Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Problem starting StartupCheckLibrary.dll


  • Please log in to reply

#1
Soggyyy

Soggyyy

    Member

  • Member
  • PipPip
  • 13 posts

I have some sort of virus on my computer that I got from downloading something from a sketchy site.  I tried rebooting my computer but there was an error, and currently im trying to get rid of the virus.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by sam (administrator) on DESKTOP-DHQVSUB (Dell Inc. Inspiron 5680) (16-12-2019 20:44:07)
Running from C:\Users\sam\Desktop
Loaded Profiles: sam (Available Profiles: sam)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Digital Communications Inc -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel® Trust Services -> Intel® Corporation) C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Mega Limited -> Mega Limited) C:\Users\sam\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wuapihost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [319520 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3289040 2019-12-05] (Valve -> Valve Corporation)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [BakkesMod] => C:\Users\sam\Desktop\BakkesMod.exe [11271168 2019-04-01] () [File not signed]
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35960720 2019-11-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Spotify] => C:\Users\sam\AppData\Roaming\Spotify\Spotify.exe [22051232 2019-12-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Gif Your Game] => C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [80204208 2019-12-09] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Discord] => C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-11-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\sam\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-05-16]
ShortcutTarget: Twitch.lnk -> C:\Users\sam\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01BA3712-033F-427C-998E-2A87A874CC1E} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d7ff93a809 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {030A5240-1E02-4C1E-A383-E5300F75516B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {0F7C3D9F-F9C3-4725-B2F2-B27EDBA27CF2} - System32\Tasks\Opera scheduled Autoupdate 1559497199 => C:\Users\sam\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-12] (Opera Software AS -> Opera Software)
Task: {1464154B-6349-41BB-B127-843498DA7FF8} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-12-14] (Kaspersky Lab -> AO Kaspersky Lab)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {18F30367-9158-4BB7-AE20-5EE5F1BFBCA7} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} "C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe"
Task: {1B3B0682-E4C8-40D1-89C2-DF4F4B680199} - System32\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {26A91335-78E3-41CB-A818-650B2DC612B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3827D8FB-CC90-4F8A-85F4-8AB0A0A18327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {42F69B01-7D15-45EC-A0C2-290116A65F18} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {44660127-690A-4368-88C9-541CE454B531} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {5299D29D-F17C-4987-996B-B406CDCE0635} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {544845D7-298D-4ADB-A455-74E278B545C0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {567D657E-DCE6-433A-9565-D3AEB217F442} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {658DC323-0E56-4886-A101-4E000EF6F5AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6635E7D4-7E55-462A-BCFC-A675077DB027} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {6BCB0B97-9E66-458B-AC66-7AA71622445D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {6BFC9AE9-AE70-499D-BE0C-5F066419A1E0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7619CE78-CD89-4924-93A9-1F4CC9892F23} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7991CC28-8290-49F4-99C4-4DEBD1B3C9C9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79DAE953-BE4D-4F9E-B4D4-137AA6C9096A} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-04-25] (Rivet Networks LLC -> DELL)
Task: {8C2D4AA0-C2CB-4DA5-8507-D93934C0B365} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D56C7D1-5411-437B-95A6-07F0ED3AB4A0} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d7fe6c967f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {991E2B00-8079-4C8B-8A07-B5F29E95B6E0} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [726488 2019-09-10] (Dell Inc. -> Dell Inc.)
Task: {9F17804F-E3B7-4C79-909A-1231DA72BA2C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-12-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {C77F7A5E-3BD4-4065-B3C9-6AD049CB25ED} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCBB5C87-45CA-40DE-8A25-7047C61136AA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} "C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe"
Task: {D1403994-9260-40D1-B28C-032D27DE6F63} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {D643E1A0-4E43-46CE-B20C-BBE56BBF9E55} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DHQVSUB-sam => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D86B3FB9-AAF6-4AB5-B88C-565A5A681C90} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA521B6D-B3E7-48B3-A6E7-108DD672E142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCCDA64D-6E6F-4DE5-B94D-3B4E73599F07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2102924-1A8B-4094-9367-49DD56CEFEF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {F4EBC9D5-8A97-4C58-83D7-96B5176FC90E} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: {F952A02E-2C46-4149-A027-9EC1C9DF2DC6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FEA89522-779D-4F39-9302-9A4119FE9296} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6e164ccb-710a-4219-9a7d-a1fc77fd0be5}: [DhcpNameServer] 10.13.109.99
Tcpip\..\Interfaces\{8f921205-9c22-4e1e-b52c-d7c7e11973c7}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {D096DFE0-4A88-4155-AEB6-DECED1988D66} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
 
FireFox:
========
FF DefaultProfile: qomgciiy.default
FF ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\qomgciiy.default [2019-12-16]
FF ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release [2019-12-16]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\[email protected] [2019-12-14]
FF Extension: (Search Manager) - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2019-12-11] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-03]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Notifications: Default -> hxxps://vvb6.mentprocester.info
CHR Profile: C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default [2019-12-16]
CHR DownloadDir: C:\Users\sam\Desktop
CHR Extension: (Slides) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-03]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2019-06-10]
CHR Extension: (Docs) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-03]
CHR Extension: (Google Drive) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-03]
CHR Extension: (Search Manager) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoagceacaklimpcejjofabngcjkebfg [2019-12-11]
CHR Extension: (YouTube) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-03]
CHR Extension: (Honey) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-11-21]
CHR Extension: (Tampermonkey) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-11-30]
CHR Extension: (Sheets) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-03]
CHR Extension: (Google Docs Offline) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-06]
CHR Extension: (Grammarly for Chrome) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-12]
CHR Extension: (Search Manager) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccfgpamboionigdpfjmijhlgmgdbael [2019-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (SAG) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\piljlfgibadchadlhlcfoecfbpdeiemd [2019-12-15]
CHR Extension: (Gmail) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-28]
CHR HKLM\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
CHR HKLM-x32\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel® Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [424288 2018-05-23] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-11-02] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-05-21] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3373600 2019-05-21] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218144 2019-05-21] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-09-13] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2789792 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-08] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-08] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-03-03] (McAfee, Inc. -> McAfee, Inc.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18953880 2019-09-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-23] (ProtonVPN AG -> )
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [190296 2018-05-23] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [974936 2019-11-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1457240 2019-11-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-04-25] (Rivet Networks LLC -> CloudBees, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe [1970592 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2019-12-04] (Razer USA Ltd. -> Razer Inc.)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-04-25] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [48600 2019-09-10] (Dell Inc. -> Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-11-22] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [238376 2019-11-22] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-11-22] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107760 2019-09-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 0310251551642761mcinstcleanup; C:\WINDOWS\TEMP\031025~1.EXE -cleanup -nolog [X]
S3 McAWFwk; "c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe" [X]
S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 ModuleCoreService; "C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 PEFService; "C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-09-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R1 BadlionAnticheat; C:\WINDOWS\system32\drivers\BadlionAnticheat.sys [2490088 2019-09-30] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739024 2019-11-13] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [133480 2017-06-22] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309144 2019-10-30] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16198008 2019-06-20] (FACE IT LIMITED -> )
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564136 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [91200 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094048 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [74656 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [18189864 2019-09-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2358112 2018-05-23] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009120 2017-09-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 SilvrLnk; C:\WINDOWS\System32\drivers\silvrlnk.sys [129536 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-04-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-20] (Valve Corp. -> )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 TIEHDUSB; C:\WINDOWS\System32\drivers\tiehdusb.sys [128512 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [637112 2019-10-22] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-16 20:44 - 2019-12-16 20:46 - 000047765 _____ C:\Users\sam\Desktop\FRST.txt
2019-12-16 20:43 - 2019-12-16 20:43 - 002264064 _____ (Farbar) C:\Users\sam\Desktop\FRST64.exe
2019-12-16 20:41 - 2019-12-16 20:45 - 000000000 ____D C:\FRST
2019-12-16 20:41 - 2019-12-16 20:41 - 002264064 _____ (Farbar) C:\Users\sam\Downloads\FRST64.exe
2019-12-16 20:04 - 2019-12-16 20:04 - 000075292 _____ C:\ProgramData\agent.update.1576555427.bdinstall.v2.bin
2019-12-16 17:33 - 2019-12-16 17:33 - 000001194 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-12-16 17:32 - 2019-03-20 23:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2019-12-16 17:30 - 2019-12-16 17:30 - 000001209 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2019-12-16 17:30 - 2019-12-16 17:30 - 000001209 _____ C:\ProgramData\Desktop\Bitdefender Antivirus Free.lnk
2019-12-16 17:30 - 2019-12-16 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2019-12-16 17:30 - 2019-12-16 17:30 - 000000000 ____D C:\ProgramData\Bitdefender
2019-12-16 17:30 - 2019-10-30 08:45 - 000309144 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-12-16 17:30 - 2019-10-22 12:38 - 000637112 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2019-12-16 17:30 - 2018-11-28 05:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2019-12-16 17:29 - 2019-11-18 19:08 - 000564136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-12-16 17:29 - 2019-11-13 17:32 - 000739024 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-12-16 17:29 - 2019-09-23 09:43 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2019-12-16 17:22 - 2019-12-16 17:22 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-12-16 17:20 - 2019-12-16 20:52 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-12-16 17:18 - 2019-12-16 20:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-12-16 17:18 - 2019-12-16 17:18 - 010527368 _____ C:\Users\sam\Downloads\bitdefender_online.exe
2019-12-16 17:18 - 2019-12-16 17:18 - 000103384 _____ C:\ProgramData\agent.1576545530.bdinstall.v2.bin
2019-12-16 17:18 - 2019-12-16 17:18 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-12-16 17:13 - 2019-12-16 17:13 - 019255000 _____ (Microsoft Corporation) C:\Users\sam\Downloads\MediaCreationTool1909 (1).exe
2019-12-16 17:13 - 2019-12-16 17:13 - 000000000 ___HD C:\$Windows.~WS
2019-12-16 17:12 - 2019-12-16 17:18 - 000000000 ____D C:\ESD
2019-12-16 17:10 - 2019-12-16 17:10 - 019255000 _____ (Microsoft Corporation) C:\Users\sam\Downloads\MediaCreationTool1909.exe
2019-12-16 16:49 - 2019-12-16 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\%Data%
2019-12-16 15:48 - 2019-12-16 16:29 - 000000000 ___HD C:\$SysReset
2019-12-14 19:35 - 2019-12-16 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-12-14 19:35 - 2019-12-14 19:35 - 000003240 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-12-14 19:33 - 2019-12-16 17:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-14 19:27 - 2019-12-14 19:28 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-12-14 19:27 - 2019-12-14 19:27 - 002881472 _____ (Kaspersky Lab) C:\Users\sam\Downloads\ks3.020.0.14.1085aen_es_fr_19095.exe
2019-12-14 19:22 - 2019-12-14 19:23 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-12-14 19:16 - 2019-12-14 19:16 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-12-14 19:16 - 2019-12-14 19:15 - 000854696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.157637981318708
2019-12-14 19:15 - 2019-12-14 19:31 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-14 19:14 - 2019-12-14 19:14 - 000230080 _____ (AVAST Software) C:\Users\sam\Downloads\avast_free_antivirus_setup_online.exe
2019-12-14 16:55 - 2019-12-14 16:55 - 000652848 _____ (Shark Labs) C:\Users\sam\Downloads\VoiceChanger64f(1.10).exe
2019-12-14 16:55 - 2019-12-14 16:55 - 000002164 _____ C:\Users\Public\Desktop\ClownfishVoiceChanger.lnk
2019-12-14 16:55 - 2019-12-14 16:55 - 000002164 _____ C:\ProgramData\Desktop\ClownfishVoiceChanger.lnk
2019-12-14 16:55 - 2019-12-14 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
2019-12-13 15:53 - 2019-12-13 15:53 - 000001905 _____ C:\Users\Public\Desktop\Alpha Console.lnk
2019-12-13 15:53 - 2019-12-13 15:53 - 000001905 _____ C:\ProgramData\Desktop\Alpha Console.lnk
2019-12-13 15:52 - 2019-12-14 19:16 - 000000000 ____D C:\avast! sandbox
2019-12-13 15:51 - 2019-12-13 15:51 - 035678645 _____ (AlphaConsole ) C:\Users\sam\Downloads\AlphaConsole_Setup_9.15.4.0.exe
2019-12-12 17:46 - 2019-12-14 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-11 17:33 - 2019-12-11 17:33 - 029156400 _____ C:\Users\sam\Downloads\Reality PSD.psd
2019-12-11 15:19 - 2019-12-11 15:19 - 000000000 ___HD C:\$AV_AVG
2019-12-11 15:15 - 2019-12-11 15:19 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
2019-12-11 15:09 - 2019-12-13 18:43 - 000000000 ____D C:\Users\sam\AppData\Local\AVG
2019-12-11 15:05 - 2019-12-11 15:12 - 000000000 ____D C:\Users\sam\AppData\Local\22a66be3f8029028
2019-12-11 15:05 - 2019-12-11 15:06 - 000000000 ____D C:\ProgramData\{DF03E33F-F72B-9B47-AF73-B36F479B6BB7}
2019-12-11 15:05 - 2019-12-11 15:05 - 000001359 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-12-11 15:05 - 2019-12-11 15:05 - 000000000 ____D C:\Users\sam\AppData\Local\{D923EF7F-FD8B-83C7-9013-A62FB47B5AB7}
2019-12-11 15:04 - 2019-12-16 20:19 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-12-11 15:04 - 2019-12-13 18:43 - 000000000 ____D C:\ProgramData\AVG
2019-12-11 15:04 - 2019-12-11 15:04 - 003055328 _____ (Pokibagel ) C:\Users\sam\Downloads\SpotifyFullSetup_0886379966.exe
2019-12-11 14:06 - 2019-12-11 14:06 - 000032670 _____ C:\Users\sam\Downloads\LongEssay_F2019.pdf
2019-12-11 00:04 - 2019-12-11 00:04 - 032250312 _____ C:\Users\sam\Downloads\18 Views of Plane Impact in South Tower  911 World Trade Center [HD DOWNLOAD].mp4
2019-12-10 23:58 - 2019-12-10 23:58 - 000395790 _____ C:\Users\sam\Downloads\Explosion croma key green screen with explosion sound effect!.mp4
2019-12-10 23:53 - 2019-12-10 23:53 - 003551186 _____ C:\Users\sam\Downloads\Lego flash bang Granade.mp4
2019-12-10 23:37 - 2019-12-10 23:38 - 000560760 _____ C:\Users\sam\Downloads\Neck crack.mp4
2019-12-10 23:35 - 2019-12-10 23:35 - 000343146 _____ C:\Users\sam\Downloads\YOU DIED (HD).mp4
2019-12-10 23:32 - 2019-12-10 23:32 - 000109450 _____ C:\Users\sam\Downloads\hydro.mp4
2019-12-10 21:54 - 2019-12-10 21:55 - 000000000 ____D C:\WINDOWS\LastGood
2019-12-10 21:38 - 2019-12-08 07:30 - 011843728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000451440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000352504 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 010167744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 001001408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000824256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000676608 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000545296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 017462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 015030896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 005382232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 004717656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001568504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001483712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001371648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001064840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000573176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-12-10 21:38 - 2019-12-08 07:28 - 000557072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000452720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-12-10 21:38 - 2019-12-08 07:27 - 040510424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 004224176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-12-10 21:38 - 2019-12-06 20:31 - 000075706 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-09 21:00 - 2019-12-09 21:00 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-12-09 21:00 - 2019-12-09 21:00 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2019-12-09 21:00 - 2019-12-01 14:06 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2019-12-05 20:09 - 2019-12-05 20:17 - 096244677 _____ C:\Users\sam\Desktop\History of Cameras_1.mp4
2019-12-03 22:15 - 2019-12-03 22:15 - 000000219 _____ C:\Users\sam\Desktop\Team Fortress 2.url
2019-12-03 17:33 - 2019-12-03 17:33 - 000000039 _____ C:\Users\sam\AppData\Local\kritadisplayrc
2019-12-03 17:02 - 2019-12-03 17:33 - 000016144 _____ C:\Users\sam\AppData\Local\kritarc
2019-12-03 17:02 - 2019-12-03 17:02 - 000000000 ____D C:\Users\sam\AppData\Roaming\krita
2019-12-03 17:02 - 2019-12-03 17:02 - 000000000 ____D C:\Users\sam\AppData\Local\krita
2019-12-01 21:49 - 2019-12-01 21:49 - 000000000 ____D C:\Users\sam\AppData\LocalLow\HFM Games
2019-12-01 21:41 - 2019-12-01 21:41 - 000000222 _____ C:\Users\sam\Desktop\Hand Simulator.url
2019-12-01 16:54 - 2019-12-01 16:55 - 000000598 _____ C:\ProgramData\ClownfishVoiceChanger.ini
2019-12-01 16:54 - 2019-12-01 16:54 - 000000000 ____D C:\ProgramData\ClownfishSoundTemp
2019-12-01 16:54 - 2019-12-01 16:54 - 000000000 ____D C:\ProgramData\Clownfish_VST_cfg
2019-12-01 16:52 - 2019-12-01 16:52 - 000002225 _____ C:\Users\sam\Desktop\Discord.lnk
2019-12-01 16:51 - 2019-12-01 16:52 - 000000000 ____D C:\Users\sam\AppData\Local\Discord
2019-12-01 16:51 - 2019-12-01 16:51 - 061370712 _____ (Discord Inc.) C:\Users\sam\Downloads\DiscordSetup (2).exe
2019-12-01 16:46 - 2019-12-14 19:06 - 000000000 ____D C:\Users\sam\AppData\Roaming\Discord
2019-12-01 15:22 - 2019-12-01 15:22 - 061370712 _____ (Discord Inc.) C:\Users\sam\Downloads\DiscordSetup (1).exe
2019-12-01 14:06 - 2019-12-01 14:06 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-12-01 14:06 - 2019-12-01 14:06 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-12-01 13:55 - 2019-12-05 19:26 - 000000000 ____D C:\Users\sam\Desktop\History of Cameras Pictures
2019-11-30 15:52 - 2019-12-11 00:08 - 000000000 ____D C:\Users\sam\Desktop\GYG Montage
2019-11-23 14:58 - 2019-11-23 14:58 - 000634400 _____ (Shark Labs) C:\Users\sam\Downloads\VoiceChanger64(1.10).exe
2019-11-23 14:00 - 2019-11-23 14:00 - 000000000 ____D C:\Users\sam\AppData\Local\Prominence
2019-11-22 18:53 - 2019-11-22 18:54 - 041525176 _____ C:\Users\sam\Desktop\soggy aecfinal_Trim_Trim.mp4
2019-11-22 18:52 - 2019-11-22 18:52 - 232380651 _____ C:\Users\sam\Desktop\soggy aecfinal_Trim.mp4
2019-11-22 17:58 - 2019-12-03 17:23 - 000000000 ____D C:\Users\sam\Documents\MEGAsync Downloads
2019-11-22 17:57 - 2019-11-22 17:57 - 000000000 ___RD C:\Users\sam\Documents\MEGAsync
2019-11-22 17:55 - 2019-11-22 17:55 - 000001121 _____ C:\Users\sam\Desktop\MEGAsync.lnk
2019-11-22 17:55 - 2019-11-22 17:55 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-11-22 17:55 - 2019-11-22 17:55 - 000000000 ____D C:\Users\sam\AppData\Local\MEGAsync
2019-11-22 17:55 - 2019-11-22 17:55 - 000000000 ____D C:\Users\sam\AppData\Local\Mega Limited
2019-11-22 17:51 - 2019-11-22 17:52 - 033424624 _____ (MEGA Limited) C:\Users\sam\Downloads\MEGAsyncSetup.exe
2019-11-22 17:49 - 2019-11-22 17:49 - 000001654 _____ C:\Users\sam\Downloads\READ BEFORE DOWNLOADING CLIPS.txt
2019-11-21 22:13 - 2019-11-21 22:13 - 000047271 _____ C:\Users\sam\Downloads\History of Cameras.pdf
2019-11-21 20:46 - 2019-11-21 20:46 - 000270378 _____ C:\Users\sam\Downloads\Lab 6 CHM130LL Empirical Formula of Magnesium Oxide w answers.pdf
2019-11-21 19:11 - 2019-11-21 19:11 - 000000222 _____ C:\Users\sam\Desktop\Prominence Poker.url
2019-11-21 19:10 - 2019-11-21 19:10 - 000000222 _____ C:\Users\sam\Desktop\Downtown Casino Texas Hold'em Poker.url
2019-11-18 18:31 - 2019-11-18 18:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-11-18 18:27 - 2019-11-18 18:27 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2019-11-18 18:26 - 2019-11-18 18:29 - 000000000 ____D C:\Wondershare UniConverter
2019-11-18 18:26 - 2019-11-18 18:26 - 000000000 ____D C:\Users\sam\AppData\Roaming\Wondershare
2019-11-18 18:26 - 2019-11-18 18:26 - 000000000 ____D C:\ProgramData\GraphicsType
2019-11-18 18:25 - 2019-11-18 18:26 - 000000000 ____D C:\Users\sam\AppData\Local\Wondershare
2019-11-18 18:25 - 2019-11-18 18:25 - 000001304 _____ C:\Users\Public\Desktop\Wondershare UniConverter.lnk
2019-11-18 18:25 - 2019-11-18 18:25 - 000001304 _____ C:\ProgramData\Desktop\Wondershare UniConverter.lnk
2019-11-18 18:25 - 2019-11-18 18:25 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2019-11-18 18:25 - 2019-11-18 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-11-18 18:24 - 2019-11-18 18:27 - 000000000 ____D C:\ProgramData\Wondershare
2019-11-18 18:24 - 2019-11-18 18:24 - 000000000 ____D C:\Users\sam\AppData\Roaming\TransferSupport
2019-11-18 18:24 - 2019-11-18 18:24 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-11-18 18:23 - 2019-11-18 18:26 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-11-18 18:23 - 2019-11-18 18:26 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2019-11-18 18:23 - 2019-11-18 18:23 - 000990312 _____ C:\Users\sam\Downloads\video-converter-ultimate_setup_full495.exe
2019-11-18 18:13 - 2019-11-18 18:13 - 094328396 _____ C:\Users\sam\Downloads\Luke_TD-Jesuit (1).MOV
2019-11-18 18:12 - 2019-11-18 18:12 - 094328396 _____ C:\Users\sam\Downloads\Luke_TD-Jesuit.MOV
2019-11-18 18:09 - 2019-11-18 18:09 - 002177265 _____ C:\Users\sam\Desktop\slow mo effect.mp4
2019-11-18 18:07 - 2019-11-18 18:07 - 016254245 _____ C:\Users\sam\Downloads\Top 5 Slow Motion Sound Effects.mp4
2019-11-16 22:12 - 2019-11-16 22:14 - 003333764 _____ C:\Users\sam\Downloads\attachments.zip
2019-11-16 20:20 - 2019-12-16 20:02 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2019-11-16 20:20 - 2019-11-16 20:20 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-11-16 20:15 - 2019-11-06 20:23 - 000081581 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2019-11-16 17:08 - 2019-11-16 20:29 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-16 20:42 - 2019-03-02 23:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-16 20:20 - 2019-03-02 23:47 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-16 20:20 - 2019-01-04 03:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-16 20:17 - 2019-09-30 18:01 - 000000000 ____D C:\Users\sam\AppData\Roaming\badpanda-react
2019-12-16 20:17 - 2019-09-07 15:45 - 000000000 ____D C:\Users\sam\AppData\Local\LogMeIn Hamachi
2019-12-16 20:16 - 2019-03-03 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-16 20:15 - 2019-04-24 17:14 - 000021827 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-12-16 20:15 - 2019-04-24 17:14 - 000017982 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-12-16 20:15 - 2019-04-24 17:14 - 000017502 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-12-16 20:15 - 2019-03-02 23:47 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-16 20:02 - 2019-03-03 00:33 - 000000000 ____D C:\Users\sam
2019-12-16 20:02 - 2019-03-03 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-16 17:33 - 2019-03-02 23:54 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-16 17:25 - 2019-03-02 23:53 - 000000000 ____D C:\WINDOWS\INF
2019-12-16 17:24 - 2019-01-04 03:34 - 000000000 ____D C:\Program Files\Common Files\av
2019-12-16 17:14 - 2019-08-28 19:27 - 000026087 _____ C:\WINDOWS\diagwrn.xml
2019-12-16 17:14 - 2019-08-28 19:27 - 000020958 _____ C:\WINDOWS\diagerr.xml
2019-12-16 17:14 - 2019-03-13 15:54 - 000000000 ____D C:\Users\sam\AppData\Local\CrashDumps
2019-12-16 17:14 - 2019-03-02 23:47 - 000000000 ____D C:\WINDOWS\Panther
2019-12-16 17:10 - 2019-03-18 23:02 - 000000000 ____D C:\$WINDOWS.~BT
2019-12-16 16:29 - 2019-03-02 23:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-16 14:30 - 2019-06-02 09:40 - 000001395 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-12-15 23:16 - 2019-03-03 10:23 - 000000000 ____D C:\Users\sam\AppData\Local\Spotify
2019-12-15 23:13 - 2019-03-03 00:38 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-15 22:43 - 2019-03-03 10:23 - 000000000 ____D C:\Users\sam\AppData\Roaming\Spotify
2019-12-15 22:22 - 2019-03-26 17:31 - 000000619 _____ C:\Users\sam\Documents\ClownfishVoiceChanger.ini
2019-12-14 19:06 - 2019-03-03 10:30 - 000000000 ____D C:\Users\sam\AppData\Local\D3DSCache
2019-12-14 16:55 - 2019-05-20 10:43 - 000000000 ____D C:\Program Files (x86)\ClownfishVoiceChanger
2019-12-13 18:43 - 2019-06-25 11:03 - 000000416 _____ C:\WINDOWS\Tasks\update-sys.job
2019-12-13 18:43 - 2019-06-25 11:03 - 000000416 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001.job
2019-12-13 18:34 - 2019-10-07 18:21 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d7ff93a809
2019-12-13 18:34 - 2019-10-07 18:21 - 000003152 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d7fe6c967f
2019-12-13 18:34 - 2019-10-02 17:35 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-12-13 18:34 - 2019-05-29 14:46 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-05-29 14:46 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-05-29 14:46 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-05-29 14:46 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:55 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:55 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:55 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:55 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:27 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-13 18:34 - 2019-03-03 00:27 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-12 17:52 - 2019-03-03 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2019-12-12 14:15 - 2019-10-02 17:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-12 14:15 - 2019-10-02 17:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-10 23:33 - 2019-03-03 00:57 - 000000000 ____D C:\Users\sam\AppData\Local\NVIDIA
2019-12-09 20:57 - 2019-09-30 18:00 - 000002346 _____ C:\Users\sam\Desktop\Gif Your Game.lnk
2019-12-08 17:45 - 2019-07-28 19:49 - 000000000 ____D C:\Users\sam\Documents\Lightshot
2019-12-08 16:28 - 2019-03-25 18:42 - 000001429 _____ C:\Users\sam\Desktop\Roblox Player.lnk
2019-12-08 16:28 - 2019-03-25 18:42 - 000001244 _____ C:\Users\sam\Desktop\Roblox Studio.lnk
2019-12-08 16:28 - 2019-03-25 18:42 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-12-08 15:34 - 2019-03-02 23:54 - 000000000 ___RD C:\Program Files\Windows Defender
2019-12-08 07:28 - 2019-05-09 18:23 - 002076064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-08 07:28 - 2019-03-21 16:31 - 000659152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-08 07:27 - 2019-02-08 20:12 - 004957288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-08 00:13 - 2019-04-24 20:45 - 000013781 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-12-05 19:36 - 2019-05-17 13:28 - 000000000 ____D C:\Users\sam\AppData\Roaming\slobs-client
2019-12-05 19:23 - 2019-05-14 10:23 - 000000000 ____D C:\Program Files\Streamlabs OBS
2019-12-05 17:23 - 2019-03-02 23:54 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-05 17:23 - 2019-03-02 23:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-04 23:17 - 2019-04-25 20:02 - 000013112 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-12-03 22:15 - 2019-03-03 00:45 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-01 16:52 - 2019-03-03 00:40 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-12-01 16:52 - 2019-03-03 00:40 - 000000000 ____D C:\Users\sam\AppData\Local\SquirrelTemp
2019-12-01 14:03 - 2019-03-19 19:37 - 000000000 ___RD C:\Users\sam\Creative Cloud Files
2019-11-30 22:41 - 2019-03-03 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-11-30 22:39 - 2019-03-03 00:59 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2019-11-29 22:24 - 2019-04-30 20:10 - 000013451 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-11-28 13:52 - 2019-04-29 19:25 - 000013513 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-11-27 16:37 - 2019-04-28 20:06 - 000013108 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-11-26 22:08 - 2019-04-28 09:53 - 000013046 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-11-25 21:28 - 2019-03-09 18:07 - 000000000 ____D C:\Users\sam\AppData\Roaming\DS4Windows
2019-11-24 15:56 - 2019-07-18 08:52 - 000002359 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-24 15:56 - 2019-03-03 00:37 - 000000000 ___RD C:\Users\sam\OneDrive
2019-11-23 14:00 - 2019-03-10 16:33 - 000000000 ____D C:\Users\sam\AppData\Local\UnrealEngine
2019-11-20 16:24 - 2019-03-03 00:37 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 16:24 - 2019-03-03 00:37 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-20 16:24 - 2019-03-03 00:37 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-18 19:59 - 2019-03-03 00:11 - 000310528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-16 23:49 - 2019-09-11 16:42 - 000000000 ____D C:\Users\sam\AppData\Local\Battle.net
2019-11-16 22:14 - 2019-11-10 15:47 - 000000000 ____D C:\Users\sam\Desktop\Kendama 1 month clips
2019-11-16 20:20 - 2019-03-03 00:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-11-16 20:12 - 2019-03-03 00:57 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-11-16 20:12 - 2019-03-03 00:57 - 000001445 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-11-16 20:12 - 2019-03-03 00:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-16 20:11 - 2019-01-04 03:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-16 20:11 - 2019-01-04 03:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-16 20:08 - 2019-09-19 15:19 - 000000000 ____D C:\Users\sam\Documents\Call of Duty Modern Warfare
2019-11-16 17:11 - 2019-09-11 16:40 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-11-16 17:07 - 2019-06-09 12:01 - 000000000 ____D C:\Users\sam\AppData\Local\Ubisoft Game Launcher
 
==================== Files in the root of some directories ========
 
2019-12-03 17:02 - 2019-12-03 17:33 - 000015320 _____ () C:\Users\sam\AppData\Local\krita.log
2019-12-03 17:33 - 2019-12-03 17:33 - 000000039 _____ () C:\Users\sam\AppData\Local\kritadisplayrc
2019-12-03 17:02 - 2019-12-03 17:33 - 000016144 _____ () C:\Users\sam\AppData\Local\kritarc
2019-03-19 19:33 - 2019-03-19 19:33 - 000000410 _____ () C:\Users\sam\AppData\Local\oobelibMkey.log
2019-08-24 10:03 - 2019-08-24 10:03 - 000000881 _____ () C:\Users\sam\AppData\Local\recently-used.xbel
2019-06-25 11:03 - 2019-06-25 11:03 - 000000003 _____ () C:\Users\sam\AppData\Local\updater.log
2019-06-25 11:03 - 2019-06-25 11:03 - 000000425 _____ () C:\Users\sam\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by sam (16-12-2019 20:58:55)
Running from C:\Users\sam\Desktop
Windows 10 Home Version 1809 17763.864 (X64) (2019-03-03 08:28:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3762797259-1065414235-235543805-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3762797259-1065414235-235543805-503 - Limited - Disabled)
Guest (S-1-5-21-3762797259-1065414235-235543805-501 - Limited - Disabled)
sam (S-1-5-21-3762797259-1065414235-235543805-1001 - Administrator - Enabled) => C:\Users\sam
WDAGUtilityAccount (S-1-5-21-3762797259-1065414235-235543805-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Action! (HKLM-x32\...\Mirillis Action!) (Version: 3.9.3 - Mirillis)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
AlphaConsole version 9.15.4.0 (All users) (HKLM-x32\...\{CCCDBFCF-CD8B-4728-915A-DCB71C1118BE}_is1) (Version: 9.15.4.0 - AlphaConsole)
AlphaConsole version 9.9.14.0 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{CCCDBFCF-CD8B-4728-915A-DCB71C1118BE}_is1) (Version: 9.9.14.0 - AlphaConsole)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version:  - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atom (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\atom) (Version: 1.40.1 - GitHub Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Badlion Client 2.9.3 (HKLM\...\{1de14785-dd8c-5cd2-aae8-d4a376f81d78}) (Version: 2.9.3 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.16.146 - Bitdefender)
Bitsonic Keyzone Classic 1.0 (HKLM\...\{88888ED7-TBF6-9E32-C2C5-KF14615389C8}_is1) (Version: 1.0 - Bitsonic LP)
Call of Duty Modern Warfare Beta (HKLM-x32\...\Call of Duty Modern Warfare Beta) (Version:  - Blizzard Entertainment)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{95BD6E30-2B18-4FB0-B5AE-8250E5584831}) (Version: 3.3.3.13 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Version: 3.0.1 - Dell, Inc.)
Discord (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\FACEITApp) (Version: 1.22.5 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gif Your Game 2.1.4 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 2.1.4 - Bad Panda, Inc.)
GIMP 2.10.12 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Ironsight version 1.0 (HKLM-x32\...\Ironsight_is1) (Version: 1.0 - Aeria Games)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LMMS 1.2.0 (HKLM-x32\...\LMMS) (Version: 1.2.0 - LMMS Developers)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 68.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 65.0.3467.72 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Opera 65.0.3467.72) (Version: 65.0.3467.72 - Opera Software)
osu! (HKLM-x32\...\{d79dee71-be57-43f8-8bb6-549e8b3860be}) (Version: latest - ppy Pty Ltd)
PbPLauncher (HKLM-x32\...\{A5FD8264-C689-4FF6-8712-9BCB4E6D231D}) (Version: 1.0.0 - Pixel by Pixel Studios Inc.)
ProtonVPN (HKLM-x32\...\{2F7C9F34-7064-4637-8CCA-A7BA72E88257}) (Version: 1.8.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.8.1) (Version: 1.8.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PvPLounge Launcher (HKLM\...\ad8f9f29-9001-57dc-871c-20ee37a85c88) (Version: 0.1.8 - Digital Ingot, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.6.34.1043 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Roblox Player for sam (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for sam (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Search Powered by Yahoo! (HKLM-x32\...\{6DB68576-3D36-54F6-8CB6-24765C36F7F6}) (Version:  - )
SmartByte Drivers and Services (HKLM\...\{C4F38455-B9B0-48C7-BC4C-8D4F4A27506E}) (Version: 2.0.613 - Rivet Networks)
SoundBridge (64 bit) (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{22BB2C21-AD40-4159-93C8-496ED8341B63}) (Version: 1.10 - SoundBridge)
Spotify (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.14.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.14.1 - General Workings, Inc.)
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.5.0.9 - GOG.com)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Trapcode Suite (HKLM\...\Trapcode Suite v15.1.3) (Version:  - Red Giant LLC)
Twitch (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.5.1.0) (HKLM-x32\...\UniConverter_is1) (Version: 11.5.1.0 - Wondershare Software)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.26.7.0_x86__kgqvnymyfvs32 [2019-11-28] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1652.1.0_x86__kgqvnymyfvs32 [2019-12-02] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-05] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.17.0_x64__htrsf667h5kn2 [2019-03-03] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.41.0_x64__htrsf667h5kn2 [2019-10-24] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0 [2019-05-01] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.3.8.0_x64__htrsf667h5kn2 [2019-09-13] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_3.0.160.0_x64__htrsf667h5kn2 [2019-03-03] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2019-10-01] (Dropbox Inc.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-03] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa [2019-10-29] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-03] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.16.0_x64__wafk5atnkzcwy [2019-10-08] (McAfee Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.105.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.2.38.0_x64__htrsf667h5kn2 [2019-07-31] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-24] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-03] (Plex)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.87.8848.2_x64__8wekyb3d8bbwe [2019-11-22] (ms-resource:PublisherDisplayName)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_2.5.713.0_x64__rh07ty8m5nkag [2019-04-23] (Rivet Networks LLC)
SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2019-06-08] (Soundcloud Ltd.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-711CA632D15D} -> [Creative Cloud Files] => C:\Users\sam\Creative Cloud Files [2019-03-19 19:37]
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{B38AEB62-DF93-43DA-91B6-B8E42C8EC580} -> [MEGAsync] => C:\Users\sam\Documents\MEGAsync [2019-11-22 17:57]
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-25] (Beepa P/L) [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2019-12-16 20:17 - 2019-12-16 20:17 - 000218112 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\40ff6fa7-3097-44e3-9ce9-6686f593d657.tmp.node
2019-12-16 20:17 - 2019-12-16 20:17 - 000218112 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\805982a9-034c-4f7d-b905-854a211858c6.tmp.node
2019-12-16 20:17 - 2019-12-16 20:17 - 000358400 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\a1a66c9a-7795-46bc-8c6f-9d2137af649b.tmp.node
2019-12-16 20:18 - 2019-12-16 20:18 - 001065984 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\b3fc91e9-95f9-4e37-9626-a19a660d4503.tmp.node
2019-12-16 20:17 - 2019-12-16 20:17 - 000137728 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\c028047e-8a5e-4764-8ac2-829275d6d9a5.tmp.node
2019-12-16 20:17 - 2019-12-16 20:17 - 000358400 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\d645c9e0-f6ec-46b9-bd0f-5b52b3c389c2.tmp.node
2019-12-16 20:17 - 2019-12-16 20:17 - 000143872 _____ () [File not signed] \\?\C:\Users\sam\AppData\Local\Temp\e294223c-f0cc-4afb-80d1-08ef4e456ea0.tmp.node
2019-11-18 18:25 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-11-18 18:25 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-04-08 02:58 - 2019-04-08 02:58 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-04-23 23:54 - 2019-04-23 23:54 - 000483328 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2019-09-30 18:00 - 2019-12-09 15:54 - 001987072 _____ () [File not signed] C:\Users\sam\AppData\Local\Programs\badpanda-react\ffmpeg.dll
2019-09-30 18:00 - 2019-12-09 15:54 - 000117248 _____ () [File not signed] C:\Users\sam\AppData\Local\Programs\badpanda-react\swiftshader\libegl.dll
2019-09-30 18:00 - 2019-12-09 15:54 - 002253312 _____ () [File not signed] C:\Users\sam\AppData\Local\Programs\badpanda-react\swiftshader\libglesv2.dll
2018-04-25 10:28 - 2018-04-25 10:28 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-06-25 11:03 - 2017-05-23 11:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2019-06-25 11:03 - 2017-05-23 11:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2017-09-13 22:37 - 2017-09-13 22:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-13 22:37 - 2017-09-13 22:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-13 22:37 - 2017-09-13 22:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-13 22:42 - 2017-09-13 22:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-13 22:37 - 2017-09-13 22:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\sam\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-11-18 18:25 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-14 23:31 - 2018-09-14 23:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\sam\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sam\Downloads\Logo-New-York-Giants-Wallpapers.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "BakkesMod"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{463CB25C-954E-4192-8148-F6A605069D7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File
FirewallRules: [{3CBB3342-BF30-40A3-96B4-ECC2D82ED950}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
FirewallRules: [{2F4E5B21-63AB-4501-9523-B4019596760A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
FirewallRules: [{9110F57E-2351-46FA-B224-44C056353AA3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{01778FCD-F116-4644-9236-81BA01ECEC51}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{73101ADF-4E5D-4CC8-A64B-D0DD087FA6E7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{F603CB82-9A5B-4DDD-8447-D18983ADDACC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5090168E-6A34-489B-9933-463D7AE59810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FCCDA176-49B3-4368-8582-EE7C9B621B71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{19DC50B6-3465-4CC5-97D5-4D282C693EC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{28D3D222-3C35-401A-8DBF-3D559FEDE37A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53BFE407-CB78-4B60-8AA8-6DB8025E2D12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{495D980E-8867-4A9B-9708-7C0A3E773162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{76B5C987-6F8C-42A1-BDA3-B20B40FB69FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{29FCB897-E677-4BB1-92A9-A6A503992E87}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{74C2B9D5-2559-4359-9E07-B7A179FFFEB6}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA63CAEA-6730-4FE6-9F19-FE13E9AB370C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5BC25A4-2328-4DF7-9B2C-89394D412A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C716D37F-9560-48AA-8E7E-8A529467E759}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{92108D44-5BA8-49D1-A291-83F8B79341A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2097F252-E73A-49F9-87A0-9A518F799994}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{24D8450D-720A-43C7-AE61-3185CFD934FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4A96E04F-11DB-4892-8D70-0430DE4EB43D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{54113CF0-9DB1-42DC-B670-21F04C7B62DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{A987F98C-9B40-4BFE-A51B-480A547B245A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{05B4A13A-A3E9-4402-A19B-AFE57F73840E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{FB4BF9FD-07D3-4ABD-B737-44174959E1D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
FirewallRules: [{790AD5C9-72F9-408F-A3B1-55B03F62F129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
FirewallRules: [{56115CDD-0CFA-4771-8388-62422D522D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{6A9BA1EF-C14F-4AB9-A871-B2B7AEE23161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{8324F641-C9D2-449F-9EDC-35C3E164BB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [{E6CF99E1-4755-4539-A03F-5E9D7D572E43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [TCP Query User{C70305B5-21F9-4D74-B889-98D95449C809}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{52C17D39-CF97-4309-9730-8AFB8D62F065}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{EDDE347B-C225-4DC8-A3DF-7F4AC7C43C74}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{213D72E2-E3D7-4AE1-A275-C31AC354415F}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [TCP Query User{C434EF00-1E5E-4B18-BBF4-85EBE004B902}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe
FirewallRules: [UDP Query User{23B9FA7A-0A0C-4A1D-89DB-67EB744A95D5}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe
FirewallRules: [{669DEE32-C8F8-4254-8E6F-0D30206DB42E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
FirewallRules: [{01A7121B-A3BD-4846-B8B3-3949EFA91893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
FirewallRules: [TCP Query User{7B6D3407-5523-493F-BB1E-5A0BE3BBFE1A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{B0558E15-E6C0-4062-A967-59143952ED47}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{104A4CD6-41F1-42A4-9F92-093A65E4FE7C}C:\users\sam\appdata\roaming\.pvplounge\launcher.exe] => (Allow) C:\users\sam\appdata\roaming\.pvplounge\launcher.exe (Digital Ingot, Inc. -> )
FirewallRules: [UDP Query User{52D11923-515D-4751-A2DA-571F0F042859}C:\users\sam\appdata\roaming\.pvplounge\launcher.exe] => (Allow) C:\users\sam\appdata\roaming\.pvplounge\launcher.exe (Digital Ingot, Inc. -> )
FirewallRules: [{70B53957-6700-40AF-BA14-A76BCD8699FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E77AC705-0EA5-40AE-989D-959A83998607}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1E2A241E-3202-4C73-89FD-29FAC2228239}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D422E0A0-391A-4CF3-9F28-1CB4BC97AC84}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{2071EE9F-9F2A-4614-95E7-C5DA8DA3AB41}] => (Block) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{90C01C14-6B70-4CEA-8270-A06C9E6B0186}] => (Block) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9AE5808C-B248-490B-B878-91FAB70067BD}C:\users\sam\desktop\new folder (2)\hl.exe] => (Allow) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{3877D2CA-1801-4C7D-B86A-28EC8E6C1062}C:\users\sam\desktop\new folder (2)\hl.exe] => (Allow) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [{00B3034C-AA93-471B-9D63-E1509EE57DEA}] => (Block) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [{267FC301-41F6-4F00-A489-9178CBCC6C4C}] => (Block) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{7759C59D-9F9D-4074-A67E-9E3B3B11A070}C:\users\sam\desktop\new folder (2)\hltv.exe] => (Block) C:\users\sam\desktop\new folder (2)\hltv.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{A4F96245-964B-435F-9B04-70C4556BD20C}C:\users\sam\desktop\new folder (2)\hltv.exe] => (Block) C:\users\sam\desktop\new folder (2)\hltv.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{0659F1A1-9B13-4FEC-884A-DF57A2F8E0D8}C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E4272A67-6105-430E-A9B6-F9B590182C0D}C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{EA859718-A176-496B-99B8-298FC83138EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [File not signed]
FirewallRules: [{526027C7-B9B5-411F-949E-42F6A3138F95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [File not signed]
FirewallRules: [TCP Query User{CF8AB14B-4433-44C6-889C-BA3DB488F872}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{6EFC9BBC-801A-45B4-BB01-A3F7F3E1F82A}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{53C95986-9862-481C-8534-CA5BBF77CDC7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
FirewallRules: [UDP Query User{3F740C46-538F-499F-95B1-A5BF9EA467B7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
FirewallRules: [{9E1B2AF9-FB31-4B2D-A28D-94671FA99A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{5E953F20-5AC0-4DF0-9566-70948CB8B4F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{F10E5657-1DBF-427E-A8AE-C4D745A5C4FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D8DA97BE-1EC1-4B3C-9A73-89F3DA67B14D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B3AD3033-73A8-41B8-9225-15BB36527F69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{5EFB597A-9C32-4880-84F0-FF7DFF8833C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{FDAD0BA6-E47B-4879-B716-70083A39ECDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{BB81C729-1E47-4117-A24E-8714A2B3B433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2594D628-87AF-450A-B9E5-DE2564E90550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{70E7B84A-2FA4-4E73-8E43-AD20F1E461EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{F29FD2F5-5150-4DDF-BCD8-E37FE757DC88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [{F96F50F3-F30A-4917-89D9-411A07680C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [TCP Query User{98A528C4-F1CF-4697-AB9F-169F03B72D50}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{149EF81B-E616-4408-92AC-5B41485FC733}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{299B843E-FC05-4E27-8A43-818CB5A86C43}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47927953-D882-4B13-8B0A-64510E974B7F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5344634-684D-4D35-9F70-D7D38CCD48AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA162BE0-835D-468B-AB1C-57F7FC703F6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79C58F57-9DB1-43E3-AB53-358612C627DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{619A317F-8FD4-4AA6-AD74-D8A50A1D8DF6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{060C9F1A-3EEA-491E-B6CC-B506D6199ED1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{816B64BD-AB49-4C0D-A4EC-516BD7DB6A26}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7507AF71-377C-4E46-8AB9-0C1FD08192F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{27893103-D1BA-4A37-8D02-8B0CF59179D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{7B516515-4280-4367-BAFA-310625103101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57C904E1-92B5-49E3-8710-F496ADABF647}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D457D773-1483-4B96-946F-4CBF5E62ACEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A775A99-58E3-4C75-B11E-DFCA43493688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7779369A-CA6B-402D-AAD5-402FD5B3BCAC}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{6073776B-E4E8-44B5-8B6F-0CA88040098C}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{65A0294B-FF6F-432E-A4AD-0A1D45AB2AE9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{771FEF6A-441F-4B72-A4AF-3C17EB01373B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downtown Casino Poker\dtcpoker_win.exe () [File not signed]
FirewallRules: [{7572788F-2C8D-4256-BE0C-7C90F0700883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downtown Casino Poker\dtcpoker_win.exe () [File not signed]
FirewallRules: [{9AC15B14-310E-4E00-9C8B-F078257519BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe (505 Games) [File not signed]
FirewallRules: [{8E7E9A6A-C9CE-4BBC-B02A-FF2DA9AF38FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe (505 Games) [File not signed]
FirewallRules: [{8CDBC848-C76E-48A2-A679-77AFEA0C6827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{8FD6D27E-1C97-44A1-A55C-3A0820DF29AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{85245014-A20D-4716-8ACC-585C7682F4D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]
FirewallRules: [{1E4E99CD-666D-48AF-92CD-4C0919C206C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]
FirewallRules: [{E636A024-D7BE-4872-A5A5-37D9FDD36953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{66198E1C-A573-4422-A829-E5F9F4265132}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{FB84DB28-7676-4789-A8E5-4A07DD3BBD68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12228.20332.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E249E7C-29BD-4914-9805-12079EC6A418}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{7C913416-14D7-453E-8519-F6771C612A63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{C2BA280F-E0E4-42EC-98D5-ED57FF80EFEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{45F504CC-66B2-4224-A683-53EF94B6655D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:16:09 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/16/2019 08:06:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Gif Your Game.exe version 2.1.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 196c
 
Start Time: 01d5b48f07c6614a
 
Termination Time: 4294967295
 
Application Path: C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
 
Report Id: d4997f4b-0d99-41b8-9b74-c1e8fb161829
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (12/16/2019 08:02:43 PM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
 
System errors:
=============
Error: (12/16/2019 09:03:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/16/2019 09:01:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
 and APPID 
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/16/2019 09:01:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/16/2019 08:59:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/16/2019 08:59:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHQVSUB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/16/2019 08:57:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/16/2019 08:57:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/16/2019 08:55:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
 
Windows Defender:
===================================
Date: 2019-12-03 16:20:58.812
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6106915B-BC0A-484D-92A8-BFFFE5F0F1F8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-03 16:16:01.521
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {521FE192-4370-4EF1-B16D-31AB297CE3C3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 19:06:31.214
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {41E6DD71-F075-4BB1-B33C-BDD9CC8F1DFE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 18:08:32.542
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3246382B-B850-47B9-93F6-159D268A66BE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 16:07:12.809
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E9349FE9-6E2C-4E00-AC93-8E1171BA9886}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-11-06 16:17:08.834
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.1417.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-29 16:03:27.058
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.871.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-22 18:19:53.655
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.416.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2019-12-16 19:33:22.910
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:25:55.262
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:18:38.171
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:10:48.659
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:02:27.770
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 18:54:15.165
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 18:46:03.531
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 18:37:42.125
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.3.2 07/18/2018
Motherboard: Dell Inc. 0PXWHK
Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 67%
Total physical RAM: 8078.64 MB
Available physical RAM: 2608.89 MB
Total Virtual: 19342.64 MB
Available Virtual: 11041.36 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:916.68 GB) (Free:203.84 GB) NTFS
Drive d: (JAQUISSE) (Removable) (Total:7.45 GB) (Free:7.3 GB) FAT32
 
\\?\Volume{eaa67931-51ed-46e8-85f5-c5816993e514}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.52 GB) NTFS
\\?\Volume{71654026-b739-4068-8a8d-15e0866211d3}\ (Image) (Fixed) (Total:11.98 GB) (Free:0.16 GB) NTFS
\\?\Volume{2721d5d5-cf0b-4966-899c-70e441d83060}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.44 GB) NTFS
\\?\Volume{f0b5d685-8311-49f5-8284-714ad87218e9}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A488730F)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 8B51E992)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Welcome. :)

Please give me some time to go over your logs and I will get back to you as soon as possible.
  • 0

#3
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Hi Soggyyy, welcome to the Geeks to Go malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 4 days, it will be closed.
    • If your topic is closed and you still need assistance, send me a Personal Message with a link to your topic.
  • If you have questions at any time during the cleanup, feel free to ask.
---------------------------------------------------

Do you recognize the following registry entries?

HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1


---------------------------------------------------
McAfee Removal Tool

Download MCPR (McAfee Consumer Product Removal Tool) and save it to your desktop
  • Right-click MCPR.exe and click Run as Administrator.
  • At the "McAfee Software Removal" window, click Next.
  • Accept the license agreement.
  • Complete the "Security Validation" question and click Next.
  • You will receive a message that the removal of McAfee products is complete.
  • Restart the computer.
---------------------------------------------------

Download and run the Avast Uninstall Utility.

---------------------------------------------------
Uninstall a Program
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program(s) on the list:

    Search Powered by Yahoo!

  • Select the above program(s) and click Uninstall.
  • Restart the computer if prompted.
---------------------------------------------------
Uninstall Chrome Extension(s)
  • Open Google Chrome. Type chrome://extensions in the address bar and press Enter.
  • Click the trash can icon next to the following extension(s):

    Search Manager

  • A confirmation dialog will appear. Click Remove.
---------------------------------------------------
Farbar Recovery Scan Tool - Fix
  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Start::
    CreateRestorePoint:
    CloseProcesses:
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    Task: {6BCB0B97-9E66-458B-AC66-7AA71622445D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
    SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {D096DFE0-4A88-4155-AEB6-DECED1988D66} URL = 
    BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
    BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
    FF Extension: (Search Manager) - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2019-12-11] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
    CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
    CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
    CHR Notifications: Default -> hxxps://vvb6.mentprocester.info
    CHR HKLM\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
    CHR HKLM\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
    CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
    CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
    CHR HKLM-x32\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
    CHR HKLM-x32\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
    2019-12-11 15:19 - 2019-12-11 15:19 - 000000000 ___HD C:\$AV_AVG
    2019-12-11 15:15 - 2019-12-11 15:19 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
    2019-12-11 15:09 - 2019-12-13 18:43 - 000000000 ____D C:\Users\sam\AppData\Local\AVG
    2019-12-11 15:05 - 2019-12-11 15:12 - 000000000 ____D C:\Users\sam\AppData\Local\22a66be3f8029028
    2019-12-11 15:05 - 2019-12-11 15:06 - 000000000 ____D C:\ProgramData\{DF03E33F-F72B-9B47-AF73-B36F479B6BB7}
    2019-12-11 15:05 - 2019-12-11 15:05 - 000001359 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
    2019-12-11 15:05 - 2019-12-11 15:05 - 000000000 ____D C:\Users\sam\AppData\Local\{D923EF7F-FD8B-83C7-9013-A62FB47B5AB7}
    2019-12-11 15:04 - 2019-12-16 20:19 - 000000000 ____D C:\Program Files (x86)\Segurazo
    2019-12-11 15:04 - 2019-12-13 18:43 - 000000000 ____D C:\ProgramData\AVG
    2019-12-11 15:04 - 2019-12-11 15:04 - 003055328 _____ (Pokibagel ) C:\Users\sam\Downloads\SpotifyFullSetup_0886379966.exe
    2019-12-09 21:00 - 2019-12-09 21:00 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
    2019-12-09 21:00 - 2019-12-09 21:00 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
    FirewallRules: [{463CB25C-954E-4192-8148-F6A605069D7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File
    FirewallRules: [{3CBB3342-BF30-40A3-96B4-ECC2D82ED950}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
    FirewallRules: [{2F4E5B21-63AB-4501-9523-B4019596760A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
    FirewallRules: [{9110F57E-2351-46FA-B224-44C056353AA3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
    FirewallRules: [{01778FCD-F116-4644-9236-81BA01ECEC51}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
    FirewallRules: [{73101ADF-4E5D-4CC8-A64B-D0DD087FA6E7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
    FirewallRules: [{FCCDA176-49B3-4368-8582-EE7C9B621B71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
    FirewallRules: [{19DC50B6-3465-4CC5-97D5-4D282C693EC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
    FirewallRules: [{FB4BF9FD-07D3-4ABD-B737-44174959E1D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
    FirewallRules: [{790AD5C9-72F9-408F-A3B1-55B03F62F129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
    FirewallRules: [{56115CDD-0CFA-4771-8388-62422D522D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
    FirewallRules: [{6A9BA1EF-C14F-4AB9-A871-B2B7AEE23161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
    FirewallRules: [{669DEE32-C8F8-4254-8E6F-0D30206DB42E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
    FirewallRules: [{01A7121B-A3BD-4846-B8B3-3949EFA91893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
    FirewallRules: [TCP Query User{7B6D3407-5523-493F-BB1E-5A0BE3BBFE1A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
    FirewallRules: [UDP Query User{B0558E15-E6C0-4062-A967-59143952ED47}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
    FirewallRules: [TCP Query User{CF8AB14B-4433-44C6-889C-BA3DB488F872}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
    FirewallRules: [UDP Query User{6EFC9BBC-801A-45B4-BB01-A3F7F3E1F82A}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
    FirewallRules: [TCP Query User{53C95986-9862-481C-8534-CA5BBF77CDC7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
    FirewallRules: [UDP Query User{3F740C46-538F-499F-95B1-A5BF9EA467B7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
    Folder: C:\ProgramData\GraphicsType
    Folder: C:\Users\sam\AppData\Roaming\TransferSupport
    VirusTotal: C:\WINDOWS\System32\mracsvc.exe;C:\WINDOWS\System32\drivers\mracdrv.sys;C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
    EmptyTemp:
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.
---------------------------------------------------
Farbar Service Scanner

Download Farbar Service Scanner and save it to your desktop.
  • Right-click FSS.exe and select Run as Administrator.
  • Check the following boxes:
    Internet Services
    Windows Firewall
    System Restore
    Security Center/Action Center
    Windows Update
    Windows Defender
    
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
---------------------------------------------------

In your next reply, please include:
  • Fixlog.txt
  • FSS.txt
  • Let me know if the issue persists.

  • 0

#4
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

It said that I did not have permission to download Farbar Service Scanner, I tried many different things but could not get it to work, all I could get was the fixlog

 

FixLog: 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by sam (20-12-2019 11:32:18) Run:1
Running from C:\Users\sam\Desktop
Loaded Profiles: sam (Available Profiles: sam)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
Task: {6BCB0B97-9E66-458B-AC66-7AA71622445D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_50_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0E0CyE0Bzy0ByBtAtAzyzzyBzzzytN0D0Tzu0StBzytDtCtN1L2XzuyEtFyDyBtFtDtFtCtDzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzytC0BtAtD0EtAtGtBzyzy0BtGyDzyyB0EtGtByD0AtAtGzy0CzytBtCyDzzyD0D0A0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1PtA1R1QzzyEzztGyC1TyCyBtGyE1O1Q1RtG1TtAyB1StG1SzzyEtAyBtC1RyC1PzzyBzy2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByCtCtDyDyEzyzy%26cr%3D555724871%26a%3Dwsg_fjnhltxzm_19_50_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {D096DFE0-4A88-4155-AEB6-DECED1988D66} URL = 
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
FF Extension: (Search Manager) - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2019-12-11] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Notifications: Default -> hxxps://vvb6.mentprocester.info
CHR HKLM\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKLM\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
CHR HKLM-x32\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg]
CHR HKLM-x32\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael]
2019-12-11 15:19 - 2019-12-11 15:19 - 000000000 ___HD C:\$AV_AVG
2019-12-11 15:15 - 2019-12-11 15:19 - 000000000 ____D C:\Program Files (x86)\PremierOpinion
2019-12-11 15:09 - 2019-12-13 18:43 - 000000000 ____D C:\Users\sam\AppData\Local\AVG
2019-12-11 15:05 - 2019-12-11 15:12 - 000000000 ____D C:\Users\sam\AppData\Local\22a66be3f8029028
2019-12-11 15:05 - 2019-12-11 15:06 - 000000000 ____D C:\ProgramData\{DF03E33F-F72B-9B47-AF73-B36F479B6BB7}
2019-12-11 15:05 - 2019-12-11 15:05 - 000001359 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-12-11 15:05 - 2019-12-11 15:05 - 000000000 ____D C:\Users\sam\AppData\Local\{D923EF7F-FD8B-83C7-9013-A62FB47B5AB7}
2019-12-11 15:04 - 2019-12-16 20:19 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-12-11 15:04 - 2019-12-13 18:43 - 000000000 ____D C:\ProgramData\AVG
2019-12-11 15:04 - 2019-12-11 15:04 - 003055328 _____ (Pokibagel ) C:\Users\sam\Downloads\SpotifyFullSetup_0886379966.exe
2019-12-09 21:00 - 2019-12-09 21:00 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-12-09 21:00 - 2019-12-09 21:00 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
FirewallRules: [{463CB25C-954E-4192-8148-F6A605069D7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File
FirewallRules: [{3CBB3342-BF30-40A3-96B4-ECC2D82ED950}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
FirewallRules: [{2F4E5B21-63AB-4501-9523-B4019596760A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_1.3.6718.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe No File
FirewallRules: [{9110F57E-2351-46FA-B224-44C056353AA3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{01778FCD-F116-4644-9236-81BA01ECEC51}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{73101ADF-4E5D-4CC8-A64B-D0DD087FA6E7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{FCCDA176-49B3-4368-8582-EE7C9B621B71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{19DC50B6-3465-4CC5-97D5-4D282C693EC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB4BF9FD-07D3-4ABD-B737-44174959E1D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
FirewallRules: [{790AD5C9-72F9-408F-A3B1-55B03F62F129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe No File
FirewallRules: [{56115CDD-0CFA-4771-8388-62422D522D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{6A9BA1EF-C14F-4AB9-A871-B2B7AEE23161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{669DEE32-C8F8-4254-8E6F-0D30206DB42E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
FirewallRules: [{01A7121B-A3BD-4846-B8B3-3949EFA91893}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP022\Hope\Binaries\Win64\Hope.exe No File
FirewallRules: [TCP Query User{7B6D3407-5523-493F-BB1E-5A0BE3BBFE1A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{B0558E15-E6C0-4062-A967-59143952ED47}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{CF8AB14B-4433-44C6-889C-BA3DB488F872}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{6EFC9BBC-801A-45B4-BB01-A3F7F3E1F82A}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{53C95986-9862-481C-8534-CA5BBF77CDC7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
FirewallRules: [UDP Query User{3F740C46-538F-499F-95B1-A5BF9EA467B7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe No File
Folder: C:\ProgramData\GraphicsType
Folder: C:\Users\sam\AppData\Roaming\TransferSupport
VirusTotal: C:\WINDOWS\System32\mracsvc.exe;C:\WINDOWS\System32\drivers\mracdrv.sys;C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BCB0B97-9E66-458B-AC66-7AA71622445D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BCB0B97-9E66-458B-AC66-7AA71622445D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
"HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D096DFE0-4A88-4155-AEB6-DECED1988D66} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removed successfully
C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi => moved successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
"Chrome Notifications" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\bhoagceacaklimpcejjofabngcjkebfg => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\nccfgpamboionigdpfjmijhlgmgdbael => removed successfully
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\bhoagceacaklimpcejjofabngcjkebfg => removed successfully
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\SOFTWARE\Google\Chrome\Extensions\nccfgpamboionigdpfjmijhlgmgdbael => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bhoagceacaklimpcejjofabngcjkebfg => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nccfgpamboionigdpfjmijhlgmgdbael => removed successfully
C:\$AV_AVG => moved successfully
C:\Program Files (x86)\PremierOpinion => moved successfully
C:\Users\sam\AppData\Local\AVG => moved successfully
C:\Users\sam\AppData\Local\22a66be3f8029028 => moved successfully
C:\ProgramData\{DF03E33F-F72B-9B47-AF73-B36F479B6BB7} => moved successfully
"C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk" => not found
C:\Users\sam\AppData\Local\{D923EF7F-FD8B-83C7-9013-A62FB47B5AB7} => moved successfully
"C:\Program Files (x86)\Segurazo" => not found
C:\ProgramData\AVG => moved successfully
C:\Users\sam\Downloads\SpotifyFullSetup_0886379966.exe => moved successfully
C:\WINDOWS\system32\WinUpdates105.dat => moved successfully
C:\WINDOWS\system32\wdbcache.tmp => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{463CB25C-954E-4192-8148-F6A605069D7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CBB3342-BF30-40A3-96B4-ECC2D82ED950}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F4E5B21-63AB-4501-9523-B4019596760A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9110F57E-2351-46FA-B224-44C056353AA3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01778FCD-F116-4644-9236-81BA01ECEC51}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73101ADF-4E5D-4CC8-A64B-D0DD087FA6E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCCDA176-49B3-4368-8582-EE7C9B621B71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19DC50B6-3465-4CC5-97D5-4D282C693EC8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB4BF9FD-07D3-4ABD-B737-44174959E1D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{790AD5C9-72F9-408F-A3B1-55B03F62F129}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56115CDD-0CFA-4771-8388-62422D522D76}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A9BA1EF-C14F-4AB9-A871-B2B7AEE23161}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{669DEE32-C8F8-4254-8E6F-0D30206DB42E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A7121B-A3BD-4846-B8B3-3949EFA91893}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7B6D3407-5523-493F-BB1E-5A0BE3BBFE1A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B0558E15-E6C0-4062-A967-59143952ED47}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF8AB14B-4433-44C6-889C-BA3DB488F872}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6EFC9BBC-801A-45B4-BB01-A3F7F3E1F82A}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{53C95986-9862-481C-8534-CA5BBF77CDC7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3F740C46-538F-499F-95B1-A5BF9EA467B7}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe" => removed successfully
 
========================= Folder: C:\ProgramData\GraphicsType ========================
 
2019-11-18 18:26 - 2019-11-18 18:26 - 000000081 ____A [75BFF5239F6B9574EA3DA8E4A448FD23] () C:\ProgramData\GraphicsType\GraphicsType.ini
 
====== End of Folder: ======
 
 
========================= Folder: C:\Users\sam\AppData\Roaming\TransferSupport ========================
 
2019-11-18 18:24 - 2019-11-18 18:25 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess
2019-11-18 18:25 - 2019-11-18 18:25 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess\Drivers
2019-11-18 18:25 - 2019-09-17 13:58 - 000006387 ____A [BAD70736E78134793AC6B55CD073A928] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess\Drivers\AppleiOSNames.plist
2019-11-18 18:25 - 2019-09-17 13:58 - 000728064 ____A [1F4D7CFF6CCBC32B2807ED338039C607] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess\Drivers\DeviceInfo.mapping
2019-11-18 18:25 - 2019-09-26 09:38 - 005877213 ____A [18D00A59EB311BC902FDE9ED147CAFFE] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess\Drivers\driver_androidusb.zip
2019-11-18 18:25 - 2019-09-17 13:58 - 000428344 ____A [BB9E5D909DBC4FCC3BA79DE7CCC41613] () C:\Users\sam\AppData\Roaming\TransferSupport\TransferProcess\Drivers\VideoConverterConnector.apk
 
====== End of Folder: ======
 
VirusTotal: C:\WINDOWS\System32\mracsvc.exe => https://www.virustot...sis/1574974964/
VirusTotal: C:\WINDOWS\System32\drivers\mracdrv.sys => https://www.virustot...sis/1568535709/
VirusTotal: C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450 => https://www.virustot...sis/1567477131/
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 175331428 B
Java, Flash, Steam htmlcache => 197165249 B
Windows/system/drivers => 1011392899 B
Edge => 46680007 B
Chrome => 615610578 B
Firefox => 94684973 B
Opera => 25346563 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 44203 B
LocalService => 78579 B
NetworkService => 683177 B
sam => 1065717823 B
 
RecycleBin => 444 B
EmptyTemp: => 3 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 11:42:14 ====

  • 0

#5
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Hi Soggyyy,

Please take a screenshot of the error when downloading FSS and attach it to your reply.
  • 0

#6
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Link to the image, I dont know how to put it in the message -->  file:///C:/Users/sam/Documents/Lightshot/Screenshot_10.png


  • 0

#7
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Hi Soggyyy,

To attach a file, click More Reply Options > Attach Files.
  • 0

#8
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

This is the image

Attached Thumbnails

  • Screenshot_10.png

  • 0

#9
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Hi Soggyyy,

If you move the file to another folder, such as Downloads, do you receive the same error when running FSS?
  • 0

#10
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Yes it does

Attached Thumbnails

  • Screenshot_11.png

  • 0

Advertisements


#11
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Re-download FSS from here. Right-click the file, select Rename, and rename it from FSS.exe to FSS.com. Attempt to run it and let me know if the issue persists.
  • 0

#12
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Still does not work

Attached Thumbnails

  • Screenshot_12.png

  • 0

#13
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Hi Soggyyy,

Please run a new scan with FRST and copy/paste both reports to your reply.
  • 0

#14
Soggyyy

Soggyyy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by sam (administrator) on DESKTOP-DHQVSUB (Dell Inc. Inspiron 5680) (31-12-2019 10:29:09)
Running from C:\Users\sam\Desktop
Loaded Profiles: sam (Available Profiles: sam & Administrator)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel® Trust Services -> Intel® Corporation) C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [319520 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [BakkesMod] => C:\Users\sam\Desktop\BakkesMod.exe [11271168 2019-04-01] () [File not signed]
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36060048 2019-12-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Spotify] => C:\Users\sam\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Gif Your Game] => C:\Users\sam\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [80204208 2019-12-09] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [Discord] => C:\Users\sam\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-11-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\sam\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-05-16]
ShortcutTarget: Twitch.lnk -> C:\Users\sam\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01BA3712-033F-427C-998E-2A87A874CC1E} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d7ff93a809 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {10343BC2-C6C4-44B3-8D61-28D1ED034796} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {188A3D1F-FEB8-4313-A92F-17E882C82C94} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B3B0682-E4C8-40D1-89C2-DF4F4B680199} - System32\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {1EFA9589-3FC4-402F-AF5E-A9A49861E8AD} - System32\Tasks\Opera scheduled Autoupdate 1559497199 => C:\Users\sam\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {2707619D-4429-40B5-9E84-0CF1EF0C08EB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3827D8FB-CC90-4F8A-85F4-8AB0A0A18327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {42F69B01-7D15-45EC-A0C2-290116A65F18} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {44660127-690A-4368-88C9-541CE454B531} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {4DC9BF20-E31E-4DE8-96FA-A850AAE8E5E0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53A4DCCB-1D69-414C-B6A2-9B2667AE7255} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {567D657E-DCE6-433A-9565-D3AEB217F442} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {658DC323-0E56-4886-A101-4E000EF6F5AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6635E7D4-7E55-462A-BCFC-A675077DB027} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {752FD977-A17C-403D-ADD2-F31AA141E100} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {7619CE78-CD89-4924-93A9-1F4CC9892F23} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {79DAE953-BE4D-4F9E-B4D4-137AA6C9096A} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-04-25] (Rivet Networks LLC -> DELL)
Task: {83E935CB-620A-43AB-A3DA-0ABDD680D7DA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D56C7D1-5411-437B-95A6-07F0ED3AB4A0} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d7fe6c967f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
Task: {991E2B00-8079-4C8B-8A07-B5F29E95B6E0} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1519064 2019-11-23] (Dell Inc. -> Dell Inc.)
Task: {99F591F8-475F-4F5C-A1A9-B3A7018AE1F3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5BF84FA-25FC-4996-8430-75CC8F253604} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BECCE374-3FFC-4F14-983D-FA2B9551A0D9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1097CA3-FDE2-48B3-9DBA-DE66625479F1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8781B19-CE79-4729-A1E0-3F4A5F5080F1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1403994-9260-40D1-B28C-032D27DE6F63} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {D643E1A0-4E43-46CE-B20C-BBE56BBF9E55} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DHQVSUB-sam => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DA521B6D-B3E7-48B3-A6E7-108DD672E142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCCDA64D-6E6F-4DE5-B94D-3B4E73599F07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2102924-1A8B-4094-9367-49DD56CEFEF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6e164ccb-710a-4219-9a7d-a1fc77fd0be5}: [DhcpNameServer] 10.13.109.99
Tcpip\..\Interfaces\{8f921205-9c22-4e1e-b52c-d7c7e11973c7}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-3762797259-1065414235-235543805-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: qomgciiy.default
FF ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\qomgciiy.default [2019-12-20]
FF ProfilePath: C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release [2019-12-20]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\sam\AppData\Roaming\Mozilla\Firefox\Profiles\uafj1ahb.default-release\Extensions\[email protected] [2019-12-14]
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default [2019-12-31]
CHR DownloadDir: C:\Users\sam\Downloads
CHR Extension: (Honey) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-12-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-20]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel® Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [424288 2018-05-23] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-11-02] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2019-12-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2789792 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-08] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-08] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18953880 2019-09-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-23] (ProtonVPN AG -> )
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [190296 2018-05-23] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [974936 2019-11-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1457240 2019-11-14] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-18] (Razer USA Ltd. -> Razer Inc.)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-04-25] (Rivet Networks LLC -> CloudBees, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe [1970592 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2019-12-04] (Razer USA Ltd. -> Razer Inc.)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-04-25] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-23] (Dell Inc. -> Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-11-22] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [288312 2019-12-20] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-11-22] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107760 2019-09-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 0310251551642761mcinstcleanup; C:\WINDOWS\TEMP\031025~1.EXE -cleanup -nolog [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-09-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R1 BadlionAnticheat; C:\WINDOWS\system32\drivers\BadlionAnticheat.sys [2490088 2019-09-30] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739024 2019-11-13] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [133480 2017-06-22] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309144 2019-10-30] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16198008 2019-06-20] (FACE IT LIMITED -> )
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564136 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [91200 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094048 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [74656 2018-08-29] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [18189864 2019-09-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2358112 2018-05-23] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009120 2017-09-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 SilvrLnk; C:\WINDOWS\System32\drivers\silvrlnk.sys [129536 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-04-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-20] (Valve Corp. -> )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 TIEHDUSB; C:\WINDOWS\System32\drivers\tiehdusb.sys [128512 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [637112 2019-10-22] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-31 10:28 - 2019-12-31 10:28 - 000000000 ____D C:\Users\sam\Desktop\FRST-OlderVersion
2019-12-29 16:30 - 2019-12-29 16:30 - 010431626 _____ C:\Users\sam\Desktop\Soggy Moments Thumbnail.psd
2019-12-29 16:27 - 2019-12-29 16:27 - 000002956 _____ C:\Users\sam\Downloads\ushanka-icon-cartoon-style-isolated-260nw-539232139.webp
2019-12-29 12:26 - 2019-12-29 12:26 - 000000283 _____ C:\Users\sam\Desktop\The Talos Principle.url
2019-12-28 17:05 - 2016-10-04 10:50 - 000000000 ____D C:\Users\sam\Desktop\MW2
2019-12-28 16:51 - 2019-12-28 17:04 - 3520105657 _____ C:\Users\sam\Downloads\MW2.zip
2019-12-27 11:41 - 2019-12-27 11:41 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-27 11:41 - 2019-12-27 11:41 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-27 11:41 - 2019-12-27 11:41 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-27 11:41 - 2019-12-27 11:41 - 000000865 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-27 11:41 - 2019-12-27 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-27 11:41 - 2019-12-27 11:41 - 000000000 ____D C:\Program Files\CCleaner
2019-12-27 11:40 - 2019-12-27 11:40 - 024578944 _____ (Piriform Software Ltd) C:\Users\sam\Downloads\ccsetup563.exe
2019-12-27 00:27 - 2019-12-29 18:19 - 1068114698 _____ C:\Users\sam\Desktop\Soggy Moments final.mp4
2019-12-27 00:20 - 2019-12-27 00:20 - 012430415 _____ C:\Users\sam\Downloads\Monty Python - The Black Knight - Tis But A Scratch.mp4
2019-12-23 00:35 - 2019-12-23 00:35 - 004865933 _____ C:\Users\sam\Desktop\bukhari_script.zip
2019-12-23 00:33 - 2019-12-23 00:33 - 000046188 _____ C:\Users\sam\Desktop\Monoline Script Regular.zip
2019-12-23 00:32 - 2019-12-23 00:32 - 000026672 _____ C:\Users\sam\Desktop\Campground-free-monoline-font_Ramadhani-Nugraha_160817.zip
2019-12-23 00:11 - 2019-12-23 00:11 - 002033274 _____ C:\Users\sam\Desktop\CSGO streamer goes ape [bleep], smashes keyboard (GREEN what is your problem).mp4
2019-12-22 23:50 - 2019-12-22 23:50 - 002586693 _____ C:\Users\sam\Desktop\VHS Fast Forward Green Screen Overlay.mp4
2019-12-20 14:41 - 2019-12-20 14:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2019-12-20 12:39 - 2019-12-20 12:40 - 000000000 ___RD C:\Users\Administrator\OneDrive
2019-12-20 12:38 - 2019-12-20 12:38 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2019-12-20 12:33 - 2019-12-20 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Sun
2019-12-20 12:33 - 2019-12-20 12:33 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Sun
2019-12-20 12:33 - 2019-12-20 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\DELL
2019-12-20 12:29 - 2019-12-20 12:29 - 000000000 ____D C:\Users\Administrator\ansel
2019-12-20 12:22 - 2019-12-20 12:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2019-12-20 12:21 - 2019-12-20 12:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2019-12-20 12:21 - 2019-12-20 12:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2019-12-20 12:21 - 2019-12-20 12:21 - 000001450 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2019-12-20 12:21 - 2019-12-20 12:21 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2019-12-20 12:21 - 2019-12-20 12:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\Wondershare
2019-12-20 12:21 - 2019-12-20 12:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-12-20 12:21 - 2019-12-20 12:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn
2019-12-20 12:20 - 2019-12-20 12:20 - 000001194 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-12-20 12:20 - 2019-12-20 12:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-12-20 12:19 - 2019-12-20 12:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-12-20 12:19 - 2019-12-20 12:40 - 000002389 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-20 12:19 - 2019-12-20 12:39 - 000000000 ____D C:\Users\Administrator
2019-12-20 12:19 - 2019-12-20 12:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2019-12-20 12:19 - 2019-12-20 12:19 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Synapse3
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\Razer
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2019-12-20 12:19 - 2019-12-20 12:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-12-20 12:14 - 2019-12-20 12:17 - 000346944 _____ C:\WINDOWS\ntbtlog.txt
2019-12-20 12:14 - 2019-12-20 12:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-12-20 11:59 - 2019-12-20 11:59 - 000000000 ____D C:\WINDOWS\pss
2019-12-20 11:32 - 2019-12-20 11:42 - 000020952 _____ C:\Users\sam\Desktop\Fixlog.txt
2019-12-20 11:22 - 2019-12-20 11:23 - 010823512 _____ (AVAST Software) C:\Users\sam\Desktop\avastclear.exe
2019-12-20 11:20 - 2019-12-20 11:20 - 000000000 ____D C:\ProgramData\McAfee
2019-12-20 11:14 - 2019-12-20 11:14 - 010646488 _____ (McAfee, LLC.) C:\Users\sam\Desktop\MCPR.exe
2019-12-17 20:57 - 2019-12-17 20:57 - 000000222 _____ C:\Users\sam\Desktop\Rocket League.url
2019-12-16 20:58 - 2019-12-16 21:03 - 000066324 _____ C:\Users\sam\Desktop\Addition.txt
2019-12-16 20:44 - 2019-12-31 10:32 - 000039586 _____ C:\Users\sam\Desktop\FRST.txt
2019-12-16 20:43 - 2019-12-31 10:28 - 002272256 _____ (Farbar) C:\Users\sam\Desktop\FRST64.exe
2019-12-16 20:41 - 2019-12-31 10:31 - 000000000 ____D C:\FRST
2019-12-16 20:41 - 2019-12-16 20:41 - 002264064 _____ (Farbar) C:\Users\sam\Downloads\FRST64.exe
2019-12-16 20:04 - 2019-12-16 20:04 - 000075292 _____ C:\ProgramData\agent.update.1576555427.bdinstall.v2.bin
2019-12-16 17:33 - 2019-12-16 17:33 - 000001194 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-12-16 17:32 - 2019-03-20 23:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2019-12-16 17:30 - 2019-12-16 17:30 - 000001209 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2019-12-16 17:30 - 2019-12-16 17:30 - 000001209 _____ C:\ProgramData\Desktop\Bitdefender Antivirus Free.lnk
2019-12-16 17:30 - 2019-12-16 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2019-12-16 17:30 - 2019-12-16 17:30 - 000000000 ____D C:\ProgramData\Bitdefender
2019-12-16 17:30 - 2019-10-30 08:45 - 000309144 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-12-16 17:30 - 2019-10-22 12:38 - 000637112 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2019-12-16 17:30 - 2018-11-28 05:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2019-12-16 17:29 - 2019-11-18 19:08 - 000564136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-12-16 17:29 - 2019-11-13 17:32 - 000739024 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-12-16 17:29 - 2019-09-23 09:43 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2019-12-16 17:22 - 2019-12-16 17:22 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-12-16 17:20 - 2019-12-31 10:18 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-12-16 17:18 - 2019-12-16 20:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-12-16 17:18 - 2019-12-16 17:18 - 010527368 _____ C:\Users\sam\Downloads\bitdefender_online.exe
2019-12-16 17:18 - 2019-12-16 17:18 - 000103384 _____ C:\ProgramData\agent.1576545530.bdinstall.v2.bin
2019-12-16 17:18 - 2019-12-16 17:18 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-12-16 17:13 - 2019-12-16 17:13 - 019255000 _____ (Microsoft Corporation) C:\Users\sam\Downloads\MediaCreationTool1909 (1).exe
2019-12-16 17:13 - 2019-12-16 17:13 - 000000000 ___HD C:\$Windows.~WS
2019-12-16 17:12 - 2019-12-16 17:18 - 000000000 ____D C:\ESD
2019-12-16 17:10 - 2019-12-16 17:10 - 019255000 _____ (Microsoft Corporation) C:\Users\sam\Downloads\MediaCreationTool1909.exe
2019-12-16 16:49 - 2019-12-16 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\%Data%
2019-12-16 15:48 - 2019-12-16 16:29 - 000000000 ___HD C:\$SysReset
2019-12-14 19:35 - 2019-12-16 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-12-14 19:33 - 2019-12-16 17:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-14 19:27 - 2019-12-14 19:28 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-12-14 19:27 - 2019-12-14 19:27 - 002881472 _____ (Kaspersky Lab) C:\Users\sam\Downloads\ks3.020.0.14.1085aen_es_fr_19095.exe
2019-12-14 19:16 - 2019-12-14 19:15 - 000854696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.157637981318708
2019-12-14 19:15 - 2019-12-20 11:58 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-14 19:14 - 2019-12-14 19:14 - 000230080 _____ (AVAST Software) C:\Users\sam\Downloads\avast_free_antivirus_setup_online.exe
2019-12-14 16:55 - 2019-12-14 16:55 - 000652848 _____ (Shark Labs) C:\Users\sam\Downloads\VoiceChanger64f(1.10).exe
2019-12-14 16:55 - 2019-12-14 16:55 - 000002164 _____ C:\Users\Public\Desktop\ClownfishVoiceChanger.lnk
2019-12-14 16:55 - 2019-12-14 16:55 - 000002164 _____ C:\ProgramData\Desktop\ClownfishVoiceChanger.lnk
2019-12-14 16:55 - 2019-12-14 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
2019-12-13 15:53 - 2019-12-13 15:53 - 000001905 _____ C:\Users\Public\Desktop\Alpha Console.lnk
2019-12-13 15:53 - 2019-12-13 15:53 - 000001905 _____ C:\ProgramData\Desktop\Alpha Console.lnk
2019-12-13 15:52 - 2019-12-14 19:16 - 000000000 ____D C:\avast! sandbox
2019-12-13 15:51 - 2019-12-13 15:51 - 035678645 _____ (AlphaConsole ) C:\Users\sam\Downloads\AlphaConsole_Setup_9.15.4.0.exe
2019-12-11 17:33 - 2019-12-11 17:33 - 029156400 _____ C:\Users\sam\Downloads\Reality PSD.psd
2019-12-11 14:06 - 2019-12-11 14:06 - 000032670 _____ C:\Users\sam\Downloads\LongEssay_F2019.pdf
2019-12-11 00:04 - 2019-12-11 00:04 - 032250312 _____ C:\Users\sam\Downloads\18 Views of Plane Impact in South Tower  911 World Trade Center [HD DOWNLOAD].mp4
2019-12-10 23:58 - 2019-12-10 23:58 - 000395790 _____ C:\Users\sam\Downloads\Explosion croma key green screen with explosion sound effect!.mp4
2019-12-10 23:53 - 2019-12-10 23:53 - 003551186 _____ C:\Users\sam\Downloads\Lego flash bang Granade.mp4
2019-12-10 23:37 - 2019-12-10 23:38 - 000560760 _____ C:\Users\sam\Downloads\Neck crack.mp4
2019-12-10 23:35 - 2019-12-10 23:35 - 000343146 _____ C:\Users\sam\Downloads\YOU DIED (HD).mp4
2019-12-10 23:32 - 2019-12-10 23:32 - 000109450 _____ C:\Users\sam\Downloads\hydro.mp4
2019-12-10 21:54 - 2019-12-10 21:55 - 000000000 ____D C:\WINDOWS\LastGood
2019-12-10 21:38 - 2019-12-08 07:30 - 011843728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-10 21:38 - 2019-12-08 07:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000451440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-10 21:38 - 2019-12-08 07:30 - 000352504 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 010167744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 001001408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000824256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000676608 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-10 21:38 - 2019-12-08 07:29 - 000545296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 017462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 015030896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 005382232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 004717656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001568504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001483712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001371648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 001064840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000573176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-12-10 21:38 - 2019-12-08 07:28 - 000557072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-10 21:38 - 2019-12-08 07:28 - 000452720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-12-10 21:38 - 2019-12-08 07:27 - 040510424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 004224176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-10 21:38 - 2019-12-08 07:27 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-12-10 21:38 - 2019-12-06 20:31 - 000075706 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-09 21:00 - 2019-12-01 14:06 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2019-12-05 20:09 - 2019-12-05 20:17 - 096244677 _____ C:\Users\sam\Desktop\History of Cameras_1.mp4
2019-12-03 22:15 - 2019-12-03 22:15 - 000000219 _____ C:\Users\sam\Desktop\Team Fortress 2.url
2019-12-03 17:33 - 2019-12-03 17:33 - 000000039 _____ C:\Users\sam\AppData\Local\kritadisplayrc
2019-12-03 17:02 - 2019-12-03 17:33 - 000016144 _____ C:\Users\sam\AppData\Local\kritarc
2019-12-03 17:02 - 2019-12-03 17:02 - 000000000 ____D C:\Users\sam\AppData\Roaming\krita
2019-12-03 17:02 - 2019-12-03 17:02 - 000000000 ____D C:\Users\sam\AppData\Local\krita
2019-12-01 21:49 - 2019-12-01 21:49 - 000000000 ____D C:\Users\sam\AppData\LocalLow\HFM Games
2019-12-01 21:41 - 2019-12-01 21:41 - 000000222 _____ C:\Users\sam\Desktop\Hand Simulator.url
2019-12-01 16:54 - 2019-12-01 16:55 - 000000598 _____ C:\ProgramData\ClownfishVoiceChanger.ini
2019-12-01 16:54 - 2019-12-01 16:54 - 000000000 ____D C:\ProgramData\ClownfishSoundTemp
2019-12-01 16:54 - 2019-12-01 16:54 - 000000000 ____D C:\ProgramData\Clownfish_VST_cfg
2019-12-01 16:52 - 2019-12-01 16:52 - 000002225 _____ C:\Users\sam\Desktop\Discord.lnk
2019-12-01 16:51 - 2019-12-01 16:52 - 000000000 ____D C:\Users\sam\AppData\Local\Discord
2019-12-01 16:51 - 2019-12-01 16:51 - 061370712 _____ (Discord Inc.) C:\Users\sam\Downloads\DiscordSetup (2).exe
2019-12-01 16:46 - 2019-12-30 13:28 - 000000000 ____D C:\Users\sam\AppData\Roaming\Discord
2019-12-01 15:22 - 2019-12-01 15:22 - 061370712 _____ (Discord Inc.) C:\Users\sam\Downloads\DiscordSetup (1).exe
2019-12-01 14:06 - 2019-12-01 14:06 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-12-01 14:06 - 2019-12-01 14:06 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-12-01 13:55 - 2019-12-05 19:26 - 000000000 ____D C:\Users\sam\Desktop\History of Cameras Pictures
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-31 10:28 - 2019-03-03 00:38 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-31 10:28 - 2019-03-02 23:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-31 10:24 - 2019-01-04 03:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-31 10:20 - 2019-03-02 23:47 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-31 10:16 - 2019-03-03 00:33 - 000000000 ____D C:\Users\sam
2019-12-31 10:16 - 2019-03-03 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-31 10:16 - 2019-03-03 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-30 14:48 - 2019-04-24 17:14 - 000011729 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-12-30 14:43 - 2019-09-11 16:42 - 000000000 ____D C:\Users\sam\AppData\Local\Battle.net
2019-12-30 14:41 - 2019-11-16 17:08 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2019-12-30 13:28 - 2019-03-26 17:31 - 000000619 _____ C:\Users\sam\Documents\ClownfishVoiceChanger.ini
2019-12-30 13:25 - 2019-03-03 10:23 - 000000000 ____D C:\Users\sam\AppData\Local\Spotify
2019-12-30 12:54 - 2019-03-03 10:23 - 000000000 ____D C:\Users\sam\AppData\Roaming\Spotify
2019-12-30 11:15 - 2019-11-16 20:20 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2019-12-30 11:15 - 2019-04-24 17:14 - 000010806 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-12-30 11:15 - 2019-04-24 17:14 - 000010068 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-12-30 00:53 - 2019-03-02 23:47 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-29 20:17 - 2019-03-13 15:54 - 000000000 ____D C:\Users\sam\AppData\Local\CrashDumps
2019-12-29 17:59 - 2019-11-30 15:52 - 000000000 ____D C:\Users\sam\Desktop\GYG Montage
2019-12-29 17:45 - 2019-10-02 17:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-29 17:45 - 2019-10-02 17:35 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-29 12:21 - 2019-04-27 21:15 - 000000000 ____D C:\Program Files\Epic Games
2019-12-28 20:06 - 2019-05-29 14:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-05-29 14:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-05-29 14:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-05-29 14:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:57 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-28 20:06 - 2019-03-03 00:57 - 000001445 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-12-28 20:06 - 2019-03-03 00:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:55 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:27 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:27 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-28 20:06 - 2019-03-03 00:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-28 20:06 - 2019-03-02 23:53 - 000000000 ____D C:\WINDOWS\INF
2019-12-28 20:06 - 2019-01-04 03:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-28 20:06 - 2019-01-04 03:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-27 21:13 - 2019-07-28 19:49 - 000000000 ____D C:\Users\sam\Documents\Lightshot
2019-12-27 21:13 - 2019-03-02 23:54 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-27 16:24 - 2019-03-03 00:31 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-27 16:17 - 2019-03-02 23:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-27 16:12 - 2019-01-04 03:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-12-27 11:41 - 2019-03-03 01:02 - 000000000 ____D C:\temp
2019-12-27 10:39 - 2019-03-03 12:47 - 000000000 ____D C:\Users\sam\Downloads\hack
2019-12-27 10:32 - 2019-09-07 15:45 - 000000000 ____D C:\Users\sam\AppData\Local\LogMeIn Hamachi
2019-12-27 10:31 - 2019-09-30 18:01 - 000000000 ____D C:\Users\sam\AppData\Roaming\badpanda-react
2019-12-23 08:53 - 2019-03-03 10:30 - 000000000 ____D C:\Users\sam\AppData\Local\D3DSCache
2019-12-22 23:47 - 2019-03-03 00:34 - 000000000 ____D C:\Users\sam\AppData\Local\Packages
2019-12-22 16:39 - 2019-06-08 16:14 - 000000000 ____D C:\Users\sam\Documents\[DanielNiewold] Dansploit V7.8
2019-12-22 16:39 - 2019-03-03 19:55 - 000000000 ____D C:\Users\sam\Documents\Baimless DLL
2019-12-21 12:13 - 2019-01-04 03:23 - 000000000 ____D C:\ProgramData\PCDr
2019-12-21 12:08 - 2019-03-03 00:11 - 000310608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-20 22:51 - 2019-04-24 20:45 - 000011774 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-12-20 16:17 - 2019-03-02 23:54 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-20 16:12 - 2019-01-04 03:23 - 000000000 ____D C:\ProgramData\SupportAssist
2019-12-20 11:17 - 2019-03-03 00:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-19 19:25 - 2019-09-19 15:19 - 000000000 ____D C:\Users\sam\Documents\Call of Duty Modern Warfare
2019-12-19 17:10 - 2019-03-07 18:46 - 000000000 ____D C:\Users\sam\AppData\Local\ElevatedDiagnostics
2019-12-19 12:24 - 2019-09-11 16:40 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-19 11:11 - 2019-06-02 09:40 - 000004190 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1559497199
2019-12-19 11:11 - 2019-06-02 09:40 - 000001395 _____ C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-12-17 21:16 - 2019-03-03 00:37 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 21:16 - 2019-03-03 00:37 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 21:16 - 2019-03-03 00:37 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-17 20:57 - 2019-03-03 00:45 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-17 20:42 - 2019-03-09 18:07 - 000000000 ____D C:\Users\sam\AppData\Roaming\DS4Windows
2019-12-16 17:33 - 2019-03-02 23:54 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-16 17:14 - 2019-08-28 19:27 - 000026087 _____ C:\WINDOWS\diagwrn.xml
2019-12-16 17:14 - 2019-08-28 19:27 - 000020958 _____ C:\WINDOWS\diagerr.xml
2019-12-16 17:14 - 2019-03-02 23:47 - 000000000 ____D C:\WINDOWS\Panther
2019-12-16 17:10 - 2019-03-18 23:02 - 000000000 ____D C:\$WINDOWS.~BT
2019-12-16 16:29 - 2019-03-02 23:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-14 16:55 - 2019-05-20 10:43 - 000000000 ____D C:\Program Files (x86)\ClownfishVoiceChanger
2019-12-13 18:43 - 2019-06-25 11:03 - 000000416 _____ C:\WINDOWS\Tasks\update-sys.job
2019-12-13 18:43 - 2019-06-25 11:03 - 000000416 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3762797259-1065414235-235543805-1001.job
2019-12-13 18:34 - 2019-10-07 18:21 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d7ff93a809
2019-12-13 18:34 - 2019-10-07 18:21 - 000003152 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d7fe6c967f
2019-12-13 18:34 - 2019-10-02 17:35 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-12-12 17:52 - 2019-03-03 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2019-12-10 23:33 - 2019-03-03 00:57 - 000000000 ____D C:\Users\sam\AppData\Local\NVIDIA
2019-12-09 20:57 - 2019-09-30 18:00 - 000002346 _____ C:\Users\sam\Desktop\Gif Your Game.lnk
2019-12-08 16:28 - 2019-03-25 18:42 - 000001429 _____ C:\Users\sam\Desktop\Roblox Player.lnk
2019-12-08 16:28 - 2019-03-25 18:42 - 000001244 _____ C:\Users\sam\Desktop\Roblox Studio.lnk
2019-12-08 16:28 - 2019-03-25 18:42 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-12-08 15:34 - 2019-03-02 23:54 - 000000000 ___RD C:\Program Files\Windows Defender
2019-12-08 07:28 - 2019-05-09 18:23 - 002076064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-08 07:28 - 2019-03-21 16:31 - 000659152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-08 07:27 - 2019-02-08 20:12 - 004957288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-12-08 06:47 - 2019-03-03 00:55 - 002859872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-12-08 06:47 - 2019-03-03 00:55 - 002221064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-12-08 06:47 - 2019-03-03 00:55 - 001321496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-12-07 06:21 - 2019-03-03 00:55 - 000174560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-12-07 06:21 - 2019-03-03 00:55 - 000149472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2019-12-05 19:36 - 2019-05-17 13:28 - 000000000 ____D C:\Users\sam\AppData\Roaming\slobs-client
2019-12-05 19:23 - 2019-05-14 10:23 - 000000000 ____D C:\Program Files\Streamlabs OBS
2019-12-05 13:24 - 2019-05-29 14:46 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-04 23:17 - 2019-04-25 20:02 - 000013112 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-12-03 17:23 - 2019-11-22 17:58 - 000000000 ____D C:\Users\sam\Documents\MEGAsync Downloads
2019-12-01 16:52 - 2019-03-03 00:40 - 000000000 ____D C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-12-01 16:52 - 2019-03-03 00:40 - 000000000 ____D C:\Users\sam\AppData\Local\SquirrelTemp
2019-12-01 14:03 - 2019-03-19 19:37 - 000000000 ___RD C:\Users\sam\Creative Cloud Files
 
==================== Files in the root of some directories ========
 
2019-12-03 17:02 - 2019-12-03 17:33 - 000015320 _____ () C:\Users\sam\AppData\Local\krita.log
2019-12-03 17:33 - 2019-12-03 17:33 - 000000039 _____ () C:\Users\sam\AppData\Local\kritadisplayrc
2019-12-03 17:02 - 2019-12-03 17:33 - 000016144 _____ () C:\Users\sam\AppData\Local\kritarc
2019-03-19 19:33 - 2019-03-19 19:33 - 000000410 _____ () C:\Users\sam\AppData\Local\oobelibMkey.log
2019-08-24 10:03 - 2019-08-24 10:03 - 000000881 _____ () C:\Users\sam\AppData\Local\recently-used.xbel
2019-06-25 11:03 - 2019-06-25 11:03 - 000000003 _____ () C:\Users\sam\AppData\Local\updater.log
2019-06-25 11:03 - 2019-06-25 11:03 - 000000425 _____ () C:\Users\sam\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by sam (31-12-2019 10:36:34)
Running from C:\Users\sam\Desktop
Windows 10 Home Version 1809 17763.864 (X64) (2019-03-03 08:28:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3762797259-1065414235-235543805-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3762797259-1065414235-235543805-503 - Limited - Disabled)
Guest (S-1-5-21-3762797259-1065414235-235543805-501 - Limited - Disabled)
sam (S-1-5-21-3762797259-1065414235-235543805-1001 - Administrator - Enabled) => C:\Users\sam
WDAGUtilityAccount (S-1-5-21-3762797259-1065414235-235543805-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Action! (HKLM-x32\...\Mirillis Action!) (Version: 3.9.3 - Mirillis)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
AlphaConsole version 9.15.4.0 (All users) (HKLM-x32\...\{CCCDBFCF-CD8B-4728-915A-DCB71C1118BE}_is1) (Version: 9.15.4.0 - AlphaConsole)
AlphaConsole version 9.9.14.0 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{CCCDBFCF-CD8B-4728-915A-DCB71C1118BE}_is1) (Version: 9.9.14.0 - AlphaConsole)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version:  - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atom (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\atom) (Version: 1.40.1 - GitHub Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Badlion Client 2.9.3 (HKLM\...\{1de14785-dd8c-5cd2-aae8-d4a376f81d78}) (Version: 2.9.3 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.16.146 - Bitdefender)
Bitsonic Keyzone Classic 1.0 (HKLM\...\{88888ED7-TBF6-9E32-C2C5-KF14615389C8}_is1) (Version: 1.0 - Bitsonic LP)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare Beta (HKLM-x32\...\Call of Duty Modern Warfare Beta) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.217 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Version: 3.0.1 - Dell, Inc.)
Discord (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\FACEITApp) (Version: 1.22.5 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gif Your Game 2.1.4 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 2.1.4 - Bad Panda, Inc.)
GIMP 2.10.12 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Ironsight version 1.0 (HKLM-x32\...\Ironsight_is1) (Version: 1.0 - Aeria Games)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LMMS 1.2.0 (HKLM-x32\...\LMMS) (Version: 1.2.0 - LMMS Developers)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 68.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
osu! (HKLM-x32\...\{d79dee71-be57-43f8-8bb6-549e8b3860be}) (Version: latest - ppy Pty Ltd)
PbPLauncher (HKLM-x32\...\{A5FD8264-C689-4FF6-8712-9BCB4E6D231D}) (Version: 1.0.0 - Pixel by Pixel Studios Inc.)
ProtonVPN (HKLM-x32\...\{2F7C9F34-7064-4637-8CCA-A7BA72E88257}) (Version: 1.8.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.8.1) (Version: 1.8.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PvPLounge Launcher (HKLM\...\ad8f9f29-9001-57dc-871c-20ee37a85c88) (Version: 0.1.8 - Digital Ingot, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.6.34.1043 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Roblox Player for sam (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for sam (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SmartByte Drivers and Services (HKLM\...\{C4F38455-B9B0-48C7-BC4C-8D4F4A27506E}) (Version: 2.0.613 - Rivet Networks)
SoundBridge (64 bit) (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{22BB2C21-AD40-4159-93C8-496ED8341B63}) (Version: 1.10 - SoundBridge)
Spotify (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.14.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.14.1 - General Workings, Inc.)
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.5.0.9 - GOG.com)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Trapcode Suite (HKLM\...\Trapcode Suite v15.1.3) (Version:  - Red Giant LLC)
Twitch (HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.5.1.0) (HKLM-x32\...\UniConverter_is1) (Version: 11.5.1.0 - Wondershare Software)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.26.7.0_x86__kgqvnymyfvs32 [2019-11-28] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1652.1.0_x86__kgqvnymyfvs32 [2019-12-02] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-05] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.17.0_x64__htrsf667h5kn2 [2019-03-03] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.41.0_x64__htrsf667h5kn2 [2019-10-24] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0 [2019-05-01] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2019-12-20] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_3.0.160.0_x64__htrsf667h5kn2 [2019-03-03] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2019-10-01] (Dropbox Inc.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-03] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa [2019-10-29] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-03] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.16.0_x64__wafk5atnkzcwy [2019-10-08] (McAfee Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12228.20332.0_x86__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.105.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.2.38.0_x64__htrsf667h5kn2 [2019-07-31] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-24] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-03] (Plex)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.87.8848.2_x64__8wekyb3d8bbwe [2019-11-22] (ms-resource:PublisherDisplayName)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_2.5.713.0_x64__rh07ty8m5nkag [2019-04-23] (Rivet Networks LLC)
SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2019-06-08] (Soundcloud Ltd.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-711CA632D15D} -> [Creative Cloud Files] => C:\Users\sam\Creative Cloud Files [2019-03-19 19:37]
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{B38AEB62-DF93-43DA-91B6-B8E42C8EC580} -> [MEGAsync] => C:\Users\sam\Documents\MEGAsync [2019-11-22 17:57]
CustomCLSID: HKU\S-1-5-21-3762797259-1065414235-235543805-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\sam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-05] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_2324095c456594ca\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-25] (Beepa P/L) [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2019-04-08 02:58 - 2019-04-08 02:58 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-04-23 23:54 - 2019-04-23 23:54 - 000483328 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2018-04-25 10:28 - 2018-04-25 10:28 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-06-25 11:03 - 2017-05-23 11:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2019-06-25 11:03 - 2017-05-23 11:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2019-11-22 10:02 - 2019-11-22 10:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-14 23:31 - 2018-09-14 23:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\sam\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sam\Downloads\Logo-New-York-Giants-Wallpapers.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "BakkesMod"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "Gif Your Game"
HKU\S-1-5-21-3762797259-1065414235-235543805-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F603CB82-9A5B-4DDD-8447-D18983ADDACC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5090168E-6A34-489B-9933-463D7AE59810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D3D222-3C35-401A-8DBF-3D559FEDE37A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53BFE407-CB78-4B60-8AA8-6DB8025E2D12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{495D980E-8867-4A9B-9708-7C0A3E773162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{76B5C987-6F8C-42A1-BDA3-B20B40FB69FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{29FCB897-E677-4BB1-92A9-A6A503992E87}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{74C2B9D5-2559-4359-9E07-B7A179FFFEB6}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA63CAEA-6730-4FE6-9F19-FE13E9AB370C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5BC25A4-2328-4DF7-9B2C-89394D412A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2097F252-E73A-49F9-87A0-9A518F799994}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{24D8450D-720A-43C7-AE61-3185CFD934FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4A96E04F-11DB-4892-8D70-0430DE4EB43D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{54113CF0-9DB1-42DC-B670-21F04C7B62DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{A987F98C-9B40-4BFE-A51B-480A547B245A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{05B4A13A-A3E9-4402-A19B-AFE57F73840E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{8324F641-C9D2-449F-9EDC-35C3E164BB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [{E6CF99E1-4755-4539-A03F-5E9D7D572E43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [TCP Query User{C70305B5-21F9-4D74-B889-98D95449C809}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{52C17D39-CF97-4309-9730-8AFB8D62F065}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{EDDE347B-C225-4DC8-A3DF-7F4AC7C43C74}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{213D72E2-E3D7-4AE1-A275-C31AC354415F}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [TCP Query User{C434EF00-1E5E-4B18-BBF4-85EBE004B902}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe
FirewallRules: [UDP Query User{23B9FA7A-0A0C-4A1D-89DB-67EB744A95D5}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe
FirewallRules: [TCP Query User{104A4CD6-41F1-42A4-9F92-093A65E4FE7C}C:\users\sam\appdata\roaming\.pvplounge\launcher.exe] => (Allow) C:\users\sam\appdata\roaming\.pvplounge\launcher.exe (Digital Ingot, Inc. -> )
FirewallRules: [UDP Query User{52D11923-515D-4751-A2DA-571F0F042859}C:\users\sam\appdata\roaming\.pvplounge\launcher.exe] => (Allow) C:\users\sam\appdata\roaming\.pvplounge\launcher.exe (Digital Ingot, Inc. -> )
FirewallRules: [{70B53957-6700-40AF-BA14-A76BCD8699FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E77AC705-0EA5-40AE-989D-959A83998607}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1E2A241E-3202-4C73-89FD-29FAC2228239}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D422E0A0-391A-4CF3-9F28-1CB4BC97AC84}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{2071EE9F-9F2A-4614-95E7-C5DA8DA3AB41}] => (Block) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{90C01C14-6B70-4CEA-8270-A06C9E6B0186}] => (Block) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9AE5808C-B248-490B-B878-91FAB70067BD}C:\users\sam\desktop\new folder (2)\hl.exe] => (Allow) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{3877D2CA-1801-4C7D-B86A-28EC8E6C1062}C:\users\sam\desktop\new folder (2)\hl.exe] => (Allow) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [{00B3034C-AA93-471B-9D63-E1509EE57DEA}] => (Block) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [{267FC301-41F6-4F00-A489-9178CBCC6C4C}] => (Block) C:\users\sam\desktop\new folder (2)\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{7759C59D-9F9D-4074-A67E-9E3B3B11A070}C:\users\sam\desktop\new folder (2)\hltv.exe] => (Block) C:\users\sam\desktop\new folder (2)\hltv.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{A4F96245-964B-435F-9B04-70C4556BD20C}C:\users\sam\desktop\new folder (2)\hltv.exe] => (Block) C:\users\sam\desktop\new folder (2)\hltv.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{0659F1A1-9B13-4FEC-884A-DF57A2F8E0D8}C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E4272A67-6105-430E-A9B6-F9B590182C0D}C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare beta\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{EA859718-A176-496B-99B8-298FC83138EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [File not signed]
FirewallRules: [{526027C7-B9B5-411F-949E-42F6A3138F95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [File not signed]
FirewallRules: [{9E1B2AF9-FB31-4B2D-A28D-94671FA99A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{5E953F20-5AC0-4DF0-9566-70948CB8B4F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe () [File not signed]
FirewallRules: [{F10E5657-1DBF-427E-A8AE-C4D745A5C4FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D8DA97BE-1EC1-4B3C-9A73-89F3DA67B14D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B3AD3033-73A8-41B8-9225-15BB36527F69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{5EFB597A-9C32-4880-84F0-FF7DFF8833C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{2594D628-87AF-450A-B9E5-DE2564E90550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{70E7B84A-2FA4-4E73-8E43-AD20F1E461EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{F29FD2F5-5150-4DDF-BCD8-E37FE757DC88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [{F96F50F3-F30A-4917-89D9-411A07680C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [TCP Query User{98A528C4-F1CF-4697-AB9F-169F03B72D50}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{149EF81B-E616-4408-92AC-5B41485FC733}C:\users\sam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sam\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{299B843E-FC05-4E27-8A43-818CB5A86C43}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47927953-D882-4B13-8B0A-64510E974B7F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5344634-684D-4D35-9F70-D7D38CCD48AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA162BE0-835D-468B-AB1C-57F7FC703F6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79C58F57-9DB1-43E3-AB53-358612C627DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{619A317F-8FD4-4AA6-AD74-D8A50A1D8DF6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{060C9F1A-3EEA-491E-B6CC-B506D6199ED1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{816B64BD-AB49-4C0D-A4EC-516BD7DB6A26}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7507AF71-377C-4E46-8AB9-0C1FD08192F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{27893103-D1BA-4A37-8D02-8B0CF59179D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [TCP Query User{7779369A-CA6B-402D-AAD5-402FD5B3BCAC}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{6073776B-E4E8-44B5-8B6F-0CA88040098C}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{771FEF6A-441F-4B72-A4AF-3C17EB01373B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downtown Casino Poker\dtcpoker_win.exe () [File not signed]
FirewallRules: [{7572788F-2C8D-4256-BE0C-7C90F0700883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downtown Casino Poker\dtcpoker_win.exe () [File not signed]
FirewallRules: [{9AC15B14-310E-4E00-9C8B-F078257519BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe (505 Games) [File not signed]
FirewallRules: [{8E7E9A6A-C9CE-4BBC-B02A-FF2DA9AF38FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe (505 Games) [File not signed]
FirewallRules: [{85245014-A20D-4716-8ACC-585C7682F4D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]
FirewallRules: [{1E4E99CD-666D-48AF-92CD-4C0919C206C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]
FirewallRules: [{E636A024-D7BE-4872-A5A5-37D9FDD36953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{66198E1C-A573-4422-A829-E5F9F4265132}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{FB84DB28-7676-4789-A8E5-4A07DD3BBD68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12228.20332.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9A5C246-9E94-41E3-AD0D-08540B38653D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{18CCDF52-FC73-4479-B263-EE5FEC0765BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{E3600AB8-00A4-478E-B6B5-CD3882D22C96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve -> )
FirewallRules: [{8CCFFDDD-7E0C-4A1C-BF06-44BCD051FE98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{B7BFB999-0C57-46DA-8418-47250113A651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe () [File not signed]
FirewallRules: [{AA1B3480-0A95-4C44-A6EF-817C4A3DC555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{DC18F060-1F59-4941-B578-A083045A6F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{FBD5DAFB-1DF9-4B69-BC99-7D19941AA8DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{20F4073F-792A-48A5-8A69-C7CBA2E5BF9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA275E4E-4278-4B53-8F11-48F8D4E23CB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B7EAC54-CA55-4B5F-83DE-E4DF76887DD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/31/2019 10:16:22 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
Error: (12/30/2019 11:43:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DDVDataCollector.exe, version: 5.2.11.111, time stamp: 0x5dbaa5b8
Faulting module name: ntdll.dll, version: 10.0.17763.831, time stamp: 0x1f1a0210
Exception code: 0xc0000409
Fault offset: 0x00000000000306c4
Faulting process id: 0x1b40
Faulting application start time: 0x01d5bf4671e6f3b2
Faulting application path: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: cb99cdd7-b1d5-410c-93f3-4b26015cfded
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/30/2019 11:15:27 AM) (Source: SmartByte Network Service) (EventID: 16) (User: )
Description: Event-ID 16
 
 
System errors:
=============
Error: (12/31/2019 10:40:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/31/2019 10:40:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/31/2019 10:38:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/31/2019 10:38:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHQVSUB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/31/2019 10:36:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/31/2019 10:36:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (12/31/2019 10:34:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error: 
The system cannot find the file specified.
 
Error: (12/31/2019 10:34:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2019-12-03 16:20:58.812
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6106915B-BC0A-484D-92A8-BFFFE5F0F1F8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-03 16:16:01.521
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {521FE192-4370-4EF1-B16D-31AB297CE3C3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 19:06:31.214
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {41E6DD71-F075-4BB1-B33C-BDD9CC8F1DFE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 18:08:32.542
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3246382B-B850-47B9-93F6-159D268A66BE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-12-02 16:07:12.809
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E9349FE9-6E2C-4E00-AC93-8E1171BA9886}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-11-06 16:17:08.834
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.1417.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-29 16:03:27.058
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.871.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-22 18:19:53.655
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.305.416.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2019-12-27 17:16:10.429
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-27 17:16:10.426
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-20 17:30:00.065
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-20 17:30:00.062
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-16 19:33:22.910
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:25:55.262
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:18:38.171
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-12-16 19:10:48.659
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SInspector.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.3.2 07/18/2018
Motherboard: Dell Inc. 0PXWHK
Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 70%
Total physical RAM: 8078.64 MB
Available physical RAM: 2421.5 MB
Total Virtual: 19854.64 MB
Available Virtual: 11403.55 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:916.68 GB) (Free:130.58 GB) NTFS
 
\\?\Volume{eaa67931-51ed-46e8-85f5-c5816993e514}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.52 GB) NTFS
\\?\Volume{71654026-b739-4068-8a8d-15e0866211d3}\ (Image) (Fixed) (Total:11.98 GB) (Free:0.16 GB) NTFS
\\?\Volume{2721d5d5-cf0b-4966-899c-70e441d83060}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.44 GB) NTFS
\\?\Volume{f0b5d685-8311-49f5-8284-714ad87218e9}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A488730F)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#15
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,147 posts
Sorry for the delay. Please do the following:

---------------------------------------------------
Chkdsk /R
  • Press the Windows Key + R. This will open the Run box.
  • Type cmd and press Ctrl + Shift + Enter.
  • A command prompt window will open. Type chkdsk /r (note the space between chkdsk and /r) and press Enter.
  • A message will appear stating that chkdsk will schedule the disk check until the next reboot. Press Y to continue.
  • Restart your computer. Before Windows loads, chkdsk will begin scanning your hard drive for bad sectors and attempt to repair them. This may take some time.
  • Once it is complete, your computer will boot to Windows.
    • Press the Windows Key + R. Type eventvwr and press Enter.
    • The Event Viewer window will open.
    • In the left pane, expand "Windows Logs" and then click on Application.
    • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
    • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
    • Click on that Wininit entry to select it.
    • On the top main menu, click Action > Copy > Copy Details as Text.
    • Paste the contents into your next reply.
---------------------------------------------------

In your next reply, please include:
  • Chkdsk log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP