I usually use my computer to play War thunder, Civ 6. They're a stretch for my laptop but they've worked until now.
Noticed that within a few minutes of starting my computer I lose frame rate in my games, from 40s to 7 in WT, similar
in Civ, bad enough that the cursor lags to the point of being unusable.
During this lag I've tried pulling up Task Manager (which takes a while as well), and the only large cpu/ram usage showing is whatever game is up.
I have Avast, a scan from it didn't turn up anything, downloaded Malwarebytes and nothing with it either. Also tried using disk cleanup to remove temporary internet files.
Any help solving this is appreciated
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Owner (administrator) on VIRUSFACTORY (HP HP Pavilion Notebook) (10-06-2020 01:41:06)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner
Platform: Windows 10 Home Version 1803 17134.1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arcai.com) [File not signed] C:\Program Files (x86)\netcut\services\aips.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Owner\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2015-12-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\Run: [AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1846120 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Owner\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2020-01-22] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-22] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\...\Print\Monitors\HP 7112 Status Monitor: C:\WINDOWS\system32\hpinksts7112LM.dll [328704 2016-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.139\Installer\chrmstp.exe [2020-06-02] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CMD.lnk [2018-03-25]
ShortcutAndArgument: CMD.lnk -> C:\WINDOWS\system32\cmd.exe => /k sc queryex DoSvc & sc queryex BITS & sc queryex wuauserv & taskkill /F /PID 1860
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2018-06-09]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {196669BE-FBC3-449E-B504-231A05DC9554} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {19EE9430-F64E-4EB6-A080-1DEE43932CFB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
Task: {26567B69-6314-413C-8AED-188C95F372D6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F314C4F-4679-4DFB-ABB0-33F8A9218B30} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {5DD62376-CF98-4BE5-8D2F-B332CA8F1776} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-25] (Google Inc -> Google Inc.)
Task: {7154EE05-0213-4D6C-9198-52B046C5F879} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-25] (Google Inc -> Google Inc.)
Task: {74BA82B6-E5DC-44CD-BA6B-4A1B56A7DC0B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {76BA84C6-FD47-4C5C-A3C0-B54737520F31} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1846120 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {78F875DA-82A5-4B32-A7B5-E5C3D5E9A37E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {889598DF-6941-458F-BA75-A1E86227F948} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {99F0CFEE-24C3-4812-9DE4-002165324346} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C4B11C29-64FB-4569-B6CA-09726A4307E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E66F07C5-CBBD-4DFC-AFB7-3BFFA373332A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {ED58352B-3BA7-44BC-A572-88175501CEC8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1846120 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {EE8114F1-D9F3-41DF-9767-7B5FC308832F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {F2856CE6-9151-442B-8D82-CF3D4B570C46} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {F7CF61CF-EEB6-490F-A006-9A2115AFA619} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2e17b25b-f68c-49de-83c6-41ae3d4136bb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31885826-ed6e-4ac9-b212-fa9051a9586d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{58770d4b-970c-4299-98a0-32cbb1b7af9e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{80ba65cf-2b97-4666-b15f-4969a3ad200b}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b887eba4-9372-430d-bbd8-7f093af8d8e4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: o39tueg2.default
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\o39tueg2.default [2020-06-10]
FF Homepage: Mozilla\Firefox\Profiles\o39tueg2.default -> www.google.com
FF Notifications: Mozilla\Firefox\Profiles\o39tueg2.default -> hxxps://hemptoday.net; hxxps://www.textnow.com; hxxps://www.iwin.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-26] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2019-05-05]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-23]
CHR Extension: (Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-05]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-23]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-05]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-20] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.139\elevation_service.exe [954600 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-01] (Intel® Software -> Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-13] (Intel® pGFX -> Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [309368 2015-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation -> Microsoft Corporation)
S2 iWin Games Manager V4; C:\Program Files (x86)\iWin Games Manager V4\FGM.exe [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S3 wuauserv; %systemroot%\system32\wuaueng.dll [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53760 2017-12-18] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319112 2020-05-28] (Avast Software s.r.o. -> AVAST Software)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [39936 2017-12-18] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel® Software -> Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-10 01:41 - 2020-06-10 01:41 - 000020479 _____ C:\Users\Owner\Desktop\FRST.txt
2020-06-10 01:16 - 2020-06-10 01:41 - 000000000 ____D C:\FRST
2020-06-10 01:15 - 2020-06-10 01:15 - 002289152 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2020-06-10 00:41 - 2020-06-10 00:46 - 000291252 _____ C:\WINDOWS\ntbtlog.txt
2020-06-10 00:41 - 2020-06-10 00:41 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-09 21:44 - 2020-06-09 21:44 - 000000000 ____D C:\Users\Owner\AppData\Local\mbam
2020-06-09 21:40 - 2020-06-09 21:40 - 000000000 ____D C:\Malwarebytes
2020-06-09 21:39 - 2020-06-09 21:39 - 001988280 _____ (Malwarebytes) C:\Users\Owner\Downloads\MBSetup.exe
2020-06-09 16:03 - 2020-06-09 16:03 - 000687312 _____ C:\Users\Owner\Downloads\Real Estate App Packet 1-1-19.pdf
2020-06-05 16:30 - 2020-06-05 16:30 - 000000040 _____ C:\Users\Owner\Desktop\q.txt
2020-05-31 21:05 - 2020-05-31 21:05 - 000022832 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_147341572884.dll
2020-05-22 21:24 - 2020-05-22 21:24 - 000001491 _____ C:\Users\Owner\Desktop\Civilization VI.lnk
2020-05-22 21:24 - 2020-05-22 21:24 - 000000000 ____D C:\Users\Owner\AppData\Roaming\FiraxisLive
2020-05-22 21:22 - 2020-05-22 21:22 - 000000000 ____D C:\Users\Owner\AppData\Roaming\2K
2020-05-22 21:22 - 2020-05-22 21:22 - 000000000 ____D C:\Users\Owner\AppData\Local\2K
2020-05-22 18:51 - 2020-05-22 18:51 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-22 18:51 - 2020-05-22 18:51 - 000000000 ____D C:\Users\Owner\AppData\Local\UnrealEngineLauncher
2020-05-22 18:51 - 2020-05-22 18:51 - 000000000 ____D C:\Users\Owner\AppData\Local\EpicGamesLauncher
2020-05-22 18:50 - 2020-05-22 18:50 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-05-22 18:49 - 2020-05-22 18:50 - 044081152 _____ C:\Users\Owner\Downloads\EpicInstaller-10.15.2-29f1b219f6c64c89a6b9e27d0b1a2ae2.msi
2020-05-20 17:38 - 2020-05-20 17:38 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-20 17:38 - 2020-05-20 17:38 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-20 17:38 - 2020-05-20 17:38 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-19 03:36 - 2020-05-19 03:36 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-05-19 03:36 - 2020-05-19 03:36 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-05-19 03:36 - 2020-05-19 03:36 - 000002241 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-05-16 02:22 - 2020-05-16 02:22 - 000976421 _____ C:\Users\Owner\Downloads\Sub Culture NoCD.7z
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-10 01:05 - 2016-11-18 05:50 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
2020-06-10 01:04 - 2018-07-16 14:39 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-10 01:04 - 2018-07-16 14:39 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-10 01:04 - 2018-07-16 14:39 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-10 01:04 - 2018-07-16 14:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-06-10 00:57 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-10 00:52 - 2018-07-16 14:42 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-10 00:52 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2020-06-10 00:48 - 2018-02-07 18:54 - 000000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2020-06-10 00:47 - 2018-07-16 14:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-10 00:47 - 2018-07-16 14:32 - 000273048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-10 00:47 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-10 00:47 - 2017-09-03 22:25 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-06-10 00:47 - 2016-02-09 14:24 - 000000000 __SHD C:\Users\Owner\IntelGraphicsProfiles
2020-06-09 23:19 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-09 22:18 - 2017-08-19 22:47 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2020-06-09 22:18 - 2016-04-27 11:25 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Wargaming.net
2020-06-09 22:17 - 2016-04-27 09:30 - 000000000 ____D C:\Games
2020-06-09 22:01 - 2020-04-01 19:27 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Zoom
2020-06-09 22:00 - 2016-02-09 14:03 - 000000000 ___RD C:\Users\Owner\OneDrive
2020-06-09 21:58 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-09 21:58 - 2016-02-09 17:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-09 20:01 - 2018-07-16 14:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-09 16:53 - 2018-07-16 14:39 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-09 15:53 - 2016-02-09 16:30 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-09 15:13 - 2018-07-16 14:33 - 000000000 ____D C:\Users\Owner
2020-06-09 14:20 - 2018-05-20 13:45 - 000000000 ____D C:\Users\Owner\AppData\Local\AVAST Software
2020-06-07 21:39 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-07 09:34 - 2016-02-13 20:30 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2020-06-05 15:14 - 2016-02-09 16:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-06-04 21:48 - 2016-02-09 16:35 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-02 13:31 - 2018-05-20 13:45 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-31 21:14 - 2018-10-07 20:58 - 000002023 _____ C:\Users\Owner\Desktop\Cities Skylines.lnk
2020-05-31 21:14 - 2017-05-14 21:54 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-28 13:38 - 2018-07-16 13:41 - 000319112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-26 08:14 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-24 02:10 - 2016-02-13 02:18 - 000000000 ____D C:\Users\Owner\Desktop\Keep
2020-05-23 08:50 - 2016-02-13 02:19 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2020-05-22 21:24 - 2018-11-25 21:18 - 000000000 ____D C:\Users\Owner\Documents\My Games
2020-05-22 18:57 - 2018-07-16 15:21 - 000000000 ____D C:\Users\Owner\AppData\Local\D3DSCache
2020-05-22 18:57 - 2018-07-02 20:00 - 000000000 ____D C:\ProgramData\Epic
2020-05-22 18:51 - 2017-06-21 08:14 - 000000000 ____D C:\Users\Owner\AppData\Local\UnrealEngine
2020-05-20 17:38 - 2019-01-20 21:04 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-20 17:38 - 2019-01-20 14:52 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-20 17:38 - 2019-01-20 14:52 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-20 17:38 - 2019-01-20 14:52 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-20 17:38 - 2018-07-16 13:41 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-19 16:04 - 2019-04-11 17:58 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-19 16:04 - 2019-04-11 17:58 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-14 20:09 - 2020-01-21 08:39 - 000000000 ____D C:\Users\Owner\AppData\Roaming\dvdcss
2020-05-14 01:53 - 2016-11-19 17:20 - 000000000 ____D C:\Users\Owner\Desktop\Property
==================== Files in the root of some directories ========
2017-02-10 21:41 - 2017-08-20 17:28 - 000009995 _____ () C:\Users\Owner\AppData\Roaming\.freeciv-client-rc-2.5
2017-07-14 20:40 - 2017-07-14 20:40 - 000001487 _____ () C:\Users\Owner\AppData\Local\recently-used.xbel
2017-07-28 17:38 - 2019-09-24 04:51 - 000007606 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Owner (10-06-2020 01:42:14)
Running from C:\Users\Owner\Desktop
Windows 10 Home Version 1803 17134.1 (X64) (2018-07-16 19:39:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2838530815-2559944682-194899063-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2838530815-2559944682-194899063-503 - Limited - Disabled)
Guest (S-1-5-21-2838530815-2559944682-194899063-501 - Limited - Disabled)
Owner (S-1-5-21-2838530815-2559944682-194899063-1001 - Administrator - Enabled) => C:\Users\Owner
WDAGUtilityAccount (S-1-5-21-2838530815-2559944682-194899063-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.1.4222.139 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Axis & Allies (HKLM-x32\...\{47836B39-2465-4F39-9D7E-52F70A1C3D72}) (Version: 1.00.000 - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
F-16 MRF (HKLM-x32\...\F-16 MRF) (Version: - )
Fidelity Active Trader Pro® (HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\a36ba76f6187edff) (Version: 10.7.160.0 - Fidelity Investments)
Freeciv 2.5.9 (GTK+2 client) (HKLM-x32\...\Freeciv-2.5.9-gtk2) (Version: - )
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
IBS (HKLM-x32\...\IBS) (Version: - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Medal of Honor Pacific Assault (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.0 - Electronic Arts)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X SDK (HKLM-x32\...\InstallShield_{33571E15-3EB4-4190-BA74-C6CA97288461}) (Version: 1.00.0000 - Microsoft Game Studios)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{C69E6AE7-4574-4BCD-9864-72282140C852}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
PdaNet+ for Android 5.10 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
Pearl Harbor : Zero Hour (HKLM-x32\...\{E9688BE6-D55F-4B62-9422-99AC56572C0F}) (Version: - )
Railroad Tycoon 3 (HKLM-x32\...\{DE29025A-091F-4998-AD2D-24C84421190F}) (Version: 1.0 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7707 - Realtek Semiconductor Corp.)
Red Baron II (HKLM-x32\...\Red Baron II) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
ShockWave 1.1 (HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\ShockWave 1.1) (Version: - )
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
SimCity 4 Deluxe (HKLM-x32\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version: - )
Sins of a Solar Empire (HKLM-x32\...\{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}) (Version: 1.182 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire (HKLM-x32\...\Sins of a Solar Empire) (Version: 1.182 - Stardock Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com)
the Renegade mod tools (HKLM-x32\...\the Renegade mod tools) (Version: - )
TripleA 1.9.0.0.13066 (HKLM\...\5251-3669-9623-1649) (Version: 1.9.0.0.13066 - TripleA Developer Team)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Vietnam Glory Obscured (HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\Vietnam Glory Obscured) (Version: - )
Visual Studio Community 2017 (HKLM-x32\...\dcf08927) (Version: 15.9.28307.222 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
War Thunder CDK 0.2 (HKLM-x32\...\{ed8deea4-29fe-1932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.3.123 (HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_80.1.349.0_x64__v10z8vjag6ke6 [2018-02-14] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1802.1.0_x64__8wekyb3d8bbwe [2018-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1802.1.0_x86__8wekyb3d8bbwe [2018-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.34.12002.0_x64__8wekyb3d8bbwe [2017-11-28] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.0.1301.0_x86__8wekyb3d8bbwe [2018-07-16] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.23.10572.0_x64__8wekyb3d8bbwe [2018-03-25] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10572.0_x64__8wekyb3d8bbwe [2018-03-23] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.23.10572.0_x64__8wekyb3d8bbwe [2018-03-28] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.22.3254.0_x64__8wekyb3d8bbwe [2018-07-16] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2838530815-2559944682-194899063-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2838530815-2559944682-194899063-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2838530815-2559944682-194899063-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2838530815-2559944682-194899063-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Owner\Desktop\Keep\BAT stuff\RunAres.lnk -> C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2\RunAres.bat (No File)
==================== Loaded Modules (Whitelisted) =============
2016-02-09 16:30 - 2015-11-19 09:36 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-30 17:42 - 2018-12-21 12:15 - 000000866 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-10-05 20:55 - 2019-10-27 22:39 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 VIRUSFACTORY.mshome.net # 2024 10 6 26 3 39 27 851
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\img100.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2838530815-2559944682-194899063-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{42C5E6F4-190C-4C12-B329-F0464C165660}] => (Allow) C:\Program Files (x86)\Stardock Games\Sins of a Solar Empire\Sins of a Solar Empire.exe (Stardock Corporation -> Ironclad Games)
FirewallRules: [{1AA4B6CC-87E2-410F-92B3-D0ACE7385B6E}] => (Allow) C:\Program Files (x86)\Stardock Games\Sins of a Solar Empire\Sins of a Solar Empire.exe (Stardock Corporation -> Ironclad Games)
FirewallRules: [UDP Query User{AD51B5D1-F36A-4FC0-B0FC-A37C52815B2E}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc) [File not signed]
FirewallRules: [TCP Query User{824C91A6-5245-4915-85FC-B7A8530DB47D}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc) [File not signed]
FirewallRules: [{91785B94-F01F-438B-A4E1-4A0984E98266}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9CBB2D9F-3495-4F32-851F-51CB172BA11E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{851A1A44-2D7D-407E-BB7C-AA94A6AB3FCB}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{9247AD5C-2461-4BAA-848D-9C8A740C5EDE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{2DB4346D-02FC-473F-9B72-9FA45B58791F}C:\program files (x86)\steam\steamapps\common\voxel turf\vtserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\voxel turf\vtserver.exe () [File not signed]
FirewallRules: [TCP Query User{08C6BF53-90FE-4069-B9FB-33103C476C1A}C:\program files (x86)\steam\steamapps\common\voxel turf\vtserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\voxel turf\vtserver.exe () [File not signed]
FirewallRules: [{1AB7B583-5D43-49C2-91D6-A6A654D2A6D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Voxel Turf\vtclient.exe () [File not signed]
FirewallRules: [{6439CCD4-4097-482D-9D3C-96FEEDC405D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Voxel Turf\vtclient.exe () [File not signed]
FirewallRules: [UDP Query User{C4D6E338-634C-405E-BBCA-0AB87C5F4DCA}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{B8599E30-038B-4BDE-9CB2-92270EBE8C5E}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{E1D2C874-42FB-4811-BCFE-FCDC52E67906}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe => No File
FirewallRules: [TCP Query User{722804B5-B4BC-4DC1-8D23-1D2840281457}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe => No File
FirewallRules: [{140BC305-89D5-44C1-9AF8-616DAB850E38}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => No File
FirewallRules: [{B697CB0D-7ED1-4A71-9391-68A14B15856A}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => No File
FirewallRules: [{48F9FF8A-7EBF-475E-8D52-E3BEE1E9AF39}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => No File
FirewallRules: [{4D4E40F8-CFB0-4307-B26B-25B9C78CB9CC}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => No File
FirewallRules: [{00D5474C-B046-4CE1-913F-516408636E5A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{3B5933AF-D407-49DC-ACBC-7989A9CAFA29}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{6881389F-8A25-466E-BD34-575AAAF20F33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{47CD6148-4C72-43A2-954E-C3F0D89E6B7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AE6BC0CE-4292-4F4C-B167-51DF38F2F514}] => (Block) C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe => No File
FirewallRules: [{B56D3C21-C08F-4740-9590-A6D19233804E}] => (Block) C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe => No File
FirewallRules: [UDP Query User{265B6B5D-F3F3-496D-AC70-EF1AA6085DCA}C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe] => (Allow) C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe => No File
FirewallRules: [TCP Query User{5DA04F4B-EE93-4FBC-839F-7735767FA160}C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe] => (Allow) C:\program files (x86)\ea games\medal of honor pacific assault\mohpa.exe => No File
FirewallRules: [TCP Query User{445B7F2D-BFC0-40BC-BD0B-36DD237E7582}E:\drivers\sdi_update\sdi_x64_r423.exe] => (Allow) E:\drivers\sdi_update\sdi_x64_r423.exe => No File
FirewallRules: [UDP Query User{D66C84C8-717E-4DFF-ACE0-0ACCCF07880A}E:\drivers\sdi_update\sdi_x64_r423.exe] => (Allow) E:\drivers\sdi_update\sdi_x64_r423.exe => No File
FirewallRules: [{1462E648-58BA-409C-808A-0C13D748CA7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0FD40798-3C91-4FA5-9EE6-5451E996ED84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D0E9DD10-ADB2-4559-9F1C-2BF089B69151}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe => No File
FirewallRules: [{47ED7A89-52CF-49C0-926F-5E0B6D3BB172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe => No File
FirewallRules: [{A1E9518C-8400-41FF-B9F3-44E6E63EF87D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6F8F3A9A-7799-4D6A-83A2-3AFC8176FFAF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{B004956C-16CD-4CCC-8B73-D3A3F8183B8F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{6EC9F927-88B1-4026-953F-34212FF5CBD5}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe => No File
FirewallRules: [{35A4E102-2F77-4B70-8F61-2D4C3E732975}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{C51E43FD-DC6E-421B-BE0B-0FD199D8925D}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe => No File
FirewallRules: [{15629F35-DD24-41F1-834A-C7C5C32F7DAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe () [File not signed]
FirewallRules: [{32DBEF34-A6F0-4486-81E6-B68FC939F264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe () [File not signed]
FirewallRules: [{24AFAB19-A77B-4EE3-8A30-EF317F4A84C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe () [File not signed]
FirewallRules: [{FC7D610A-56FD-4189-96AD-740EC49E46A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe () [File not signed]
FirewallRules: [TCP Query User{4BBBAFAD-153A-4980-A46A-E863A7DB8150}C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe => No File
FirewallRules: [UDP Query User{77347428-BDAF-45DD-89E1-0EE567FEB8F4}C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole prototype\war\binaries\win64\war-win64-shipping.exe => No File
FirewallRules: [{675ED291-37C3-49B1-904A-E36BA555263E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{79969415-B3B2-4C76-82CD-F5F62241B4CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [TCP Query User{ECEADBFD-3AD2-4967-9A2C-350CAFA9406A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{F84F02A2-BBFD-47A3-930E-FAD8D63B6032}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{14FED575-D07A-4EA5-AE53-41AD492A75A6}C:\program files\voxel turf demo\vtserver.exe] => (Allow) C:\program files\voxel turf demo\vtserver.exe => No File
FirewallRules: [UDP Query User{C43A93D5-83FD-405B-9465-48A35E65D684}C:\program files\voxel turf demo\vtserver.exe] => (Allow) C:\program files\voxel turf demo\vtserver.exe => No File
FirewallRules: [TCP Query User{9D50691B-6E13-415D-9A7D-0D790669C3FE}C:\program files\voxel turf demo\vtclient.exe] => (Allow) C:\program files\voxel turf demo\vtclient.exe => No File
FirewallRules: [UDP Query User{3496037C-2635-4496-A36C-E2306B4C5816}C:\program files\voxel turf demo\vtclient.exe] => (Allow) C:\program files\voxel turf demo\vtclient.exe => No File
FirewallRules: [{4D26DFAC-53E8-4678-A43E-EA314A41E57A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EF40C234-15BC-4CF5-8320-F8F0A4E29EDA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9A50F10-BE69-40C1-94CC-D761BA3B8867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{AC80217F-D497-4745-B6DA-06658558462C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{EA594C0A-8794-4B7D-A950-3627E853EBB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{6AEE09AD-6AF9-42A3-B021-2D127B599370}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{52A3F56A-D33C-40D7-AFED-A93A44EF33C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe () [File not signed]
FirewallRules: [{C3ADF1B0-2568-447A-8404-8DD49DC69318}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe () [File not signed]
FirewallRules: [{42ECEE42-7422-4CAE-B5E1-8E617C78FE98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [{9ED03836-6DE8-42DA-971B-E903C25B6EC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [TCP Query User{438F07BD-CD44-4A56-93B5-446708200E4B}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{E5344398-8955-4E43-9988-6BA3BE609081}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{518C66AD-016C-4A44-A08A-60B6EE78A6A1}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{25B4AA62-BDB1-4AFD-A81C-7702853691C4}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{1C79322F-196B-4E7C-BCB6-B6F0141B1828}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B057F552-2F0E-4098-9B60-B795898BF513}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{B0593755-D874-48C3-9382-1D8B8DD26F68}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{0724F4F3-ECA9-452D-BB7A-48E62F0DA5B4}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{58386D4E-3220-4527-AF71-DB237B83164F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8154B286-B5BF-4BAC-AE49-19E283353F85}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{19F91998-D34A-4BDE-B61A-B227C68FC33B}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{23866594-5442-4DC2-A28B-ABE99ED6A798}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B0E12F97-852C-49DC-8869-B51175679978}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe () [File not signed]
FirewallRules: [{4AF0E75E-57E2-49F6-9C4A-506354A17045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe () [File not signed]
FirewallRules: [TCP Query User{DC727821-3FAA-49AF-8936-0361F64426E7}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{43285F45-B7A6-4389-A697-9C471A616080}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{24473878-D1FD-45A0-B790-50533B17A79B}C:\games\warthunder\launcher.exe] => (Block) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F857A693-2E68-4D5D-A9A3-73D7E8AAD42C}C:\games\warthunder\launcher.exe] => (Block) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C9021128-8088-4E88-888D-AC20E5EDD147}] => (Allow) C:\Users\Owner\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{9753C248-5A51-49D1-82E7-C7F947C27450}] => (Allow) C:\Users\Owner\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{033DE8BA-C802-4973-BC08-FBA733EB0445}] => (Allow) E:\SteamLibrary\steamapps\common\Supreme Ruler Ultimate\SupremeRulerUltimate.exe => No File
FirewallRules: [{25B0BAF3-2DFD-4213-B1DF-DC8B18CEF9E5}] => (Allow) E:\SteamLibrary\steamapps\common\Supreme Ruler Ultimate\SupremeRulerUltimate.exe => No File
FirewallRules: [TCP Query User{5C2DB327-C557-41B4-9BB4-059B8EF4B25A}E:\pearl harbor\pharbor.exe] => (Block) E:\pearl harbor\pharbor.exe => No File
FirewallRules: [UDP Query User{1AAF12C4-EE3A-4002-B1AE-427603356615}E:\pearl harbor\pharbor.exe] => (Block) E:\pearl harbor\pharbor.exe => No File
FirewallRules: [TCP Query User{460ABBE7-546F-438D-892A-39D4E1815DD3}E:\mohpa\mohpa.exe] => (Block) E:\mohpa\mohpa.exe => No File
FirewallRules: [UDP Query User{BF6A40CB-CD17-45A8-ADB5-EF96CD01D2BD}E:\mohpa\mohpa.exe] => (Block) E:\mohpa\mohpa.exe => No File
FirewallRules: [TCP Query User{12516970-498C-4AF0-A222-95E5CD05CBED}C:\games\mohpa\mohpa.exe] => (Block) C:\games\mohpa\mohpa.exe => No File
FirewallRules: [UDP Query User{43246569-13D6-436A-AE39-736435809AE1}C:\games\mohpa\mohpa.exe] => (Block) C:\games\mohpa\mohpa.exe => No File
FirewallRules: [TCP Query User{23C44475-0E84-4A84-AA55-E7820CEA48A3}E:\pearl harbor\pharbor.exe] => (Allow) E:\pearl harbor\pharbor.exe => No File
FirewallRules: [UDP Query User{98CC5ABA-140F-4E6C-A8B1-F3D310D236AA}E:\pearl harbor\pharbor.exe] => (Allow) E:\pearl harbor\pharbor.exe => No File
FirewallRules: [{F91716B0-56DC-4D58-9F4C-21B7C147E3CB}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{3DD84F40-94DD-4068-BFB3-BC1D6C2B06E1}C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [UDP Query User{340C8EED-B664-4567-9004-FCB08D070111}C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [TCP Query User{420E8295-E83C-4166-AC19-5094AC0EE320}C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [UDP Query User{54583446-540C-48CB-A56A-59A93B9DD5CB}C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) C:\games\starmade\starmade-launcher-win32-x64\dep\java\jre1.7.0_80\bin\javaw.exe
==================== Restore Points =========================
22-05-2020 18:51:10 Installed DirectX
01-06-2020 10:04:41 Scheduled Checkpoint
09-06-2020 12:49:54 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/10/2020 12:48:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cleanmgr.exe, version: 10.0.17134.1, time stamp: 0x5fdf5467
Faulting module name: strgsnsaddons.dll, version: 10.0.17134.10081, time stamp: 0x656975ed
Exception code: 0xc0000005
Fault offset: 0x000000000001d06c
Faulting process id: 0x354
Faulting application start time: 0x01d63eeac3417ff0
Faulting application path: C:\WINDOWS\system32\cleanmgr.exe
Faulting module path: C:\Program Files\rempl\strgsnsaddons.dll
Report Id: 304a3d92-a823-4687-a1bd-f86dbdb1be50
Faulting package full name:
Faulting package-relative application ID:
Error: (06/10/2020 12:47:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0x1bcc
Faulting application start time: 0x01d63eeaa48aaeff
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 3f742cc4-3ad7-4c71-aaa4-b812ff4d970f
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (06/10/2020 12:47:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0xdd4
Faulting application start time: 0x01d63eeaa2eb34cb
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 46ff608a-8140-4f0c-b248-6a98e7a4672f
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (06/10/2020 12:47:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0x174c
Faulting application start time: 0x01d63eeaa1595e73
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 5b00f828-66ff-429f-9e20-3b2827c800ef
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (06/10/2020 12:47:30 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\VIRUSFACTORY$ via https://INTC-KeyId-1...plates/Aik/scepfailed:
GetCACaps
Method: GET(47ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (06/10/2020 12:47:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0x100c
Faulting application start time: 0x01d63eea9f81dd5c
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: d2b3b6b0-98bd-4123-b248-fabe1032289f
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (06/10/2020 12:47:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0x1b68
Faulting application start time: 0x01d63eea9db9ee73
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 4b0bd33d-d3c9-4e67-bd0e-2971dfca3bed
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (06/10/2020 12:47:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Faulting module name: SearchUI.exe, version: 10.0.17134.1, time stamp: 0x5acd8954
Exception code: 0xc000027b
Fault offset: 0x00000000001b2c56
Faulting process id: 0x1618
Faulting application start time: 0x01d63eea9b3ad7a6
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: abf65d6a-fa14-4307-934d-4c3a04d98372
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
System errors:
=============
Error: (06/10/2020 01:36:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (06/10/2020 01:34:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
The specified module could not be found.
Error: (06/10/2020 01:34:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (06/10/2020 01:32:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
The specified module could not be found.
Error: (06/10/2020 01:22:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (06/10/2020 01:20:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
The specified module could not be found.
Error: (06/10/2020 01:20:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (06/10/2020 01:18:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
The specified module could not be found.
CodeIntegrity:
===================================
Date: 2020-06-10 01:05:30.302
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:29.955
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:29.533
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:29.141
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:27.269
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:25.702
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:24.957
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-10 01:05:24.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.40 07/24/2015
Motherboard: HP 8094
Processor: Intel® Core i3-5020U CPU @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 8114.26 MB
Available physical RAM: 5112.85 MB
Total Virtual: 16306.26 MB
Available Virtual: 13357.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:221.28 GB) (Free:55.78 GB) NTFS
\\?\Volume{acf02b88-37a5-43de-80a2-2720ac56272d}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3d49109f-fbf6-4273-b588-f2b4ae62bed7}\ () (Fixed) (Total:1.74 GB) (Free:1.2 GB) NTFS
\\?\Volume{eec71b3a-2394-46ca-b07a-745b825764c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================