Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

StartCheckLibrary and winscomrssrv modules missing


  • Please log in to reply

#1
Cairn_

Cairn_

    New Member

  • Member
  • Pip
  • 3 posts

Hi, everytime I boot to desktop two rundll error messages pop up saying that StartCheckupLibrary.dll and winscomrssrv.dll modules are missing. Eset quarantined both but I have no idea how to safely remove them.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-12-2019
Ran by Simi (administrator) on DESKTOP-O4OMJLU (Gigabyte Technology Co., Ltd. B250-HD3P) (26-12-2019 02:10:38)
Running from C:\Users\Simi\Desktop
Loaded Profiles: Simi (Available Profiles: Simi)
Platform: Windows 10 Home Version 1903 18362.388 (X64) Language: Slovak (Slovakia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͉841.inf_amd64_01bbb629805d901e\B349895\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͉841.inf_amd64_01bbb629805d901e\B349895\atiesrxx.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(Canon Inc. -> Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_c8e108d4a62c59d5\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_c8e108d4a62c59d5\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_b95c9a044993331b\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_b95c9a044993331b\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\Simi\Desktop\Autoruns\Autoruns64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify AB -> Spotify Ltd) C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe
(VIA Technologies, Inc -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Run: [GoogleChromeAutoLaunch_D7EAC1086D66935526BA2B6E74B38258] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Run: [Spotify] => C:\Users\Simi\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36060048 2019-12-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Run: [Discord] => C:\Users\Simi\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\MountPoints2: {4cb3aa2d-cb1b-11e9-bcc6-000272a56266} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Startup: C:\Users\Simi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-02-12]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon Inc. -> Canon INC.)
Startup: C:\Users\Simi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-11-21]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Simi\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05998B3B-C122-46C0-A7FA-032793A7CE2E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {0B303A5A-4BCC-458F-A5C6-9F236EF895CB} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {12B38F4D-6E29-4EBF-BB6C-4B8BBC909677} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe)
Task: {3B5C1EB3-124B-4D9E-A499-76A16166FF8F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3FCC88EC-23BB-4E03-B8C9-390D5BF9E4BC} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {454DAA25-BEA9-430B-8C03-3573B5DEAB6B} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2019-10-22] () [File not signed]
Task: {60FBF3D2-2520-4DAC-9625-C9ACD785E3D6} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION
Task: {6CBA7021-553B-4CE2-83F9-157E3946188E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {874A2D18-65F8-4487-8B6B-66D77A067881} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {8844155F-3AE1-42D8-8785-4F085E95DC62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {8B065C80-6EF3-4DFD-84CB-A0D7700B9B22} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-739093134-1882289950-3713944110-1003 => C:\Users\Simi\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {9ECD3294-73AF-4D0E-8A7D-00337890DE66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {9FF7A98A-4BB6-4E15-9E28-B2A2DE995BF3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A1C46BE1-3CBA-47FD-AC92-D3FF0766E7A0} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {A308D4D4-ADFB-44C2-B0E1-83E2F70BB655} - System32\Tasks\ViGEmBusUpdater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [901144 2019-05-10] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {CD6CA929-2E7A-412E-8B9A-895734011E00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-03] (Google Inc -> Google Inc.)
Task: {D2CC4110-09E3-4737-9FB2-96137DE42A6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D36C7157-11ED-469B-9520-41B33E1F12FA} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-O4OMJLU-Simi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {D8602F1F-21A4-4210-B3F0-3B6960A05A59} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {E5D0A49A-0BB2-4BB4-8119-B4B1A23475F5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E85BDD0C-BBB0-43E6-B433-AC37FAE1877B} - System32\Tasks\CorelUpdateHelperTask-CE20E9513B8623C3E7ED5160CA32CE99 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {EBC022E5-DB8D-40E8-9586-A7A64619779A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {F056B715-41D9-468D-AE39-CE8B4932150C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-03] (Google Inc -> Google Inc.)
Task: {FAC3194B-FA94-4940-AA6E-E23EFDE97A52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{131f8176-b0cb-45d4-98e3-baec7a65264b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{e882b637-9488-49c2-8fc8-c35c60d3bfe8}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-21] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\Simi\Downloads

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-101&v=n11470-300&t=4
CHR StartupUrls: Default -> "hxxps://www.youtube.com/"
CHR Notifications: Default -> hxxps://eseecmoa.com; hxxps://maranhesduve.club; hxxps://www.youtube.com
CHR Profile: C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default [2019-12-26]
CHR Extension: (Prekladač Google) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-04-22]
CHR Extension: (Prezentácie) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Magio GO) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2018-12-30]
CHR Extension: (Dokumenty) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-03]
CHR Extension: (Translator) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blndkmebkmenignoajhoemebccmmfjib [2019-08-14]
CHR Extension: (YouTube) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-03]
CHR Extension: (Honey) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-12-18]
CHR Extension: (uBlock Origin) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-29]
CHR Extension: (uVPN - free and unlimited VPN for everyone) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2019-09-08]
CHR Extension: (Video Downloader professional) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-11]
CHR Extension: (Tabuľky) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2018-05-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (VisualOn Chrome Plugin Helper) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icnlblaamineciagcjhkkgeinkpiebhe [2018-12-31]
CHR Extension: (Grammarly for Chrome) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (InteractiveFics) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpjpdomcbnlkbghmchnjgeejpdlonli [2019-10-24]
CHR Extension: (Gmail) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR HKU\S-1-5-21-739093134-1882289950-3713944110-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [icnlblaamineciagcjhkkgeinkpiebhe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository͉841.inf_amd64_01bbb629805d901e\B349895\atiesrxx.exe [524504 2019-12-17] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2017-09-14] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2017-09-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-19] (BattlEye Innovations e.K. -> )
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40016 2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-08-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-25] (ESET, spol. s r.o. -> ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-10-27] (VIA Technologies, Inc -> VIA Technologies, Inc.)
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [901144 2019-05-10] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [779208 2017-10-18] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository͉841.inf_amd64_01bbb629805d901e\B349895\atikmdag.sys [65722064 2019-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository͉841.inf_amd64_01bbb629805d901e\B349895\atikmpag.sys [592296 2019-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2017-09-03] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2017-09-03] (ASUSTeK Computer Inc. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-12-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-12-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-12-25] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-12-25] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-25] (ESET, spol. s r.o. -> ESET)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-02-01] (Windscribe Limited -> The OpenVPN Project)
S3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [709856 2016-10-27] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115704 2017-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [17912 2017-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-26 02:03 - 2019-12-26 02:05 - 000000267 _____ C:\Users\Simi\Desktop\Search.txt
2019-12-26 01:51 - 2019-12-26 01:51 - 000000000 ____D C:\Users\Simi\Desktop\Autoruns
2019-12-26 01:51 - 2019-12-26 01:44 - 001728127 _____ C:\Users\Simi\Desktop\Autoruns.zip
2019-12-26 01:43 - 2019-12-26 01:44 - 000058824 _____ C:\Users\Simi\Desktop\Addition.txt
2019-12-26 01:42 - 2019-12-26 02:11 - 000029995 _____ C:\Users\Simi\Desktop\FRST.txt
2019-12-26 01:39 - 2019-12-26 01:36 - 002271744 _____ (Farbar) C:\Users\Simi\Desktop\FRST64.exe
2019-12-26 01:36 - 2019-12-26 02:10 - 000000000 ____D C:\FRST
2019-12-26 01:33 - 2019-12-26 01:33 - 000000000 ____D C:\Users\Simi\AppData\Local\ATI
2019-12-26 01:28 - 2019-12-26 01:28 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2019-12-26 01:28 - 2019-12-26 01:28 - 000000000 ____D C:\Users\Simi\AppData\Local\D3DSCache
2019-12-26 01:26 - 2019-12-26 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2019-12-26 01:26 - 2019-12-26 01:26 - 000000000 ____D C:\Program Files (x86)\AMD
2019-12-26 01:25 - 2019-12-26 01:26 - 000000000 ____D C:\Program Files\AMD
2019-12-26 01:25 - 2019-12-26 01:25 - 000003522 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2019-12-26 01:25 - 2019-12-26 01:25 - 000000000 ____D C:\Users\Simi\AppData\Local\RadeonInstaller
2019-12-26 01:25 - 2019-12-26 01:25 - 000000000 ____D C:\ProgramData\AMD
2019-12-26 01:18 - 2019-12-26 01:19 - 000231156 _____ C:\WINDOWS\ntbtlog.txt
2019-12-26 01:14 - 2019-12-26 01:14 - 000000000 ____D C:\Users\Simi\Desktop\DDU v18.0.2.1
2019-12-26 01:13 - 2019-12-26 01:13 - 001236824 _____ C:\Users\Simi\Desktop\[Guru3D.com]-DDU.zip
2019-12-26 01:13 - 2019-12-26 01:13 - 000000000 ____D C:\Users\Simi\Desktop\[Guru3D.com]-DDU
2019-12-25 16:21 - 2019-12-25 17:57 - 000000000 ____D C:\Users\Simi\Desktop\DS4Windows
2019-12-25 15:21 - 2019-12-25 15:21 - 000000000 ____D C:\ESD
2019-12-25 15:17 - 2019-12-25 15:17 - 000000000 ___HD C:\$Windows.~WS
2019-12-25 15:17 - 2019-12-25 15:17 - 000000000 ____D C:\$WINDOWS.~BT
2019-12-25 14:36 - 2019-12-25 14:36 - 000003722 _____ C:\WINDOWS\system32\Tasks\ViGEmBusUpdater
2019-12-25 14:36 - 2019-12-25 14:36 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2019-12-25 13:22 - 2019-12-25 13:22 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-25 13:22 - 2019-12-25 13:22 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-25 13:10 - 2019-12-25 13:10 - 000000000 ____D C:\Users\Simi\AppData\Local\cache
2019-12-25 13:05 - 2019-12-26 01:28 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2019-12-25 13:05 - 2019-12-26 01:28 - 000000000 ____D C:\Users\Simi\AppData\Local\AMD
2019-12-25 13:05 - 2019-12-26 01:26 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2019-12-25 13:05 - 2019-12-25 13:05 - 000000000 ____D C:\WINDOWS\system32\AMD
2019-12-25 13:04 - 2019-12-26 01:26 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-12-25 13:04 - 2019-12-26 01:26 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-12-25 13:03 - 2019-12-25 13:03 - 000000000 ___HD C:\OneDriveTemp
2019-12-25 12:07 - 2019-12-25 12:07 - 000000000 ____D C:\WINDOWS\Panther
2019-12-24 21:25 - 2019-12-24 21:25 - 000000298 _____ C:\Users\Simi\Desktop\Detroit Become Human.url
2019-12-23 21:38 - 2019-12-23 21:38 - 002275756 _____ C:\Users\Simi\Desktop\tumblr_pkw1mv7ELC1y3f5sfo1_540.webp
2019-12-21 18:11 - 2019-12-21 18:11 - 000000000 ____D C:\Users\Simi\AppData\Local\Sony Interactive Entertainment Network America LLC
2019-12-21 18:11 - 2019-12-21 18:11 - 000000000 ____D C:\Program Files\DIFX
2019-12-21 18:10 - 2019-12-21 18:11 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Sony Interactive Entertainment Network America LLC
2019-12-21 18:00 - 2019-12-21 18:00 - 000000000 ____D C:\ProgramData\Nefarius Software Solutions e.U
2019-12-20 21:04 - 2019-12-20 21:04 - 000000294 _____ C:\Users\Simi\Desktop\Towerfall Ascension.url
2019-12-20 18:55 - 2019-12-25 17:57 - 000000000 ____D C:\Users\Simi\AppData\Roaming\DS4Windows
2019-12-20 18:23 - 2019-12-20 18:23 - 000000222 _____ C:\Users\Simi\Desktop\Tomb Raider.url
2019-12-17 21:08 - 2019-12-17 21:08 - 062867672 _____ C:\WINDOWS\system32\amd_comgr.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 052403416 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 004564184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 004076760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 001730776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 001073312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 001073312 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000930136 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000930136 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000852392 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000852392 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000769240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000761048 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000710056 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000710056 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000493992 _____ C:\WINDOWS\system32\dgtrayicon.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000491944 _____ C:\WINDOWS\system32\GameManager64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000467160 _____ C:\WINDOWS\system32\amdlogum.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000451800 _____ C:\WINDOWS\system32\atieah64.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000428968 _____ C:\WINDOWS\system32\EEURestart.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000374696 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000345816 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000345000 _____ C:\WINDOWS\system32\clinfo.exe
2019-12-17 21:08 - 2019-12-17 21:08 - 000241880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000209112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000184744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000178864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000163240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000159656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000153512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000138664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000136616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000136616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000121560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000121048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000107224 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000091560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000076200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000020632 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2019-12-17 21:08 - 2019-12-17 21:08 - 000020608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2019-12-17 21:07 - 2019-12-17 21:07 - 078651096 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2019-12-17 21:07 - 2019-12-17 21:07 - 000484568 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2019-12-17 21:07 - 2019-12-17 21:07 - 000373976 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2019-12-17 21:07 - 2019-12-17 21:07 - 000197392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2019-12-17 21:07 - 2019-12-17 21:07 - 000166992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 001686624 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 001365984 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000546328 _____ C:\WINDOWS\system32\amdmiracast.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000134944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2019-12-17 21:06 - 2019-12-17 21:06 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2019-12-16 19:35 - 2019-12-16 19:35 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2019-12-16 19:35 - 2019-12-16 19:35 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2019-12-16 19:33 - 2019-12-16 19:33 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2019-12-16 19:33 - 2019-12-16 19:33 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2019-12-16 19:33 - 2019-12-16 19:33 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2019-12-16 19:33 - 2019-12-16 19:33 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2019-12-16 19:27 - 2019-12-16 19:27 - 000541192 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2019-12-16 19:27 - 2019-12-16 19:27 - 000541192 _____ C:\WINDOWS\system32\atiapfxx.blb
2019-12-14 19:44 - 2019-12-14 20:05 - 000000000 ____D C:\Users\Simi\AppData\Local\Ori and the Blind Forest DE
2019-12-13 21:44 - 2019-12-13 21:44 - 000000289 _____ C:\Users\Simi\Desktop\The Wolf Among Us.url
2019-12-13 20:10 - 2019-12-25 13:33 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Discord
2019-12-13 20:10 - 2019-12-13 20:10 - 000002273 _____ C:\Users\Simi\Desktop\Discord.lnk
2019-12-13 20:10 - 2019-12-13 20:10 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-12-13 20:10 - 2019-12-13 20:10 - 000000000 ____D C:\Users\Simi\AppData\Local\SquirrelTemp
2019-12-13 20:10 - 2019-12-13 20:10 - 000000000 ____D C:\Users\Simi\AppData\Local\Discord
2019-12-12 16:37 - 2019-12-25 15:04 - 000001444 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2019-12-12 16:37 - 2019-12-25 15:04 - 000001444 _____ C:\ProgramData\Desktop\The Sims 4.lnk
2019-12-12 16:37 - 2019-12-12 16:37 - 000000000 ____D C:\Users\Simi\AppData\Local\Electronic Arts
2019-12-12 16:37 - 2019-12-12 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2019-12-11 22:17 - 2019-12-25 17:58 - 000000000 ____D C:\Users\Simi\AppData\Local\EpicGamesLauncher
2019-12-11 22:17 - 2019-12-11 22:17 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-12-11 22:17 - 2019-12-11 22:17 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2019-12-11 22:17 - 2019-12-11 22:17 - 000001258 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2019-12-11 22:17 - 2019-12-11 22:17 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-12-09 22:19 - 2019-12-09 22:19 - 040198144 _____ C:\Users\Simi\Desktop\New Canvas.sai
2019-12-01 09:14 - 2019-12-01 09:15 - 000000000 ____D C:\Users\Simi\AppData\Local\LarianLauncher
2019-11-26 22:04 - 2019-11-26 22:04 - 000002328 _____ C:\Users\Simi\AppData\Roaming\PureRef.ini
2019-11-26 10:11 - 2019-09-24 22:38 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-26 01:30 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-26 01:26 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-26 01:26 - 2017-09-03 16:51 - 000000000 ____D C:\Users\Simi\AppData\Roaming\WTablet
2019-12-26 01:20 - 2019-08-14 21:15 - 000000000 __SHD C:\Users\Simi\IntelGraphicsProfiles
2019-12-26 01:20 - 2019-06-24 21:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-26 01:20 - 2017-09-03 11:20 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Spotify
2019-12-26 01:19 - 2019-10-07 17:47 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-12-26 01:19 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-26 01:11 - 2017-09-03 11:21 - 000000000 ____D C:\Users\Simi\AppData\Local\Spotify
2019-12-25 22:25 - 2019-06-24 20:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-25 19:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-25 17:14 - 2018-05-18 21:49 - 000189512 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-12-25 17:14 - 2018-05-18 21:49 - 000149944 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-12-25 17:14 - 2018-05-18 21:49 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-25 17:14 - 2018-05-18 21:49 - 000103264 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-12-25 17:14 - 2018-05-18 21:49 - 000079744 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-12-25 17:14 - 2018-05-18 21:49 - 000050712 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-12-25 17:10 - 2018-05-18 21:49 - 000015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-12-25 17:09 - 2018-06-09 21:51 - 000000000 ____D C:\Program Files\ESET
2019-12-25 17:01 - 2019-06-24 19:55 - 000000000 ____D C:\Users\Simi
2019-12-25 16:44 - 2018-07-02 12:45 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-25 15:32 - 2018-06-30 11:11 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Origin
2019-12-25 14:57 - 2018-06-28 09:03 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-25 14:57 - 2017-09-03 18:49 - 000000000 ____D C:\ProgramData\Origin
2019-12-25 14:56 - 2018-06-30 11:11 - 000000000 ____D C:\Users\Simi\AppData\Local\Origin
2019-12-25 14:55 - 2018-06-30 11:10 - 000000000 ____D C:\Program Files (x86)\Origin
2019-12-25 13:41 - 2018-04-03 14:55 - 000000000 ____D C:\GOG Games
2019-12-25 13:24 - 2018-01-04 19:34 - 000000000 ____D C:\TEMP
2019-12-25 13:22 - 2019-06-24 21:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-25 13:19 - 2018-04-08 16:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-12-25 13:03 - 2017-09-03 02:27 - 000000000 ___RD C:\Users\Simi\OneDrive
2019-12-25 12:54 - 2017-09-03 00:35 - 000000000 ____D C:\AMD
2019-12-25 12:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-24 21:04 - 2018-06-13 18:00 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Twitch
2019-12-24 16:24 - 2017-09-08 19:14 - 000000206 _____ C:\WINDOWS\MSUTIL.INI
2019-12-24 16:22 - 2017-11-18 19:04 - 000000000 ____D C:\Program Files\NewBlue
2019-12-24 16:22 - 2017-11-18 19:04 - 000000000 ____D C:\Program Files (x86)\NewBlue
2019-12-24 16:21 - 2017-09-08 19:11 - 000000000 ____D C:\ProgramData\VEGAS
2019-12-24 16:21 - 2017-09-08 19:11 - 000000000 ____D C:\Program Files (x86)\VEGAS
2019-12-24 16:20 - 2017-12-17 19:31 - 000000000 ____D C:\Users\Simi\AppData\Local\Ubisoft Game Launcher
2019-12-24 16:19 - 2017-09-27 14:27 - 000000000 ____D C:\ProgramData\Skype
2019-12-24 16:17 - 2017-09-23 09:57 - 000000000 ____D C:\Users\Simi\AppData\Roaming\uTorrent
2019-12-20 18:23 - 2018-04-03 15:26 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-20 18:11 - 2019-06-24 21:07 - 000840890 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-20 18:11 - 2017-09-08 19:41 - 000013362 _____ C:\WINDOWS\system32\perfh01B.dat
2019-12-20 18:11 - 2017-09-08 19:41 - 000004020 _____ C:\WINDOWS\system32\perfc01B.dat
2019-12-19 19:11 - 2017-09-03 10:53 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-15 18:26 - 2019-04-20 20:36 - 000000000 ____D C:\Users\Simi\AppData\Local\BitTorrentHelper
2019-12-14 08:47 - 2019-06-24 21:07 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 08:47 - 2019-06-24 21:07 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 21:31 - 2019-05-27 08:25 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Microsoft Games
2019-12-13 21:31 - 2019-05-27 08:22 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2019-12-13 21:31 - 2019-05-27 08:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2019-12-13 21:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-13 21:31 - 2018-01-04 21:48 - 000000000 ____D C:\Users\Simi\AppData\Local\Packages
2019-12-13 21:31 - 2017-09-03 22:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-13 21:31 - 2017-09-03 00:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 21:30 - 2019-09-11 17:48 - 000000000 ____D C:\Program Files (x86)\The Wolf Among Us Episode 5
2019-12-13 21:29 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-13 21:29 - 2018-03-24 08:16 - 000000000 ____D C:\Users\Simi\AppData\Local\Razer
2019-12-13 21:29 - 2018-03-24 08:14 - 000000000 ____D C:\ProgramData\Razer
2019-12-13 21:29 - 2018-03-24 08:14 - 000000000 ____D C:\Program Files (x86)\Razer
2019-12-13 21:28 - 2019-03-01 21:35 - 000000000 ____D C:\Users\Simi\AppData\Roaming\Mediatronic
2019-12-13 21:25 - 2018-08-19 22:40 - 000000000 ____D C:\Program Files\Epic Games
2019-12-11 22:19 - 2018-08-19 22:25 - 000000000 ____D C:\ProgramData\Epic
2019-12-11 17:04 - 2019-06-15 14:28 - 000000000 ____D C:\Users\Simi\AppData\Local\Jagex
2019-12-11 17:04 - 2019-06-15 14:28 - 000000000 ____D C:\ProgramData\Jagex
2019-12-10 19:58 - 2019-06-24 21:07 - 000004598 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-10 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-10 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-06 12:35 - 2019-11-14 23:12 - 000003334 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-CE20E9513B8623C3E7ED5160CA32CE99
2019-12-04 18:31 - 2018-11-11 14:45 - 000000000 ____D C:\ProgramData\Ubisoft
2019-11-26 10:11 - 2019-10-08 18:19 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-11-26 10:11 - 2019-10-08 18:19 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp

==================== Files in the root of some directories ========

2017-09-03 19:13 - 2018-11-20 19:22 - 000000132 _____ () C:\Users\Simi\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-02-25 13:28 - 2019-11-25 11:35 - 000000034 _____ () C:\Users\Simi\AppData\Roaming\AdobeWLCMCache.dat
2019-11-26 22:04 - 2019-11-26 22:04 - 000002328 _____ () C:\Users\Simi\AppData\Roaming\PureRef.ini
2017-11-13 20:45 - 2019-09-22 09:06 - 000001456 _____ () C:\Users\Simi\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-02-13 20:57 - 2019-02-13 20:57 - 000000000 _____ () C:\Users\Simi\AppData\Local\oobelibMkey.log
2018-06-14 22:36 - 2018-06-14 22:36 - 000001713 _____ () C:\Users\Simi\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2019
Ran by Simi (26-12-2019 02:11:40)
Running from C:\Users\Simi\Desktop
Windows 10 Home Version 1903 18362.388 (X64) (2019-06-24 20:07:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-739093134-1882289950-3713944110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-739093134-1882289950-3713944110-503 - Limited - Disabled)
Guest (S-1-5-21-739093134-1882289950-3713944110-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-739093134-1882289950-3713944110-1005 - Limited - Enabled)
Simi (S-1-5-21-739093134-1882289950-3713944110-1003 - Administrator - Enabled) => C:\Users\Simi
WDAGUtilityAccount (S-1-5-21-739093134-1882289950-3713944110-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM-x32\...\{E8B9BE4F-E978-4EAF-B093-373A012F5103}) (Version: 4.4.1.2245 - Open Media LLC)
Adobe (HKLM\...\{C547A830-37D1-4594-ACA7-B4793741DAD0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.12.3 - Advanced Micro Devices, Inc.)
Ancestors The Humankind Odyssey (HKLM-x32\...\Ancestors The Humankind Odyssey_is1) (Version:  - )
Animate (HKLM\...\{F0857D72-1EA4-4296-ABB3-A92E70528206}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
APP Shop v1.0.31 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.31 - ASRock Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.9.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.8.0.0 - Canon Inc.)
CC Magic (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\CC Magic) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.11.552 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM T (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Discord (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 12.2.30.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Story Mode Episode 8 (HKLM-x32\...\Minecraft Story Mode Episode 8_is1) (Version:  - )
NBTExplorer (HKLM-x32\...\{DC1E9E1A-86BE-491B-8DF9-A86045902F48}) (Version: 2.8.0.0 - Justin Aquadro)
NewBlue plug-ins bundle patch build 121206 (HKLM-x32\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ Collection (HKLM-x32\...\1948823323_is1) (Version: 2.0.0.5 - GOG.com)
Spotify (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Starbound (HKLM-x32\...\1452598881_is1) (Version: 1.3.3 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit 3.5.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.9.0 - Nikse)
The Elder Scrolls V Skyrim - Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Special Edition_is1) (Version:  - )
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Ambitions (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Island Paradise (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Island Paradise) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Supernatural) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.59.73.1020 - Electronic Arts Inc.)
The Walking Dead (HKLM-x32\...\The Walking Dead_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
The Walking Dead A New Frontier Episode 5 (HKLM-x32\...\The Walking Dead A New Frontier Episode 5_is1) (Version:  - )
The Walking Dead Season 2 (HKLM-x32\...\The Walking Dead Season 2_is1) (Version:  - )
The Walking Dead The Final Season Episode 4 (HKLM-x32\...\The Walking Dead The Final Season Episode 4_is1) (Version:  - )
Topaz Clean 3 (64-bit) (HKLM\...\{FA85C599-2569-4C48-9AA6-2B8D8F029FA7}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Clean 3 (64-bit) (HKLM-x32\...\Topaz Clean 3 (64-bit)) (Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (HKLM-x32\...\{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{869109FC-8D5A-46D0-B619-47D7E4173D93}) (Version: 1.16.115 - Nefarius Software Solutions e.U.)
voBrowserPluginHelper (HKLM-x32\...\{48DD7952-08CD-46F8-B16C-7E12ABB6F3C3}) (Version: 3.28.0.10679 - VisualOn Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.25-5 - Wacom Technology Corp.)
Warframe (HKLM-x32\...\{69C430B7-8B9B-42F6-A578-7B7E12D287D4}) (Version: 1.0.0 - Digital Extremes)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION®3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-23] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-14] (INTEL CORP)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-31] (Keeper Security Inc)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-09-28] (Netflix, Inc.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-09-06] (Plex)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.21991.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-739093134-1882289950-3713944110-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-93B301549807} -> [Creative Cloud Files] => C:\Users\Simi\Creative Cloud Files [2019-02-14 22:33]
CustomCLSID: HKU\S-1-5-21-739093134-1882289950-3713944110-1003_Classes\CLSID\{297D63E6-3E31-4291-8F9C-D2041919ACD0} -> [MEGA] => C:\Users\Simi\Documents\MEGA0
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} =>  -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Simi\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-09-14 22:59 - 2017-09-14 22:58 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2019-04-22 11:54 - 2016-03-07 17:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2019-04-22 11:54 - 2004-10-05 02:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-12-16 13:31 - 2019-12-16 13:31 - 001516544 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-14 23:00 - 2017-09-14 22:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.25\ASACPI.DLL
2019-04-22 11:54 - 2008-11-25 16:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000058368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-10 20:13 - 2018-04-10 20:13 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\Control Panel\Desktop\\Wallpaper -> D:\Simi\Downloads\921110.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "RazerCortex"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "5KPlayer"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-739093134-1882289950-3713944110-1003\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{645C175D-A209-4C19-AE15-AB40F93F6A8D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{70B0A13A-DC67-44B9-B3D3-E3E4E918A38D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{88EF4C0B-9C03-474E-BE3E-7840CC4BFF6B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{CDAA9FDF-D481-46D9-B07B-F103FF273151}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{10AAFC83-DC4C-4D46-B717-7089DC7D2D7F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{60948A28-F1B4-4C41-952A-57B253789815}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{9DBCE6AE-3747-4D85-BE14-3B473956FE47}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{53FC3AEF-A62A-4CF9-A97D-115167C269C1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{05AADF66-23BD-455D-91F6-B4A946D5367F}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed]
FirewallRules: [{021524D6-E714-4D2B-B569-430F08153CF3}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed]
FirewallRules: [{FF1AB3DF-6FAE-4CD8-8A7B-C638CE400352}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed]
FirewallRules: [{826F157B-7543-4586-9247-2484188790A8}] => (Allow) C:\Users\Simi\Desktop\TLauncher-MCL.exe () [File not signed]
FirewallRules: [{74C6AFC4-3403-401B-91B5-F761756BB521}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{35AF99AA-B77B-403D-B042-AC570F6D002A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{9C9D1EAC-439A-4125-B4D4-5DB1282C9FAD}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E2DDFE72-F985-4B04-A453-C593FD6AF80E}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{E13A845F-92A8-4FEF-A8F1-6D18BEC9AEBF}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9268D28A-D46C-4DB5-B419-499EA8EFB171}C:\users\simi\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\simi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{692540EA-371A-4A22-B5C7-42CE8BBE8959}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6EF34FE5-0348-4A4D-B285-3A54CC286BD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7E67B0BE-6A64-4592-8FE1-6E18000718DE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{8C6C3DE9-B432-498E-92DC-14C12A7D74D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{D81980E8-64E7-4685-8E77-09BE5B4A08A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{274B44E2-2F85-43C1-97F5-FB498AAED8A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{40551E0D-6DC2-470B-B078-46B8DDF77628}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{74CCF79C-DD9F-4D1B-AF36-7EBE964F4EF2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{931CADEF-E906-4DA3-B226-54ED77C65266}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6A027EA1-85FB-4D80-A02F-9F9BEEDF2D4B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{35B75989-AF0B-4B08-BA84-FFA071E5D6C9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F77DC591-630E-4747-8479-14F9801745ED}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C5EADF2A-0105-4257-B5B4-2157B8677974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{1D4A92F6-9BED-4D20-B218-6DAF76F111D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{4B3F351F-0655-4062-A579-4169AF12D579}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{C2C61312-5B63-4ACB-8C91-419FE10B5ADB}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{1FCB382F-FB0C-462C-BBEC-8F3D6F2BD464}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{8BC8C39B-101E-4F3F-9830-8AAFCF75F8F3}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{4A0D7DA0-BD18-4BD9-86A9-6BD2D0165E9B}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{80BD3596-D2DE-4774-A15C-F1C24DE482EF}] => (Allow) C:\Users\Simi\AppData\Roaming\.minecraft\TLauncher.exe (TLauncher Inc. -> TLauncher Inc.)
FirewallRules: [{58C31899-9706-4794-B162-4AFFFCCC3551}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{17DE5642-ABD3-4219-8081-8B2C0B90AF0C}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D9128391-2455-4730-AA9D-2BC4BA32B34C}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{28ACF2BE-EE92-4F11-9484-DAAFBE68575B}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{FC2F054B-991C-40E2-8512-A1404F5D693A}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{DAA6CF03-9498-4650-B099-A61C7F63D41A}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E255C494-B28F-4CA4-8DFE-9C114616EA0D}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{03BCFC8A-8F47-4EDE-986C-DA02565FA07E}] => (Allow) C:\Users\Simi\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{18436ABA-954E-4DDB-8E80-5164EAC763FA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{FDBE93AE-C1A5-412C-B65A-0F0878999FE1}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{EAA8ACE4-6BE1-480E-A346-A052A498DEA5}D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{D37E526D-0CEB-4675-9632-11994748566C}D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{13DB6364-A958-4634-A124-DCC47F14640F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D959DC53-F79E-4CEA-89F6-AB82746A3BC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{B6E53CC8-FBBE-4D40-8B6C-EDB4E266D815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{1ACB2668-88C1-441D-BC9E-C6764CF40359}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C827361B-5B14-4B05-9A7C-9759CA9AEAEB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E7B1A947-B151-45E8-8869-9FA2ED121976}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{134AF4BB-DFE5-4463-A2B6-9FD35D16EAF8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

==================== Restore Points =========================

25-12-2019 12:58:21 AMDCleanupUtility Restore Point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/26/2019 02:10:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest.

Error: (12/26/2019 01:51:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest.

Error: (12/26/2019 01:38:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4436,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/26/2019 01:25:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/26/2019 01:23:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest.

Error: (12/26/2019 01:20:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OriginWebHelperService.exe, version: 10.5.57.35162, time stamp: 0x5df243e3
Faulting module name: OriginWebHelperService.exe, version: 10.5.57.35162, time stamp: 0x5df243e3
Exception code: 0xc0000005
Fault offset: 0x00099d50
Faulting process id: 0x1574
Faulting application start time: 0x01d5bb8243e57981
Faulting application path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Faulting module path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Report Id: 069fec27-6ad4-4f31-a432-9ef0f13883be
Faulting package full name:
Faulting package-relative application ID:

Error: (12/26/2019 01:20:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest.

Error: (12/26/2019 01:20:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_e6c6afa5130d5b6d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.388_none_2e73e67c27898473.manifest.


System errors:
=============
Error: (12/26/2019 02:10:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (12/26/2019 02:10:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (12/26/2019 02:08:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (12/26/2019 02:08:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O4OMJLU)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (12/26/2019 02:06:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (12/26/2019 02:06:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (12/26/2019 02:04:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (12/26/2019 02:04:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2019-12-25 21:24:58.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 21:24:58.702
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 21:24:22.005
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 21:24:21.998
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 17:10:34.826
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 17:10:34.822
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 17:09:57.206
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-25 17:09:57.204
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F3 12/07/2016
Motherboard: Gigabyte Technology Co., Ltd. B250-HD3P-CF
Processor: Intel® Core™ i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 41%
Total physical RAM: 16297.34 MB
Available physical RAM: 9470.21 MB
Total Virtual: 18729.34 MB
Available Virtual: 10285.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.58 GB) (Free:60.24 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.05 GB) (Free:412.65 GB) NTFS

\\?\Volume{5cbd9ebd-0000-0000-0010-000000000000}\ (Vyhradené systémom) (Fixed) (Total:0.07 GB) (Free:0.04 GB) NTFS
\\?\Volume{5cbd9ebd-0000-0000-0000-d0a96f000000}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS
\\?\Volume{d3fa92c6-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.44 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 5CBD9EBD)
Partition 1: (Active) - (Size=74 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D3FA92C6)
Partition 1: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=469 MB) - (Type=27)

==================== End of Addition.txt =======================

Attached Files


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,015 posts
  • MVP

The StartCheckupLibrary.dll and winscomrssrv.dll popups are caused by a Microsoft error. which leaves two tasks that should have been removed during an update.

 

We can easily fix it with a fixlist.  However, there are signs that ESET may have let you down.

 

These two tasks are not normally seen in Win 10:

Task: {0B303A5A-4BCC-458F-A5C6-9F236EF895CB} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {60FBF3D2-2520-4DAC-9625-C9ACD785E3D6} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION

and the files they refer to are not standard Win 10 files tho they pretend to be:

 

Also the Windows Update Service should look like this:

R3 wuauserv; C:\Windows\system32\wuaueng.dll [3105792 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
 

Yours looks like this and note that there are two entries instead of one:

 

S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

 

Bring up FRST (remember to right click and Run As Admin)

Put

wuaueng.dll;winlogui.exe;winrmsrv.exe;svchost.exe

in the Search Box

then hit SEARCH FILES (not Scan).  You will get one file.  Please post.

 

Now put in

wuauserv

and then Hit SEARCH REGISTRY.  You will get one file.  Please post.

 

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   4.85KB   69 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.



 


  • 0

#3
Cairn_

Cairn_

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Thanks, the rundll errors no longer appear.

 

Posting generated logs as attachments so my post wont be too long.

 

 

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,015 posts
  • MVP

The suspicious files don't show up in a search so probably ESET ate them.  The associated tasks have been removed by the fixlist and did not return.

 

Let's fix windows update.

 

Download the attached wuauserv.zip. 

Attached File  wuauserv.zip   1.48KB   54 downloads

Save and then right click on the saved file and Extract All.  Extract.  Rightclick on the extracted wuauserv.reg and Install.  Ignore the warning.

 

This should replace the bad wuauserv info in the registry.

 

Check that it worked by:

 

Search for

services.msc

hit Enter

 Scroll down to Windows Update and right click on it and select Properties.

 

Startup Type: should be Manual

 

If it is not running, click on Start and see if it starts without problems.

 

 

For some reason you are missing the file:  aoddriver2.sys

 

Download the attached aoddriver2.zip. 

Attached File  aoddriver2.zip   26.02KB   47 downloads

Save and then right click on the saved file and Extract All.  Extract.  Copy the extracted file aoddriver2.sys and paste it into:

 

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\

 

Windows may hide this location from you if so:

http://www.howtogeek...-windows-vista/

If you have trouble copying the file then tell me where the extracted file is and I will have FRST do it for you.

 

Let's check that your system files are all correct:

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.





 

 

 

I would uninstall Audacity 2.1.3.  It's not working correctly and causing errors.  Try the newest version 2.3.3

https://www.audacityteam.org/download/

 

Also uninstall Java.  Your version is obsolete.  If you must have Java (most people do not need it)  you can get the latest version at:

https://www.java.com/

Please try to keep it update as older version have security problems.

 

Origin is not working correctly.  Please reinstall:

https://www.origin.c.../store/download

 

 

FRST says you are running: Windows 10 Home Version 1903

 

Mine has Version 1909.  Perhaps now that we have hopefully fixed windows update it will update automatically but click on Settings, Update & Security, Check for Updates.

 

Another way to get updated to the latest version is to go to:

 

https://www.microsof...nload/windows10

and use the Update Now button. 

(I see this says en-au so may only work for English systems.  You may have to search for your version.  Try searching for

download win 10

and take the first result from Microsoft)

 

Once you are done with the above, rerun FRST and post both logs and let's see if everything worked.

 


  • 0

#5
Cairn_

Cairn_

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I do not have AMD cpu so there is no ATI tehcnologies folder (it's not hidden). There are probably some residual files from when I changed from old amd cpu to newer intel one.

 

DISM throws Error 4448 : The WOF driver encountered a corruption in the compressed file's Resource Table.

I couldnt follow the rest of you instructions because I encountered more problems (missing files).

 

Honestly, I should have installed fresh os when I changed the cpu. There seem to be a lot problems with the system anyway so I will do that in the following days.

 

Thanks for help, you can lock the thread now.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,015 posts
  • MVP

Yes,  there are big differences between Win 10 for AMD & Win 10 for intel.  You may find the following link useful:

 

https://www.microsof...nload/windows10


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP