell.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000894976 _____ (MonoGame Team) C:\Program Files\MonoGame.Framework.dll 2017-03-26 21:22 - 2017-07-10 19:44 - 000169472 _____ () C:\Program Files\NBug.dll 2017-03-26 21:22 - 2017-07-10 19:44 - 000653824 _____ (Newtonsoft) C:\Program Files\Newtonsoft.Json.dll 2017-03-26 21:22 - 2017-11-24 04:36 - 000456192 _____ (Adam Hathcock) C:\Program Files\SharpCompress.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000507904 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Direct2D1.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000285696 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Direct3D11.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000347136 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Direct3D9.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000276992 _____ (Alexandre Mutel) C:\Program Files\SharpDX.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000140800 _____ (Alexandre Mutel) C:\Program Files\SharpDX.DXGI.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000220672 _____ (Alexandre Mutel) C:\Program Files\SharpDX.Mathematics.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000546304 _____ (Alexandre Mutel) C:\Program Files\SharpDX.MediaFoundation.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000094208 _____ (Alexandre Mutel) C:\Program Files\SharpDX.XAudio2.dll 2017-06-30 16:36 - 2018-06-18 14:54 - 000013824 _____ (Alexandre Mutel) C:\Program Files\SharpDX.XInput.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000005120 _____ () C:\Program Files\SharpSteam.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000006656 _____ (Andrey Shchekin) C:\Program Files\StringInterpolationBridge.dll 2017-06-30 16:36 - 2017-06-30 16:36 - 000026624 _____ (Paloma) C:\Program Files\TargaImage.dll 2018-06-18 14:54 - 2018-06-18 14:54 - 000658944 _____ (Telerik AD) C:\Program Files\Telerik.WinControls.ChartView.dll 2017-03-26 21:22 - 2017-06-30 16:36 - 003476992 _____ (Telerik AD) C:\Program Files\Telerik.WinControls.dll 2017-03-26 21:22 - 2017-06-30 16:36 - 001654784 _____ (Telerik AD) C:\Program Files\Telerik.WinControls.GridView.dll 2017-03-26 21:22 - 2017-06-30 16:36 - 000920576 _____ (Telerik AD) C:\Program Files\Telerik.WinControls.RadDock.dll 2017-03-26 21:22 - 2017-06-30 16:36 - 004888064 _____ (Telerik AD) C:\Program Files\Telerik.WinControls.UI.dll 2017-03-26 21:22 - 2017-06-30 16:36 - 000343040 _____ (Telerik AD) C:\Program Files\TelerikCommon.dll 2017-03-26 21:22 - 2018-06-18 22:02 - 000000001 _____ () C:\Program Files\test 2017-03-26 21:22 - 2018-06-18 15:08 - 001540096 _____ (Hikari06) C:\Program Files\Updater.exe 2018-06-18 14:54 - 2018-06-18 14:54 - 000014336 _____ (27labs) C:\Program Files\VDFParser.dll 2017-03-26 21:22 - 2018-06-18 22:02 - 000000009 _____ () C:\Program Files\ver 2017-03-26 21:22 - 2018-06-18 14:54 - 020484608 _____ (Hikari06) C:\Program Files\WiiU_USB_Helper.exe 2017-03-26 21:22 - 2018-06-18 14:54 - 000006903 _____ () C:\Program Files\WiiU_USB_Helper.exe.config 2020-05-02 03:20 - 2020-05-02 03:20 - 000000000 _____ () C:\Program Files (x86)\014CD6AA.log 2020-05-02 03:22 - 2020-05-02 03:22 - 000000008 _____ () C:\Program Files (x86)\014E43F5.log 2015-04-03 01:18 - 2015-04-03 01:18 - 000000132 _____ () C:\Users\mewtw_000\AppData\Roaming\Adobe BMP Format CS6 Prefs 2017-01-14 21:22 - 2017-01-14 21:26 - 000000132 _____ () C:\Users\mewtw_000\AppData\Roaming\Adobe GIF Format CS6 Prefs 2015-03-18 03:18 - 2018-12-05 01:50 - 000000132 _____ () C:\Users\mewtw_000\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-03-31 21:17 - 2017-02-24 00:21 - 000000132 _____ () C:\Users\mewtw_000\AppData\Roaming\Adobe Targa Format CS6 Prefs 2015-11-05 03:42 - 2017-10-28 11:04 - 000000032 _____ () C:\Users\mewtw_000\AppData\Roaming\com.gendou.ff6_ram_editor.prefs 2016-02-04 16:46 - 2018-02-18 21:44 - 000000043 _____ () C:\Users\mewtw_000\AppData\Roaming\com.gendou.som_ram_editor.prefs 2016-09-09 02:50 - 2016-10-23 01:35 - 000000170 _____ () C:\Users\mewtw_000\AppData\Roaming\default.rss 2015-04-06 16:16 - 2015-04-06 16:16 - 000000107 _____ () C:\Users\mewtw_000\AppData\Roaming\Editroid.config 2017-06-04 22:21 - 2017-06-04 22:22 - 000004608 _____ () C:\Users\mewtw_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-10-31 13:48 - 2018-10-31 13:48 - 001065984 _____ () C:\Users\mewtw_000\AppData\Local\file__0.localstorage 2015-07-27 01:39 - 2015-07-27 01:39 - 000000000 _____ () C:\Users\mewtw_000\AppData\Local\Temp.dat 2018-06-26 15:28 - 2018-06-26 15:28 - 000000002 _____ () C:\Users\mewtw_000\AppData\Local\WMI.ini ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================