Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problem starting StartupCheckLibrary.dll

Started by Mingo_TTV , Nov 18 2020 02:04 AM

  • Please log in to reply

#16
Mingo_TTV
Posted 27 November 2020 - 01:54 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi,

 

Sorry, I didn't see that you had replied until now.

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2020
Ran by origi (administrator) on DESKTOP-Q4STC4U (Gigabyte Technology Co., Ltd. Z390 UD) (27-11-2020 18:41:18)
Running from C:\Users\origi\Desktop
Loaded Profiles: origi
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CloudBees, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe
(Discord Inc. -> Discord Inc.) C:\Users\origi\AppData\Local\Discord\app-0.0.308\Discord.exe <7>
(Epic Games Inc. -> Epic Games, Inc.) E:\Program Files\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe <3>
(Epic Games Inc. -> Epic Games, Inc.) E:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <55>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(LogMeIn, Inc. -> LogMeIn Inc.) E:\Program Files\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) E:\Program Files\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2011.4.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.621_none_e7694895260e0b6d\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rockstar Games, Inc. -> Rockstar Games) E:\Program Files\Rockstar Games\Launcher\Launcher.exe
(Rockstar Games, Inc. -> Rockstar Games) E:\Program Files\Rockstar Games\Launcher\RockstarService.exe
(Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.) C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe <3>
(Spotify AB -> Spotify Ltd) C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe <5>
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WeMod LLC -> Daring Development Inc.) C:\Users\origi\AppData\Local\WeMod\app-6.3.11\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe
(WeMod LLC -> WeMod) C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe <4>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\Program Files\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Spotify] => C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe [23232232 2020-11-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Discord] => C:\Users\origi\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [EpicGamesLauncher] => E:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33102224 2020-11-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24625144 2020-02-19] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104586376 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\origi\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14766664 2020-10-03] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514096 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-17] (Google LLC -> Google LLC)
Startup: C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2020-11-18]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {059ACACA-6610-4154-B0B9-1A814E39B8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {05AC1BC4-DF43-4C90-8C4B-4D12C1BDD8D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {07471E98-CE11-41B9-8E9C-F87637FF5892} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F70B12F-62ED-4511-A9ED-81246B0BE16A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {41457A5F-3A9B-4270-9E29-88D63C659B66} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EFA01D9-BD05-4C48-851F-56B7628B1B5E} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33903328 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {55AA047D-959B-4DB7-9C39-4C91A7EE2E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CFA99A2-D0F8-4F7A-A306-8A9BC8BF63F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {5F2BA33A-8616-424C-AB9D-3217745A09E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7778467F-4FC4-48CF-B33A-C9CA872D2C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-22] (Microsoft Corporation -> Microsoft)
Task: {81C207F1-0636-4A3C-8FD6-BB5186762748} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1797817695-3140524087-3623043744-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-11-17] (Microsoft Windows -> )
Task: {911E10DD-1AE9-4692-8751-0D0151258971} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A362EF8-91BE-4938-AD25-3A5E6B5DDB25} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB423A2B-41E4-4192-9DAB-2ECE36C25C6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC31F993-D52B-4E9B-8ACA-77AEB8F34F25} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B12C15E3-4031-40A8-9434-75B0B6EE2047} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB812079-3B97-46E1-A5E8-8D60F2DE7894} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-17] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) <==== ATTENTION
Task: {C0093AFA-6E4B-4565-9BD9-6CFD85292586} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)
Task: {C04310FD-E714-4DC4-9084-F7A7E8BCE848} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {C38684F7-90AB-4E69-B4DC-FEA8387E48B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6CA24E4-A723-4698-8CC1-4956551F3DE5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA711F0A-2238-446C-BC5E-2B42D4E33790} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3C431D0-6611-4ADA-9CEB-0106933773B2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD6F9B9D-C2B5-4B40-953B-BBDB50753853} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-20] (Adobe Inc. -> Adobe)
Task: {DDACF7FE-8A0A-4373-8372-CA5A26F6DC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E677DACB-D605-4FF2-AF1E-E4DDC6A1CD80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E79C0B2C-BEAF-4FEA-9662-EE2C274784DC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E91294D4-094C-447E-8B68-B432F2C28B5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB6B852A-45DE-4C1D-8911-973F4D8CAC40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0D61D05-4EDE-4B80-A447-CD4A7AE01BA0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {F6396AAE-D305-4B73-8FD3-5D2804D888DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d67f30f0-0c71-4697-9b7d-1371f23a70e1}: [DhcpNameServer] 192.168.0.1
 
Edge: 
======
Edge Profile: C:\Users\origi\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-16]
 
FireFox:
========
FF DefaultProfile: a559bv13.default
FF ProfilePath: C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\a559bv13.default [2020-11-23]
FF NewTab: Mozilla\Firefox\Profiles\a559bv13.default -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2019-12-25 10:02:22&bName=
FF ProfilePath: C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release [2020-11-27]
FF Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\[email protected] [2020-10-03]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> E:\Program Files\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1797817695-3140524087-3623043744-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\origi\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-05] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-12-19] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-12-19] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default [2020-11-27]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://www.cashrewards.com.au; hxxps://www.guilded.gg
CHR Extension: (Honey) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-11-18]
CHR Extension: (uBlock Origin) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-10-26]
CHR Extension: (Dark Mode) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-11-12]
CHR Extension: (Adobe Acrobat) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-26]
CHR Extension: (Kaspersky Protection) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-01]
CHR Extension: (Cashrewards) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\foehlpanophbpagddidofdpeiappcmgf [2020-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-11-12]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-11-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-19]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-12]
CHR Extension: (HMA VPN Proxy Unblocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poeojclicodamonabcabmapamjkkmnnk [2020-07-19]
CHR Extension: (Nohat) - E:\Downloads\NohatExt_3\NohatExt_3 [2020-08-01]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AORUS LCD Panel Service; C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe [360960 2018-12-21] (CloudBees, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-10-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1728072 2020-10-03] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-26] (GOG Sp. z o.o. -> GOG.com)
R2 Hamachi2Svc; E:\Program Files\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10887816 2020-11-21] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-23] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2148856 2020-02-19] (Plex, Inc. -> Plex, Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
R3 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-11-18] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145304 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\70065\driver_cpu_temperature\logi_core_temp.sys [25448 2020-11-21] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-10-30] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-10-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-10-30] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [138904 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0f53becd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1D9677F7-E130-4FE7-8BE9-3105A03F2511}\MpKslDrv.sys [47336 2020-11-27] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-01-15] (Apple Inc.) [File not signed]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-07] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-27 18:41 - 2020-11-27 18:41 - 000033779 _____ C:\Users\origi\Desktop\FRST.txt
2020-11-27 13:36 - 2020-11-27 13:36 - 000000000 ____D C:\Users\origi\AppData\Local\WeMod
2020-11-26 23:32 - 2020-11-26 23:32 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-11-26 22:35 - 2020-11-26 22:36 - 000000000 ____D C:\Users\origi\AppData\LocalLow\SUPERHOT_Team
2020-11-24 20:22 - 2020-11-26 23:32 - 000138904 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-11-24 20:22 - 2020-11-26 23:32 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-11-24 19:55 - 2020-11-24 19:55 - 000909824 _____ (Farbar) C:\Users\origi\Desktop\FSS.exe
2020-11-23 20:27 - 2020-11-27 15:55 - 000000000 ____D C:\Users\origi\AppData\LocalLow\IGDump
2020-11-23 20:26 - 2020-11-26 23:32 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-23 20:26 - 2020-11-26 23:32 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\Users\origi\AppData\Local\mbam
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-23 20:21 - 2020-11-23 20:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-23 20:20 - 2020-11-23 20:17 - 002076624 _____ (Malwarebytes) C:\Users\origi\Desktop\MBSetup.exe
2020-11-23 20:16 - 2020-11-24 19:37 - 000000000 ____D C:\AdwCleaner
2020-11-23 20:15 - 2020-11-23 20:15 - 008447152 _____ (Malwarebytes) C:\Users\origi\Desktop\AdwCleaner.exe
2020-11-23 20:09 - 2020-11-27 18:40 - 000000000 ____D C:\Users\origi\Desktop\FRST-OlderVersion
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege.url
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege - Vulkan.url
2020-11-21 20:08 - 2020-11-21 20:08 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-11-21 20:08 - 2020-11-21 20:08 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-11-21 20:08 - 2020-11-21 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-11-21 20:08 - 2020-11-21 20:08 - 000000000 ____D C:\Program Files\LGHUB
2020-11-19 21:27 - 2020-11-19 21:30 - 000000000 ____D C:\Users\origi\Documents\Assassin's Creed Valhalla
2020-11-19 20:23 - 2020-11-19 20:23 - 000000235 _____ C:\Users\origi\Desktop\Assassin's Creed Valhalla.url
2020-11-19 19:22 - 2020-11-19 19:22 - 000000234 _____ C:\Users\origi\Desktop\Watch Dogs Legion.url
2020-11-18 18:46 - 2020-11-27 18:41 - 000000000 ____D C:\FRST
2020-11-18 18:46 - 2020-11-27 18:40 - 002290176 _____ (Farbar) C:\Users\origi\Desktop\FRST64.exe
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\Users\Public\Documents\Creative
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\ProgramData\Documents\Creative
2020-11-18 18:31 - 2020-11-18 18:31 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Users\origi\AppData\Local\Downloaded Installations
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\Patriot
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\ENE
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files (x86)\ENE
2020-11-18 18:31 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2020-11-18 18:30 - 2020-11-18 18:32 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2020-11-18 18:30 - 2020-11-18 18:30 - 000003464 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\Users\Public\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\ProgramData\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000000000 ____D C:\Users\origi\Documents\temp
2020-11-18 18:30 - 2020-11-18 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001506032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001027992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-11-18 18:15 - 2020-11-08 04:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-11-18 18:15 - 2020-11-08 04:37 - 000445848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-11-18 18:15 - 2020-11-08 04:36 - 005976296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-18 18:15 - 2020-11-07 15:01 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-18 18:13 - 2020-11-18 18:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-11-18 18:09 - 2020-11-18 18:09 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-11-17 13:47 - 2020-11-16 18:53 - 000000000 ____D C:\Windows.old
2020-11-17 13:45 - 2020-11-17 13:47 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-11-17 13:44 - 2020-11-17 13:45 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-17 13:44 - 2020-11-17 13:44 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-17 13:43 - 2020-11-17 13:43 - 000000000 ____D C:\ProgramData\ssh
2020-11-17 13:41 - 2020-11-17 13:41 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-11-17 13:41 - 2020-11-17 13:41 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-11-17 13:41 - 2020-11-17 13:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-11-17 13:41 - 2020-11-17 13:41 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-11-17 13:41 - 2020-11-17 13:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-11-17 13:41 - 2020-11-17 13:41 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2020-11-17 13:41 - 2020-11-17 13:41 - 000101688 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-11-17 13:41 - 2020-11-17 13:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-11-17 13:41 - 2020-11-17 13:41 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-17 13:40 - 2020-11-17 13:40 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-11-17 13:40 - 2020-11-17 13:40 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-17 13:40 - 2020-11-17 13:40 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-17 13:40 - 2020-11-17 13:40 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-17 13:40 - 2020-11-17 13:40 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-11-17 13:40 - 2020-11-17 13:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-11-17 13:36 - 2020-11-17 13:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files\MSBuild
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-17 09:52 - 2020-11-17 09:52 - 000000000 ____D C:\Users\origi\AppData\Roaming\HelloGames
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\ProgramData\Desktop\No Man's Sky.lnk
2020-11-17 09:36 - 2020-11-27 11:54 - 000000000 ____D C:\Users\origi\AppData\Roaming\SUPERHOTMCD
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\Users\Public\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\ProgramData\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-16 18:57 - 2020-11-18 18:16 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-16 18:56 - 2020-11-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-16 18:53 - 2020-11-24 20:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-16 18:53 - 2020-11-24 19:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-16 18:53 - 2020-11-16 18:53 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-11-16 18:53 - 2020-11-16 18:53 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-11-16 18:53 - 2020-11-16 18:53 - 000003710 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-16 18:53 - 2020-11-16 18:53 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-16 18:53 - 2020-11-16 18:53 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-16 18:53 - 2020-11-16 18:53 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-16 18:53 - 2020-11-16 18:53 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-16 18:53 - 2020-11-16 18:53 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1797817695-3140524087-3623043744-1001
2020-11-16 18:53 - 2020-11-16 18:53 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002638 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2020-11-16 18:53 - 2020-11-16 18:53 - 000000020 ___SH C:\Users\origi\ntuser.ini
2020-11-16 18:53 - 2020-11-16 18:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-16 18:49 - 2020-11-25 22:18 - 000000000 ____D C:\Users\origi
2020-11-16 18:49 - 2019-12-07 20:10 - 000001105 _____ C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-16 18:47 - 2020-11-27 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-16 18:47 - 2020-11-24 20:22 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-16 18:47 - 2020-11-16 18:47 - 000443608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-16 17:40 - 2020-11-16 18:53 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-16 17:36 - 2020-11-16 17:36 - 000000000 ___HD C:\$WinREAgent
2020-11-16 17:31 - 2020-08-03 22:37 - 000065910 _____ C:\Users\origi\Documents\Tom Leys - CV.pdf
2020-11-16 17:30 - 2020-11-23 21:07 - 000000000 ____D C:\Users\origi\Documents\My Games
2020-11-15 20:11 - 2020-11-15 20:11 - 000000000 ____D C:\Users\origi\Downloads\Django Unchained 2012 BluRay 720p [Hindi 2.0 + English 5.1] AAC x264 ESub - mkvCinemas [Telly]
2020-11-14 12:43 - 2020-11-14 12:43 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Hopoo Games, LLC
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\Users\Public\Desktop\Risk of Rain 2.lnk
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\ProgramData\Desktop\Risk of Rain 2.lnk
2020-11-14 12:37 - 2020-11-14 12:37 - 000000000 ____D C:\Users\origi\AppData\Local\Mordhau
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\Users\Public\Desktop\Mordhau.lnk
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\ProgramData\Desktop\Mordhau.lnk
2020-11-11 23:27 - 2020-11-11 23:27 - 000042673 _____ C:\Users\origi\Documents\Book1.xlsx
2020-11-11 17:23 - 2020-11-27 16:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\Users\Public\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\ProgramData\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 16:22 - 2020-11-16 18:49 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2020-11-06 16:22 - 2020-11-09 21:46 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2020-11-04 21:19 - 2020-11-27 18:36 - 000000000 ____D C:\Users\origi\AppData\Roaming\WeMod
2020-11-04 21:19 - 2020-11-27 13:36 - 000002159 _____ C:\Users\origi\Desktop\WeMod.lnk
2020-11-04 21:19 - 2020-11-27 13:36 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-11-04 17:20 - 2020-11-04 17:20 - 000000000 ____D C:\Users\origi\AppData\Roaming\CreamAPI
2020-11-04 15:29 - 2020-11-04 15:35 - 000000000 ____D C:\Users\origi\AppData\Roaming\Sekiro
2020-11-04 15:12 - 2020-11-04 15:12 - 000000617 _____ C:\Users\Public\Desktop\Sekiro - Shadows Die Twice.lnk
2020-11-04 15:12 - 2020-11-04 15:12 - 000000617 _____ C:\ProgramData\Desktop\Sekiro - Shadows Die Twice.lnk
2020-11-04 14:56 - 2020-11-04 14:56 - 000000000 ____D C:\Users\origi\Documents\DyingLight
2020-11-04 14:29 - 2020-11-04 17:33 - 000000703 _____ C:\Users\Public\Desktop\Dying Light - Ultimate Collection.lnk
2020-11-04 14:29 - 2020-11-04 17:33 - 000000703 _____ C:\ProgramData\Desktop\Dying Light - Ultimate Collection.lnk
2020-11-04 14:27 - 2020-11-04 14:27 - 000001760 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2020-11-04 14:27 - 2019-03-19 15:49 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\Users\Public\Desktop\Hades.lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\Users\Public\Desktop\Hades (x86).lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\ProgramData\Desktop\Hades.lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\ProgramData\Desktop\Hades (x86).lnk
2020-11-03 17:25 - 2020-11-03 21:15 - 000000000 ____D C:\Users\origi\Documents\Teardown
2020-11-03 16:42 - 2020-11-03 16:42 - 000000000 ____D C:\Users\origi\AppData\LocalLow\noio
2020-11-01 22:07 - 2020-11-08 21:52 - 000000000 ____D C:\Users\origi\AppData\Roaming\EasyAntiCheat
2020-10-30 23:58 - 2020-10-30 23:58 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2020-10-30 23:58 - 2020-10-30 23:58 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2020-10-30 23:58 - 2020-10-30 23:58 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-10-30 23:12 - 2020-11-08 04:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-10-30 23:12 - 2020-11-08 04:36 - 007005008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-10-30 23:12 - 2020-10-28 14:49 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-10-28 22:20 - 2020-10-19 16:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2020-10-28 22:20 - 2020-10-19 16:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-27 18:32 - 2019-12-18 20:58 - 000000000 ____D C:\Program Files (x86)\Steam
2020-11-27 18:30 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-27 18:27 - 2020-01-28 13:17 - 000000000 ____D C:\Users\origi\AppData\Local\Battle.net
2020-11-27 18:03 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Discord
2020-11-27 17:38 - 2019-12-19 12:33 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-27 17:35 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Roaming\Spotify
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-27 17:28 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Local\Ubisoft Game Launcher
2020-11-27 17:28 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-27 17:26 - 2019-12-19 23:41 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Mozilla
2020-11-27 13:36 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Local\SquirrelTemp
2020-11-27 13:31 - 2019-12-25 21:04 - 000000000 ____D C:\Users\origi\AppData\Roaming\uTorrent
2020-11-26 23:26 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-26 18:39 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Local\Spotify
2020-11-26 00:06 - 2019-12-07 20:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-25 22:08 - 2020-08-12 20:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-25 22:08 - 2020-08-12 20:56 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-25 22:08 - 2020-08-12 20:56 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-24 20:25 - 2019-12-23 16:45 - 000000000 ____D C:\Users\origi\AppData\Local\CrashDumps
2020-11-24 20:21 - 2019-12-19 12:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-11-24 20:21 - 2019-12-07 20:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-24 20:21 - 2019-12-07 20:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-11-24 19:52 - 2020-10-08 22:14 - 000000000 ____D C:\Program Files\Cheat Engine 7.1
2020-11-24 19:36 - 2020-08-03 21:29 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 21:07 - 2019-12-26 16:49 - 000000000 ____D C:\Users\origi\AppData\Local\BattlEye
2020-11-23 20:26 - 2019-12-07 20:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-23 20:11 - 2020-09-06 23:33 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-11-23 20:09 - 2019-03-19 15:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-11-22 19:48 - 2019-12-18 22:45 - 000000000 ____D C:\Users\origi\AppData\Local\D3DSCache
2020-11-21 21:42 - 2020-10-03 13:35 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Temp
2020-11-21 21:41 - 2020-04-16 22:50 - 000000000 ____D C:\Users\origi\AppData\Roaming\LGHUB
2020-11-21 21:39 - 2019-12-07 20:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-21 21:34 - 2020-04-17 17:59 - 000000000 ____D C:\Users\origi\AppData\Local\LGHUB
2020-11-19 23:07 - 2019-12-07 20:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-19 20:43 - 2020-05-03 16:40 - 000000000 ____D C:\Users\origi\AppData\Local\My Games
2020-11-19 19:17 - 2020-05-03 16:32 - 000001310 _____ C:\Users\origi\Desktop\Ubisoft Connect.lnk
2020-11-19 19:17 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-11-19 17:57 - 2020-07-21 23:22 - 000000000 ____D C:\Battlestate Games
2020-11-19 08:36 - 2019-12-18 21:28 - 001562560 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-11-19 08:35 - 2020-04-18 17:06 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000170424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000158136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000154032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-11-18 19:48 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA
2020-11-18 18:19 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA Corporation
2020-11-18 18:13 - 2020-07-19 23:19 - 000000000 ___RD C:\Users\origi\iCloudDrive
2020-11-18 14:35 - 2019-12-25 21:02 - 000000000 ____D C:\Users\origi\AppData\Local\BitTorrentHelper
2020-11-17 13:47 - 2020-10-08 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.1
2020-11-17 13:47 - 2020-10-03 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex - Mankind Divided [GOG.com]
2020-11-17 13:47 - 2020-10-01 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-11-17 13:47 - 2020-09-16 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-11-17 13:47 - 2020-09-06 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-11-17 13:47 - 2020-08-10 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2020-11-17 13:47 - 2020-08-04 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.4.6f1 (64-bit)
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\3082
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1055
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1049
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1046
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1045
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1040
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1036
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1033
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1029
2020-11-17 13:47 - 2020-07-23 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSCodium
2020-11-17 13:47 - 2020-07-22 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-11-17 13:47 - 2020-07-21 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-11-17 13:47 - 2020-07-19 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-11-17 13:47 - 2020-06-16 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 [GOG.com]
2020-11-17 13:47 - 2020-05-30 05:39 - 000000000 ____D C:\Program Files\UNP
2020-11-17 13:47 - 2020-04-17 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-17 13:47 - 2020-04-11 17:42 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2020-11-17 13:47 - 2020-04-04 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-11-17 13:47 - 2020-03-15 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-11-17 13:47 - 2020-02-24 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-11-17 13:47 - 2020-01-28 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-11-17 13:47 - 2020-01-25 00:33 - 000000000 ____D C:\WINDOWS\ShellNew
2020-11-17 13:47 - 2020-01-25 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2020-11-17 13:47 - 2020-01-13 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-11-17 13:47 - 2020-01-11 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2020-11-17 13:47 - 2020-01-11 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2020-11-17 13:47 - 2020-01-02 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2020-11-17 13:47 - 2020-01-01 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-17 13:47 - 2019-12-30 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2020-11-17 13:47 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\regid.1995-09.com.example
2020-11-17 13:47 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UWPHook
2020-11-17 13:47 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-17 13:47 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2020-11-17 13:47 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-11-17 13:47 - 2019-12-18 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-17 13:47 - 2019-12-18 22:13 - 000000000 ____D C:\WINDOWS\system32\Samsung
2020-11-17 13:47 - 2019-12-18 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-11-17 13:47 - 2019-12-18 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-11-17 13:47 - 2019-12-07 20:18 - 000000000 ____D C:\WINDOWS\Setup
2020-11-17 13:47 - 2019-12-07 20:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2020-11-17 13:45 - 2020-07-24 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2020-11-17 13:45 - 2020-07-22 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-11-17 13:45 - 2020-02-15 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-11-17 13:43 - 2019-12-07 20:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-17 13:43 - 2019-12-07 20:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-17 13:43 - 2019-12-07 20:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-17 13:37 - 2019-12-07 20:52 - 000000000 ____D C:\WINDOWS\OCR
2020-11-17 08:35 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-17 08:33 - 2019-12-19 12:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-17 01:58 - 2019-12-19 12:13 - 000000000 ____D C:\Users\origi\AppData\Local\Packages
2020-11-17 01:58 - 2019-12-19 12:11 - 000000000 ____D C:\ProgramData\Packages
2020-11-16 18:56 - 2020-04-11 16:47 - 000000000 ____D C:\Users\origi\AppData\LocalLow\uTorrent
2020-11-16 18:56 - 2019-12-19 12:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-16 18:54 - 2019-12-19 12:13 - 000000000 ___RD C:\Users\origi\3D Objects
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-16 18:51 - 2019-12-07 20:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-16 18:50 - 2020-07-19 23:19 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-11-16 18:49 - 2020-09-23 13:48 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2020-11-16 18:49 - 2020-09-23 13:31 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-11-16 18:49 - 2020-07-25 21:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macroplant LLC
2020-11-16 18:49 - 2020-07-01 20:46 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnakeBite
2020-11-16 18:49 - 2020-06-23 19:27 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2
2020-11-16 18:49 - 2020-06-23 18:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2 for Terraria 1.3.5.3
2020-11-16 18:49 - 2020-04-05 21:00 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-11-16 18:49 - 2020-01-19 15:22 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-11-16 18:49 - 2020-01-01 13:58 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-16 18:49 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-11-16 18:48 - 2019-12-19 12:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-16 18:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-16 17:26 - 2019-12-19 12:14 - 000000000 ___RD C:\Users\origi\OneDrive
2020-11-16 17:16 - 2019-12-19 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-16 17:16 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-15 22:06 - 2019-12-18 23:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Twitch
2020-11-15 18:10 - 2020-04-17 16:39 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-14 22:25 - 2020-04-04 20:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\vlc
2020-11-14 12:37 - 2019-12-29 23:33 - 000000000 ____D C:\Users\origi\AppData\Local\UnrealEngine
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\ProgramData\Desktop\Battlestate Games Launcher.lnk
2020-11-12 01:44 - 2019-12-23 14:33 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-12 01:44 - 2019-12-23 14:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 23:33 - 2019-12-19 23:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-07 00:04 - 2019-12-19 11:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 14:27 - 2020-06-28 23:21 - 000000000 ____D C:\Users\origi\AppData\Local\GameAnalytics
2020-11-04 10:57 - 2019-12-19 23:13 - 000000000 ____D C:\Users\origi\AppData\LocalLow\MCC
2020-10-31 13:53 - 2020-08-17 00:43 - 000000000 ____D C:\websymbols
2020-10-31 00:03 - 2020-09-06 23:41 - 000795000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-10-28 22:20 - 2019-12-19 12:36 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-10-28 22:20 - 2019-12-19 12:36 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-10-28 22:20 - 2019-12-19 12:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-28 22:20 - 2019-12-19 12:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-28 22:20 - 2019-12-19 12:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-28 00:20 - 2019-12-19 12:15 - 000000000 ____D C:\Users\origi\AppData\Local\PlaceholderTileLogoFolder
 
==================== Files in the root of some directories ========
 
2020-08-27 23:25 - 2020-08-27 23:26 - 000000190 _____ () C:\Users\origi\AppData\Roaming\modthegungeon.conf
2020-08-06 21:25 - 2020-08-06 21:25 - 000013981 _____ () C:\Users\origi\AppData\Local\recently-used.xbel
2020-01-21 23:21 - 2020-07-22 00:33 - 000007601 _____ () C:\Users\origi\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Addition.txt: 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by origi (27-11-2020 18:43:00)
Running from C:\Users\origi\Desktop
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-11-16 07:53:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1797817695-3140524087-3623043744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1797817695-3140524087-3623043744-503 - Limited - Disabled)
Guest (S-1-5-21-1797817695-3140524087-3623043744-501 - Limited - Disabled)
origi (S-1-5-21-1797817695-3140524087-3623043744-1001 - Administrator - Enabled) => C:\Users\origi
WDAGUtilityAccount (S-1-5-21-1797817695-3140524087-3623043744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
AltServer (HKLM-x32\...\{6CC7EBC1-2C38-4717-B13D-CB0A478552EF}) (Version: 1.3.2 - Riley Testut)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.2.0 - GIGABYTE Technology Co.,Inc.)
AORUS LCD Panel Setting (HKLM-x32\...\{82026686-454E-4233-83E3-4045BC3FB31C}_is1) (Version: 1.0.3.1 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version:  - Ubisoft)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0.1 - shockingsoft.com)
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 10.4.2.1226 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.4.2.1226 - Battlestate Games)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.66.0 - Bethesda Softworks)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.205.0.1006 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.1 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Deus Ex: Mankind Divided (HKLM-x32\...\1296690054_is1) (Version: 1.19 hotfix - GOG.com)
Deus Ex: Mankind Divided™ DLC - Season Pass (HKLM-x32\...\1753119582_is1) (Version: 1.19 hotfix - GOG.com)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648 - GOG.com)
Dying Light: Ultimate Collection (HKLM-x32\...\Dying Light: Ultimate Collection_is1) (Version:  - )
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.8.9819 - Battlestate Games)
Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
Hades (HKLM-x32\...\Hades_is1) (Version:  - )
icecap_collection_neutral (HKLM-x32\...\{2A00DCB3-752F-446C-B3B3-1B6ADFBFF3E3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{BE5E54C4-6B68-4AE3-A7F4-45F0D29D48D3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{1E6E5904-E97F-41F7-B3DB-0C8CD3180E3C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{7FD392DF-51A1-4DC1-9C6F-BF7C58A576AC}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
iExplorer (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\2ee35ebaf226322a) (Version: 4.3.4.0 - Macroplant LLC)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{65A59264-DFCE-498D-A091-D124C6EFB6FF}) (Version: 12.10.8.5 - Apple Inc.)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LazyClicker (HKLM-x32\...\{FB523953-2434-4FB2-A027-F42B395659F8}) (Version: 1.1.0.27 - LazyClicker)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft .NET Core SDK 3.1.302 (x64) from Visual Studio (HKLM\...\{539053B2-E414-46BC-B4CD-365E79AFEA79}) (Version: 3.1.302.015188 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0006 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2037.624 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Mordhau (HKLM-x32\...\Mordhau_is1) (Version:  - )
Mozilla Firefox 82.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 82.0.3 (x64 en-US)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
Node.js (HKLM\...\{97FD2F60-C3CD-417D-A5F6-C538B37054CC}) (Version: 12.16.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
PlanetSide 2 (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plex Media Server (HKLM-x32\...\{203FDA60-7969-4EB3-BD69-4D1752B3C6F9}) (Version: 1.18.2438 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{440398c3-62c1-4e0e-b558-5ca3f78e1d94}) (Version: 1.18.7.2438 - Plex, Inc.)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.8.5 (32-bit) (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{44a59e57-34e2-4d86-93ba-a2588bfac760}) (Version: 3.8.5150.0 - Python Software Foundation)
Python 3.8.5 Add to Path (32-bit) (HKLM-x32\...\{2D01141A-8022-4100-B256-02EFB0F1830B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Core Interpreter (32-bit) (HKLM-x32\...\{31F7FCA7-1F15-48FD-BFB9-91FE58FC2F07}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Development Libraries (32-bit) (HKLM-x32\...\{657AEF25-7BC3-4E93-A08C-ECD14E8A74AE}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Documentation (32-bit) (HKLM-x32\...\{F7A293EB-21B8-45DE-85A5-8ADEB68B9EFB}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Executables (32-bit) (HKLM-x32\...\{F6156224-C882-453A-9046-EFCD31982E68}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 pip Bootstrap (32-bit) (HKLM-x32\...\{71C0D67F-EF42-4C5C-A2AE-04FD8B38AB1C}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Standard Library (32-bit) (HKLM-x32\...\{4D147A72-5C01-47B2-8789-1D1969F6AC32}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{653FBD26-2D1A-48C1-AAB1-0AB6F2A3749B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Test Suite (32-bit) (HKLM-x32\...\{DE45C740-8250-4A49-8B81-FE347C70E6BA}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Utility Scripts (32-bit) (HKLM-x32\...\{9450D936-1E4F-44EF-A0D4-92C471229B98}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{CEEAEA02-2472-4BF6-8994-52D6783F5575}) (Version: 3.8.7140.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1030.101917 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1311.27 - Rockstar Games)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1105.1 - GIGABYTE)
Risk of Rain 2 (HKLM-x32\...\Risk of Rain 2_is1) (Version:  - )
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version:  - )
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior Contracts_is1) (Version:  - )
Spotify (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Spotify) (Version: 1.1.46.916.g416cacf1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{B5747469-E9CA-4F7C-A964-0A32DF449B24}) (Version: 1.18.2438 - Plex, Inc.) Hidden
superhot: mind control delete (HKLM-x32\...\superhot: mind control delete_is1) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
Terraria Tweaker 2 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2) (Version: "2.3.1405.0" - TiberiumFusion)
Terraria Tweaker 2 for Terraria 1.3.5.3 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2 for Terraria 1.3.5.3) (Version: "2.2.1353.0" - TiberiumFusion)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
thriXXX 3DKink-500.001 (HKLM-x32\...\3DKink-500.001) (Version:  - thriXXX Software GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Twitch (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2019.4.6f1 - Unity Technologies ApS)
Unity Hub 2.3.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.3.2 - Unity Technologies Inc.)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UWPHok (HKLM-x32\...\UWPHook 2.5.1) (Version: 2.5.1 - Briano)
UWPHook (HKLM-x32\...\{52B9D66E-8B17-4E82-94EE-9664614B67A2}) (Version: 2.5.1 - Briano) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{B2AC4CE4-2533-4485-B3B5-2F645C2DD325}) (Version: 14.26.28808 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\2a34e2d9) (Version: 16.6.30320.27 - Microsoft Corporation)
Visual Studio Team Explorer 2017 (HKLM-x32\...\b0a2d319) (Version: 15.9.28307.1216 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.4 - Black Tree Gaming Ltd.)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{2CCEC45B-1462-4FFD-8214-90E3C25000F7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0A54CADD-CBA1-4BC9-A134-6C9F91F41B9A}) (Version: 16.5.29521 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
VSCodium (HKLM\...\{D77B7E06-80BA-4137-BCF4-654B95CCEBC5}_is1) (Version: 1.47.2 - Microsoft Corporation)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version:  - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version:  - Ubisoft)
WeMod (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\WeMod) (Version: 6.3.11 - WeMod)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.47.2.0_x86__kgqvnymyfvs32 [2020-11-25] (king.com)
Clustertruck -> C:\Program Files\WindowsApps\tinyBuildGames.3289435C1E20_1.0.3.0_x86__3sz1pp2ynv2xe [2020-01-04] (tinyBuild Games)
Death's Gambit -> C:\Program Files\WindowsApps\CartoonInteractiveGroupIn.DeathsGambit_1.0.0.0_x64__6c1aaymwt3dwm [2020-02-18] (Cartoon Interactive Group Inc.)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.48.4.0_x86__kgqvnymyfvs32 [2020-11-07] (king.com)
FTL: Faster Than Light -> C:\Program Files\WindowsApps\Mutable\SubsetGames.FTLFasterThanLight_1.6.13.0_x86__gvagsjwfgyhyc [2020-01-10] (Subset Games)
Golf With Your Friends -> C:\Program Files\WindowsApps\Team17DigitalLimited.GolfWithYourFriendsWin10_1.0.12.0_x64__j5x4vj4y67jhc [2020-10-29] (Team17 Digital Limited)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Mutable\Microsoft.Chelan_1.1955.0.0_x64__8wekyb3d8bbwe [2020-11-21] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
My Friend Pedro Win10 -> C:\Program Files\WindowsApps\DevolverDigital.MyFriendPedroWin10_1.0.6.0_x64__6kzv4j18v0c96 [2020-05-06] (Devolver Digital)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-04-14] (Realtek Semiconductor Corp)
The Master Chief Collection: Halo 2 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo2_1.1448.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3: ODST -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3ODST_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo CE -> C:\Program Files\WindowsApps\Microsoft.HaloCombatEvolved_1.1367.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
Totally Accurate Battle Simulator (Game Preview) -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.24.0_x64__r2vq7k2y0v9ct [2020-09-01] (Landfall Games)
UNDERTALE -> C:\Program Files\WindowsApps\8-4Ltd.Undertale-Windows10_1.1.0.0_x86__c74r4999cqbdr [2020-01-04] (8-4, Ltd.)
West of Loathing -> C:\Program Files\WindowsApps\Asymmetric.WestofLoathing_1.1111.1111.0_x64__y20smdktffva2 [2020-04-30] (Asymmetric Publications, LLC)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-04-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-22] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\origi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --force-dark-mode
 
==================== Loaded Modules (Whitelisted) =============
 
2020-11-18 18:30 - 2019-08-05 13:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll
2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 085372416 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 098275328 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 000092672 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 003922432 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 002010112 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GbtCpuLib.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2020-11-18 18:30 - 2019-12-09 17:27 - 000289792 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVBIOSLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000628736 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvComW.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000013312 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvCrypt.dll
2020-11-18 18:30 - 2020-10-23 11:27 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVDisplay.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000240640 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvIllumLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000218112 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvOrderLib.dll
2020-11-18 18:32 - 2020-09-14 09:07 - 000472576 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\GVDisplay.dll
2020-07-08 10:49 - 2020-07-08 10:49 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACDDR_Lib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 001079808 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\MFC80U.DLL
2018-08-30 16:26 - 2018-08-30 16:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 000518144 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 000547840 _____ (The Chromium Authors) [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-11-18 18:30 - 2019-08-27 13:22 - 000224256 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvAutoUpdate.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-11-05 15:15 - 2020-11-05 15:15 - 000492544 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-10-22 15:05 - 2020-10-22 15:05 - 002107392 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\sharepoint.com -> hxxps://mqoutlook-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\wustat.windows.com -> hxxp://wustat.windows.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 15:49 - 2020-11-23 20:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\;C:\Program Files\VSCodium\bin;C:\Program Files\dotnet\
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\Control Panel\Desktop\\Wallpaper -> E:\Pictures\Wallpapers\RGB Circles.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Synapse3"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{F10D8E68-791F-40DA-B562-571EC41B5850}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
FirewallRules: [TCP Query User{940071B3-1041-4A24-9CD6-36A0502F8418}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
FirewallRules: [{44B75A98-6FC8-40C6-9EBF-C16D01755B28}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{A933E254-B7CE-4C1A-888A-C3E35222C782}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [UDP Query User{B6446B56-F82C-4ABC-BB1F-637DEC2B7F89}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{6D2A8BAA-6BB1-4876-9122-F48193FF86BF}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{C4763C34-DCA4-4E02-B3D0-A49C58951873}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [TCP Query User{19752260-5051-43C3-B0BA-962487E1C33F}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [{08A7615C-013D-445F-8E0E-E7BD1ED90D6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{027D44AF-D56D-4483-963E-AC5795B19E62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A193A34-7EFE-4DFA-A067-4E753DB615F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7187FD66-B038-40AA-9455-58B0BDE2B267}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{54D767F1-03F2-4457-948B-AF0FB9A293E0}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{95179F55-D539-4CCD-A60D-E65966490B8D}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [UDP Query User{F0FD4D93-F6DE-411F-86C9-C69D2BCB6794}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{A3134F08-16BE-4B7D-89F4-48A33035CF54}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{D7ED7EBC-65F4-44DE-9E4B-129A75F9D25B}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{60E24A6F-4970-4D38-A294-E392C7E62792}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{325DCF6B-91C0-4783-A4CE-8E1F092F642D}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [TCP Query User{78C9547E-474E-4F31-A8E0-D8386AA715C4}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [{F44F34B3-9256-463E-A5EF-AD01CA3B2D4D}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [{CB509D4A-F2C1-400A-822A-F96E6F84A3AB}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [UDP Query User{A2390B05-03FD-4FF0-9D91-AD3EC97BD96D}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{6B3FA829-0710-45F7-A03A-3FD37AEAF171}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{864D0893-5D28-4E25-97DF-788A8F24600D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43EC5C06-C5C2-437A-B078-B86D69973A3F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{C36AEA6D-181B-4149-AEF0-24A28DF74D3C}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [TCP Query User{F318B14C-86A2-4A84-9CE2-BCA4DB71EC71}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [{B13B0A28-5CD1-4D3E-960A-FABE2F743E12}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{BAD16577-D190-4412-98F0-FEFA6098F3EE}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{34020297-0BDC-4BC0-BFD5-3687EAA12AE5}] => (Block) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{87219C25-F2EC-40E1-97FC-5D4D41F4338F}] => (Allow) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{33DFD611-4C4E-4B7C-B1DA-622AFE290435}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{8D1BB9DB-4E7F-4D46-A3D6-FDDD22AF366C}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{F7861289-6A85-4C72-BDBA-083871DE2E4A}] => (Allow) E:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{45A508BD-343A-4D9E-945F-70CC137AC76C}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{BB29CB11-64CD-4DF4-B66E-A95E49B1CFDB}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{FD2C0B71-4D0F-4808-8575-3745905AD28B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{42B6660B-5ED1-4BDF-ACE0-BCE07F03781E}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [TCP Query User{2E6F1D60-AAEB-48C7-A51E-38370BF4EF6D}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [{306AADBD-AAB4-48E8-B6BE-1D07B1664146}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{14214BC4-7917-4BE6-8A67-A2CFBA885D72}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{0AA59250-7B8C-4F0B-B5D8-E7ED64852855}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7894A19D-2B41-4099-9E03-82B6D3308E9D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{25104F42-C5A8-4AE5-9A08-42298714AADB}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{99B4E8E8-1893-45F4-B5B0-AAD3BF112D6F}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{D74360E7-C50A-46DF-AD5E-2C9688CF483A}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{CCB71434-5169-4097-BA00-7690F3C94336}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{902D3AF8-D32A-49DF-BAE8-1CE4254B49EA}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{FD22DB00-BAB7-421D-A3E1-FE4A6BE12D4B}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{59509B66-C71C-40E8-B222-A05CF7ADA902}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{917C14FA-FDFF-4937-BCAE-39FB92079AAC}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{CEABD935-8832-494B-A277-AD723C16E8F8}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{B0039ED2-34D8-4DFB-B8EB-41154C09EB05}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{7415C043-6DD1-4770-A6C8-153E8015635A}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{34EFECF9-D2DC-414B-A068-4E4C11EB15A0}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{9D3CB140-B85C-431D-851D-33EBBB64EC4B}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{F7A51524-6680-4817-93B3-4FB20321B983}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{3C65C792-A8A6-4101-8CBF-FAD144FE474C}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{76D91F81-F31B-43C4-9177-0E98E20133F9}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{231FB57E-6AF9-4F2C-8C54-DF7F8F2A6C50}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{501753C0-C5BD-4D9D-839B-268FE5CB0B86}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{14C03299-DCF1-4508-9CD7-1930CFE6A274}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{D2E7ADDF-1589-4FD8-B3FC-B3D85A9B6F5A}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{8258957B-DCB5-458C-A270-134327AF3811}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{12EB542A-9BFF-47E6-87D3-6F1FF5E34FC6}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{C3C791EF-22BA-4F59-BC25-51D0DB5E0278}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{6CB92D7C-7DC3-4EF9-8A37-9CF84197A520}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [{4DF7FE8E-0264-44E6-996A-3EA5A94F8F1E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{3EB1A1BC-42C9-44A0-89E2-F9549E72F139}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{FFD736D3-BF75-404F-824A-E87DD328C3C6}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{479AD954-D64B-46EF-B046-3A916A2EC95F}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{8B221CFE-47F8-4418-8A2E-7C501FB79A01}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{2BF9EA75-998A-4D25-8EED-266FBB0A448E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{75B083B5-47D8-4A9F-918B-8CF993A4005E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FE0709B9-6DEE-484F-95D1-8F53EEEB9016}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{80301D8A-7F60-4685-836F-B3CA6609C81A}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{5A6BBD9F-E23D-49EF-8003-E642669DC7E8}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [TCP Query User{666556D2-4339-4484-ADBA-D27818139021}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [{F5195C8B-3C8F-4A3E-8A2C-09EAA4D02842}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [{AA3F5F3A-F171-441A-BBE7-4FE7B3C3C54D}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [{9AB356E3-1C49-45D0-92D7-21143CECE733}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF43DDDA-4442-4233-92D0-7B28CA43BE7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D32F1D5B-BD93-4F80-84D4-A6F24F3169AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A112E236-9BD0-4F0E-8E86-3BD9995DA22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DB41F1CC-4157-4B2E-A46B-7773491713E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FC6E254-4932-44EE-8D54-F26D58C8CDB8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE17E754-D40D-4F7B-B445-04F317D4BA55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{238925C4-1354-4AA1-865D-9620EE84EE56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{56B0067E-EA09-4D6F-83E3-866094057A59}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{B4288E7E-F78B-45DB-9477-1BCF095B4053}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{FB7BE848-FDE0-4D65-854D-A34E5904B18B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2E58401E-54F3-4071-9DD0-8A3A3B1F7D5B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{55F4F4E4-6DE8-4FF7-B391-C1E19A1E0988}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{625B937E-C165-4A10-ABEC-6739A4F19C76}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EC3D6E3F-D22B-45FF-86FD-73A42E37BC01}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{FCE58226-D93B-44EF-B104-E9B412434148}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{B3D20E8A-DAC4-4319-9B5C-13D59B6BC4D8}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FEE9CE96-58F4-4030-88CB-5B5EE3B47F3A}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{03684179-A6B7-408B-A2B0-41545EC96826}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [UDP Query User{655C2BD9-62B4-4B6D-BD3A-72C4AEC22A73}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [TCP Query User{BE68303A-CA83-45AF-AA41-E58A9D8245F3}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{32E8EDC4-0755-42CB-8BD0-1A4EB166C618}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{410561EF-AB33-4577-B74F-B67E1FC6DF4F}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{B2E877D3-5FF6-4FCA-BB52-BC96F1D944F6}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{16B1414A-FE63-4C3A-B9C7-5587D7AC39D2}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{68E21DC7-8280-4F29-80E2-E6BB9677AFC1}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{79D1F9F0-DBCB-4B21-8FA6-69D2F2F2E332}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{08C2D746-BDCB-45BF-80E3-DDCDDD0EE60C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{420E550E-47C4-4454-A99A-8EE7BBCA1EDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8079971B-C0B8-4E0A-9744-6D2A1973AF10}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{BCDE392E-AEFB-43AC-AC45-EBCA7CBD289E}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{15887DF6-8639-4AAB-A645-BC33B1BACC1D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{465FB64B-5046-4360-9AEE-EF848A8994D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32EAD7C7-073D-4808-8491-BB3BC3B0B971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA6EA858-6A11-4455-8ABF-32AD4BA524C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBD423BF-4015-4ACF-9104-6B0F247AE9E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7544C042-590A-40EC-BD55-3CF5B74790E4}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8767F310-C7B1-4FF3-98AD-F83BF76E2F02}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F143E14A-ED9B-49A4-BEEF-027B7A355C9C}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7EADD2C3-3F8F-4CAA-B403-E0814133A116}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
 
==================== Restore Points =========================
 
23-11-2020 21:06:16 Installed DirectX
27-11-2020 17:28:15 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112
 
==================== Faulty Device Manager Devices ============
 
Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/25/2020 12:01:46 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{9a8732ff-18d5-0322-1c0f-0df7da13f473}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (11/25/2020 12:01:46 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{6f91f53b-c14a-3a64-b8d5-75033d930404}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (11/24/2020 08:25:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x20dc
Faulting application start time: 0x01d6c243c3c81070
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 62479c28-105e-4e80-adbb-cd6cd7a63d33
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1060
Faulting application start time: 0x01d6c243c351cb9e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 8dd8dd82-e66a-41e2-95e3-70ec3aec38fd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0xcc8
Faulting application start time: 0x01d6c243c2dd2f8e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 0783a1f3-ceb6-4e65-85d4-87a69114e06b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x8e8
Faulting application start time: 0x01d6c243c2680fa4
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: a315d439-23f7-4c2a-aa2e-adb2a5276891
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1968
Faulting application start time: 0x01d6c243c1f320f2
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 2d098043-ea4b-4339-9381-3ca9127dd020
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1460
Faulting application start time: 0x01d6c243c17bbe03
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 4b6139a1-5477-4c9d-88cd-c85a9374e367
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/24/2020 08:21:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AORUS LCD Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:41:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240017: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.327.1458.0).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AORUS LCD Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA FrameView SDK service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2020-11-27 13:39:54.2010000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:45.1350000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:37.7120000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444770255.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:13.9190000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444736970.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:04.4280000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444736970.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
CodeIntegrity:
===================================
 
Date: 2020-11-24 20:01:15.8600000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 20:01:11.2530000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 20:01:11.2390000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:55:43.5890000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:55:43.5750000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:51:51.2970000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:51:51.2810000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:40:43.2850000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F8 05/24/2019
Motherboard: Gigabyte Technology Co., Ltd. Z390 UD
Processor: Intel® Core™ i7-9700KF CPU @ 3.60GHz
Percentage of memory in use: 62%
Total physical RAM: 16315.74 MB
Available physical RAM: 6106.4 MB
Total Virtual: 32699.74 MB
Available Virtual: 15884.63 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:476.31 GB) (Free:123.7 GB) NTFS
Drive e: (General Data) (Fixed) (Total:1863 GB) (Free:23.54 GB) NTFS
 
\\?\Volume{b980258e-7d1d-4849-9afc-62f134671dbe}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{6f91f53b-c14a-3a64-b8d5-75033d930404}\ () (Fixed) (Total:134.04 GB) (Free:0 GB) NTFS
\\?\Volume{9a8732ff-18d5-0322-1c0f-0df7da13f473}\ () (Fixed) (Total:0.38 GB) (Free:0 GB) NTFS
\\?\Volume{5b1288a7-6dfa-3ed5-2a67-433444f12d55}\ () (Fixed) (Total:0.23 GB) (Free:0 GB) NTFS
\\?\Volume{a0c79aa4-df4d-c91a-9b4d-d792d91b3c8f}\ () (Fixed) (Total:0.12 GB) (Free:0 GB) NTFS
\\?\Volume{80d34bf8-f98b-51da-b17a-8eba6eddd503}\ () (Fixed) (Total:0.66 GB) (Free:0 GB) NTFS
\\?\Volume{0b93ca05-ce54-9fb7-26ea-9bfb7aa697a4}\ () (Fixed) (Total:3.6 GB) (Free:0 GB) NTFS
\\?\Volume{3db56128-1cef-3089-2d29-5603c1d1e215}\ () (Fixed) (Total:3.01 GB) (Free:0 GB) NTFS
\\?\Volume{fef99fd2-93ea-80ca-9155-61e105c116a9}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{6c13b06c-a0dc-e5f8-ab8a-7be7b50dd034}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{39facdf8-c027-8a74-e579-ac7250cc7dc1}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{e930a4ec-d1bd-3b79-11a2-3df525ee525a}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{eaca5632-2c1b-ac1d-f709-31a4953839c1}\ () (Fixed) (Total:3.45 GB) (Free:0 GB) NTFS
\\?\Volume{68f7e57c-6419-88e0-5f5a-c90c1a5bf2f9}\ () (Fixed) (Total:0.39 GB) (Free:0 GB) NTFS
\\?\Volume{0fa0f211-8bd9-4599-9a11-04caf0476453}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 9.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 10.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 11.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 12.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 13.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 14.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 15.
 
==================== End of Addition.txt =======================

  • 0

Advertisements

#17
Mingo_TTV
Posted 27 November 2020 - 01:55 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi,

 

Sorry, I didn't see that you had replied until now.

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2020
Ran by origi (administrator) on DESKTOP-Q4STC4U (Gigabyte Technology Co., Ltd. Z390 UD) (27-11-2020 18:41:18)
Running from C:\Users\origi\Desktop
Loaded Profiles: origi
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CloudBees, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe
(Discord Inc. -> Discord Inc.) C:\Users\origi\AppData\Local\Discord\app-0.0.308\Discord.exe <7>
(Epic Games Inc. -> Epic Games, Inc.) E:\Program Files\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe <3>
(Epic Games Inc. -> Epic Games, Inc.) E:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <55>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(LogMeIn, Inc. -> LogMeIn Inc.) E:\Program Files\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) E:\Program Files\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2011.4.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.621_none_e7694895260e0b6d\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rockstar Games, Inc. -> Rockstar Games) E:\Program Files\Rockstar Games\Launcher\Launcher.exe
(Rockstar Games, Inc. -> Rockstar Games) E:\Program Files\Rockstar Games\Launcher\RockstarService.exe
(Rockstar Games, Inc. -> Take-Two Interactive Software, Inc.) C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe <3>
(Spotify AB -> Spotify Ltd) C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe <5>
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WeMod LLC -> Daring Development Inc.) C:\Users\origi\AppData\Local\WeMod\app-6.3.11\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe
(WeMod LLC -> WeMod) C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe <4>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\Program Files\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Spotify] => C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe [23232232 2020-11-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Discord] => C:\Users\origi\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [EpicGamesLauncher] => E:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33102224 2020-11-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24625144 2020-02-19] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104586376 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\origi\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14766664 2020-10-03] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514096 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-17] (Google LLC -> Google LLC)
Startup: C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2020-11-18]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {059ACACA-6610-4154-B0B9-1A814E39B8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {05AC1BC4-DF43-4C90-8C4B-4D12C1BDD8D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {07471E98-CE11-41B9-8E9C-F87637FF5892} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F70B12F-62ED-4511-A9ED-81246B0BE16A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {41457A5F-3A9B-4270-9E29-88D63C659B66} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EFA01D9-BD05-4C48-851F-56B7628B1B5E} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33903328 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {55AA047D-959B-4DB7-9C39-4C91A7EE2E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CFA99A2-D0F8-4F7A-A306-8A9BC8BF63F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {5F2BA33A-8616-424C-AB9D-3217745A09E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7778467F-4FC4-48CF-B33A-C9CA872D2C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-22] (Microsoft Corporation -> Microsoft)
Task: {81C207F1-0636-4A3C-8FD6-BB5186762748} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1797817695-3140524087-3623043744-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-11-17] (Microsoft Windows -> )
Task: {911E10DD-1AE9-4692-8751-0D0151258971} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A362EF8-91BE-4938-AD25-3A5E6B5DDB25} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB423A2B-41E4-4192-9DAB-2ECE36C25C6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC31F993-D52B-4E9B-8ACA-77AEB8F34F25} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B12C15E3-4031-40A8-9434-75B0B6EE2047} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB812079-3B97-46E1-A5E8-8D60F2DE7894} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-17] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) <==== ATTENTION
Task: {C0093AFA-6E4B-4565-9BD9-6CFD85292586} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)
Task: {C04310FD-E714-4DC4-9084-F7A7E8BCE848} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {C38684F7-90AB-4E69-B4DC-FEA8387E48B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6CA24E4-A723-4698-8CC1-4956551F3DE5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA711F0A-2238-446C-BC5E-2B42D4E33790} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3C431D0-6611-4ADA-9CEB-0106933773B2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD6F9B9D-C2B5-4B40-953B-BBDB50753853} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-20] (Adobe Inc. -> Adobe)
Task: {DDACF7FE-8A0A-4373-8372-CA5A26F6DC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E677DACB-D605-4FF2-AF1E-E4DDC6A1CD80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E79C0B2C-BEAF-4FEA-9662-EE2C274784DC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E91294D4-094C-447E-8B68-B432F2C28B5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB6B852A-45DE-4C1D-8911-973F4D8CAC40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0D61D05-4EDE-4B80-A447-CD4A7AE01BA0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {F6396AAE-D305-4B73-8FD3-5D2804D888DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d67f30f0-0c71-4697-9b7d-1371f23a70e1}: [DhcpNameServer] 192.168.0.1
 
Edge: 
======
Edge Profile: C:\Users\origi\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-16]
 
FireFox:
========
FF DefaultProfile: a559bv13.default
FF ProfilePath: C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\a559bv13.default [2020-11-23]
FF NewTab: Mozilla\Firefox\Profiles\a559bv13.default -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2019-12-25 10:02:22&bName=
FF ProfilePath: C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release [2020-11-27]
FF Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\[email protected] [2020-10-03]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> E:\Program Files\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1797817695-3140524087-3623043744-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\origi\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-05] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-12-19] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-12-19] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default [2020-11-27]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://www.cashrewards.com.au; hxxps://www.guilded.gg
CHR Extension: (Honey) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-11-18]
CHR Extension: (uBlock Origin) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-10-26]
CHR Extension: (Dark Mode) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-11-12]
CHR Extension: (Adobe Acrobat) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-26]
CHR Extension: (Kaspersky Protection) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-01]
CHR Extension: (Cashrewards) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\foehlpanophbpagddidofdpeiappcmgf [2020-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-11-12]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-11-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-19]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-12]
CHR Extension: (HMA VPN Proxy Unblocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poeojclicodamonabcabmapamjkkmnnk [2020-07-19]
CHR Extension: (Nohat) - E:\Downloads\NohatExt_3\NohatExt_3 [2020-08-01]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AORUS LCD Panel Service; C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe [360960 2018-12-21] (CloudBees, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-10-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1728072 2020-10-03] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-26] (GOG Sp. z o.o. -> GOG.com)
R2 Hamachi2Svc; E:\Program Files\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10887816 2020-11-21] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-23] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2148856 2020-02-19] (Plex, Inc. -> Plex, Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
R3 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-11-18] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145304 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\70065\driver_cpu_temperature\logi_core_temp.sys [25448 2020-11-21] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-10-30] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-10-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-10-30] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [138904 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0f53becd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1D9677F7-E130-4FE7-8BE9-3105A03F2511}\MpKslDrv.sys [47336 2020-11-27] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-01-15] (Apple Inc.) [File not signed]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-07] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-27 18:41 - 2020-11-27 18:41 - 000033779 _____ C:\Users\origi\Desktop\FRST.txt
2020-11-27 13:36 - 2020-11-27 13:36 - 000000000 ____D C:\Users\origi\AppData\Local\WeMod
2020-11-26 23:32 - 2020-11-26 23:32 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-11-26 22:35 - 2020-11-26 22:36 - 000000000 ____D C:\Users\origi\AppData\LocalLow\SUPERHOT_Team
2020-11-24 20:22 - 2020-11-26 23:32 - 000138904 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-11-24 20:22 - 2020-11-26 23:32 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-11-24 19:55 - 2020-11-24 19:55 - 000909824 _____ (Farbar) C:\Users\origi\Desktop\FSS.exe
2020-11-23 20:27 - 2020-11-27 15:55 - 000000000 ____D C:\Users\origi\AppData\LocalLow\IGDump
2020-11-23 20:26 - 2020-11-26 23:32 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-23 20:26 - 2020-11-26 23:32 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\Users\origi\AppData\Local\mbam
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-23 20:21 - 2020-11-23 20:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-23 20:20 - 2020-11-23 20:17 - 002076624 _____ (Malwarebytes) C:\Users\origi\Desktop\MBSetup.exe
2020-11-23 20:16 - 2020-11-24 19:37 - 000000000 ____D C:\AdwCleaner
2020-11-23 20:15 - 2020-11-23 20:15 - 008447152 _____ (Malwarebytes) C:\Users\origi\Desktop\AdwCleaner.exe
2020-11-23 20:09 - 2020-11-27 18:40 - 000000000 ____D C:\Users\origi\Desktop\FRST-OlderVersion
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege.url
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege - Vulkan.url
2020-11-21 20:08 - 2020-11-21 20:08 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-11-21 20:08 - 2020-11-21 20:08 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-11-21 20:08 - 2020-11-21 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-11-21 20:08 - 2020-11-21 20:08 - 000000000 ____D C:\Program Files\LGHUB
2020-11-19 21:27 - 2020-11-19 21:30 - 000000000 ____D C:\Users\origi\Documents\Assassin's Creed Valhalla
2020-11-19 20:23 - 2020-11-19 20:23 - 000000235 _____ C:\Users\origi\Desktop\Assassin's Creed Valhalla.url
2020-11-19 19:22 - 2020-11-19 19:22 - 000000234 _____ C:\Users\origi\Desktop\Watch Dogs Legion.url
2020-11-18 18:46 - 2020-11-27 18:41 - 000000000 ____D C:\FRST
2020-11-18 18:46 - 2020-11-27 18:40 - 002290176 _____ (Farbar) C:\Users\origi\Desktop\FRST64.exe
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\Users\Public\Documents\Creative
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\ProgramData\Documents\Creative
2020-11-18 18:31 - 2020-11-18 18:31 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Users\origi\AppData\Local\Downloaded Installations
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\Patriot
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\ENE
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files (x86)\ENE
2020-11-18 18:31 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2020-11-18 18:30 - 2020-11-18 18:32 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2020-11-18 18:30 - 2020-11-18 18:30 - 000003464 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\Users\Public\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\ProgramData\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000000000 ____D C:\Users\origi\Documents\temp
2020-11-18 18:30 - 2020-11-18 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001506032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001027992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-11-18 18:15 - 2020-11-08 04:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-11-18 18:15 - 2020-11-08 04:37 - 000445848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-11-18 18:15 - 2020-11-08 04:36 - 005976296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-18 18:15 - 2020-11-07 15:01 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-18 18:13 - 2020-11-18 18:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-11-18 18:09 - 2020-11-18 18:09 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-11-17 13:47 - 2020-11-16 18:53 - 000000000 ____D C:\Windows.old
2020-11-17 13:45 - 2020-11-17 13:47 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-11-17 13:44 - 2020-11-17 13:45 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-17 13:44 - 2020-11-17 13:44 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-17 13:43 - 2020-11-17 13:43 - 000000000 ____D C:\ProgramData\ssh
2020-11-17 13:41 - 2020-11-17 13:41 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-11-17 13:41 - 2020-11-17 13:41 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-11-17 13:41 - 2020-11-17 13:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-11-17 13:41 - 2020-11-17 13:41 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-11-17 13:41 - 2020-11-17 13:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-11-17 13:41 - 2020-11-17 13:41 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-11-17 13:41 - 2020-11-17 13:41 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2020-11-17 13:41 - 2020-11-17 13:41 - 000101688 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-11-17 13:41 - 2020-11-17 13:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-11-17 13:41 - 2020-11-17 13:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-11-17 13:41 - 2020-11-17 13:41 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-17 13:41 - 2020-11-17 13:41 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-17 13:40 - 2020-11-17 13:40 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-11-17 13:40 - 2020-11-17 13:40 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-17 13:40 - 2020-11-17 13:40 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-17 13:40 - 2020-11-17 13:40 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-17 13:40 - 2020-11-17 13:40 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-11-17 13:40 - 2020-11-17 13:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-11-17 13:40 - 2020-11-17 13:40 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-17 13:40 - 2020-11-17 13:40 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-11-17 13:40 - 2020-11-17 13:40 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-11-17 13:40 - 2020-11-17 13:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-11-17 13:36 - 2020-11-17 13:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files\MSBuild
2020-11-17 13:36 - 2020-11-17 13:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-17 09:52 - 2020-11-17 09:52 - 000000000 ____D C:\Users\origi\AppData\Roaming\HelloGames
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\ProgramData\Desktop\No Man's Sky.lnk
2020-11-17 09:36 - 2020-11-27 11:54 - 000000000 ____D C:\Users\origi\AppData\Roaming\SUPERHOTMCD
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\Users\Public\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\ProgramData\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-16 18:57 - 2020-11-18 18:16 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-16 18:56 - 2020-11-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-16 18:53 - 2020-11-24 20:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-16 18:53 - 2020-11-24 19:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-16 18:53 - 2020-11-16 18:53 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-11-16 18:53 - 2020-11-16 18:53 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-11-16 18:53 - 2020-11-16 18:53 - 000003710 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-16 18:53 - 2020-11-16 18:53 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-16 18:53 - 2020-11-16 18:53 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-16 18:53 - 2020-11-16 18:53 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-16 18:53 - 2020-11-16 18:53 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-16 18:53 - 2020-11-16 18:53 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1797817695-3140524087-3623043744-1001
2020-11-16 18:53 - 2020-11-16 18:53 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-16 18:53 - 2020-11-16 18:53 - 000002638 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2020-11-16 18:53 - 2020-11-16 18:53 - 000000020 ___SH C:\Users\origi\ntuser.ini
2020-11-16 18:53 - 2020-11-16 18:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-16 18:49 - 2020-11-25 22:18 - 000000000 ____D C:\Users\origi
2020-11-16 18:49 - 2019-12-07 20:10 - 000001105 _____ C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-16 18:47 - 2020-11-27 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-16 18:47 - 2020-11-24 20:22 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-16 18:47 - 2020-11-16 18:47 - 000443608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-16 17:40 - 2020-11-16 18:53 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-16 17:36 - 2020-11-16 17:36 - 000000000 ___HD C:\$WinREAgent
2020-11-16 17:31 - 2020-08-03 22:37 - 000065910 _____ C:\Users\origi\Documents\Tom Leys - CV.pdf
2020-11-16 17:30 - 2020-11-23 21:07 - 000000000 ____D C:\Users\origi\Documents\My Games
2020-11-15 20:11 - 2020-11-15 20:11 - 000000000 ____D C:\Users\origi\Downloads\Django Unchained 2012 BluRay 720p [Hindi 2.0 + English 5.1] AAC x264 ESub - mkvCinemas [Telly]
2020-11-14 12:43 - 2020-11-14 12:43 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Hopoo Games, LLC
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\Users\Public\Desktop\Risk of Rain 2.lnk
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\ProgramData\Desktop\Risk of Rain 2.lnk
2020-11-14 12:37 - 2020-11-14 12:37 - 000000000 ____D C:\Users\origi\AppData\Local\Mordhau
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\Users\Public\Desktop\Mordhau.lnk
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\ProgramData\Desktop\Mordhau.lnk
2020-11-11 23:27 - 2020-11-11 23:27 - 000042673 _____ C:\Users\origi\Documents\Book1.xlsx
2020-11-11 17:23 - 2020-11-27 16:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\Users\Public\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\ProgramData\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 16:22 - 2020-11-16 18:49 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2020-11-06 16:22 - 2020-11-09 21:46 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2020-11-04 21:19 - 2020-11-27 18:36 - 000000000 ____D C:\Users\origi\AppData\Roaming\WeMod
2020-11-04 21:19 - 2020-11-27 13:36 - 000002159 _____ C:\Users\origi\Desktop\WeMod.lnk
2020-11-04 21:19 - 2020-11-27 13:36 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-11-04 17:20 - 2020-11-04 17:20 - 000000000 ____D C:\Users\origi\AppData\Roaming\CreamAPI
2020-11-04 15:29 - 2020-11-04 15:35 - 000000000 ____D C:\Users\origi\AppData\Roaming\Sekiro
2020-11-04 15:12 - 2020-11-04 15:12 - 000000617 _____ C:\Users\Public\Desktop\Sekiro - Shadows Die Twice.lnk
2020-11-04 15:12 - 2020-11-04 15:12 - 000000617 _____ C:\ProgramData\Desktop\Sekiro - Shadows Die Twice.lnk
2020-11-04 14:56 - 2020-11-04 14:56 - 000000000 ____D C:\Users\origi\Documents\DyingLight
2020-11-04 14:29 - 2020-11-04 17:33 - 000000703 _____ C:\Users\Public\Desktop\Dying Light - Ultimate Collection.lnk
2020-11-04 14:29 - 2020-11-04 17:33 - 000000703 _____ C:\ProgramData\Desktop\Dying Light - Ultimate Collection.lnk
2020-11-04 14:27 - 2020-11-04 14:27 - 000001760 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2020-11-04 14:27 - 2019-03-19 15:49 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\Users\Public\Desktop\Hades.lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\Users\Public\Desktop\Hades (x86).lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\ProgramData\Desktop\Hades.lnk
2020-11-04 14:03 - 2020-11-04 14:03 - 000000553 _____ C:\ProgramData\Desktop\Hades (x86).lnk
2020-11-03 17:25 - 2020-11-03 21:15 - 000000000 ____D C:\Users\origi\Documents\Teardown
2020-11-03 16:42 - 2020-11-03 16:42 - 000000000 ____D C:\Users\origi\AppData\LocalLow\noio
2020-11-01 22:07 - 2020-11-08 21:52 - 000000000 ____D C:\Users\origi\AppData\Roaming\EasyAntiCheat
2020-10-30 23:58 - 2020-10-30 23:58 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2020-10-30 23:58 - 2020-10-30 23:58 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2020-10-30 23:58 - 2020-10-30 23:58 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2020-10-30 23:14 - 2020-10-23 07:19 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-10-30 23:12 - 2020-11-08 04:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-10-30 23:12 - 2020-11-08 04:36 - 007005008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-10-30 23:12 - 2020-10-28 14:49 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-10-28 22:20 - 2020-10-19 16:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2020-10-28 22:20 - 2020-10-19 16:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-27 18:32 - 2019-12-18 20:58 - 000000000 ____D C:\Program Files (x86)\Steam
2020-11-27 18:30 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-27 18:27 - 2020-01-28 13:17 - 000000000 ____D C:\Users\origi\AppData\Local\Battle.net
2020-11-27 18:03 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Discord
2020-11-27 17:38 - 2019-12-19 12:33 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-27 17:35 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Roaming\Spotify
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-27 17:28 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Local\Ubisoft Game Launcher
2020-11-27 17:28 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-27 17:26 - 2019-12-19 23:41 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Mozilla
2020-11-27 13:36 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Local\SquirrelTemp
2020-11-27 13:31 - 2019-12-25 21:04 - 000000000 ____D C:\Users\origi\AppData\Roaming\uTorrent
2020-11-26 23:26 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-26 18:39 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Local\Spotify
2020-11-26 00:06 - 2019-12-07 20:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-25 22:08 - 2020-08-12 20:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-25 22:08 - 2020-08-12 20:56 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-25 22:08 - 2020-08-12 20:56 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-24 20:25 - 2019-12-23 16:45 - 000000000 ____D C:\Users\origi\AppData\Local\CrashDumps
2020-11-24 20:21 - 2019-12-19 12:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-11-24 20:21 - 2019-12-07 20:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-24 20:21 - 2019-12-07 20:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-11-24 19:52 - 2020-10-08 22:14 - 000000000 ____D C:\Program Files\Cheat Engine 7.1
2020-11-24 19:36 - 2020-08-03 21:29 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 21:07 - 2019-12-26 16:49 - 000000000 ____D C:\Users\origi\AppData\Local\BattlEye
2020-11-23 20:26 - 2019-12-07 20:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-23 20:11 - 2020-09-06 23:33 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-11-23 20:09 - 2019-03-19 15:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-11-22 19:48 - 2019-12-18 22:45 - 000000000 ____D C:\Users\origi\AppData\Local\D3DSCache
2020-11-21 21:42 - 2020-10-03 13:35 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Temp
2020-11-21 21:41 - 2020-04-16 22:50 - 000000000 ____D C:\Users\origi\AppData\Roaming\LGHUB
2020-11-21 21:39 - 2019-12-07 20:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-21 21:34 - 2020-04-17 17:59 - 000000000 ____D C:\Users\origi\AppData\Local\LGHUB
2020-11-19 23:07 - 2019-12-07 20:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-19 20:43 - 2020-05-03 16:40 - 000000000 ____D C:\Users\origi\AppData\Local\My Games
2020-11-19 19:17 - 2020-05-03 16:32 - 000001310 _____ C:\Users\origi\Desktop\Ubisoft Connect.lnk
2020-11-19 19:17 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-11-19 17:57 - 2020-07-21 23:22 - 000000000 ____D C:\Battlestate Games
2020-11-19 08:36 - 2019-12-18 21:28 - 001562560 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-11-19 08:35 - 2020-04-18 17:06 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000170424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000158136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000154032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-11-18 19:48 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA
2020-11-18 18:19 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA Corporation
2020-11-18 18:13 - 2020-07-19 23:19 - 000000000 ___RD C:\Users\origi\iCloudDrive
2020-11-18 14:35 - 2019-12-25 21:02 - 000000000 ____D C:\Users\origi\AppData\Local\BitTorrentHelper
2020-11-17 13:47 - 2020-10-08 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.1
2020-11-17 13:47 - 2020-10-03 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex - Mankind Divided [GOG.com]
2020-11-17 13:47 - 2020-10-01 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-11-17 13:47 - 2020-09-16 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-11-17 13:47 - 2020-09-06 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-11-17 13:47 - 2020-08-10 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2020-11-17 13:47 - 2020-08-04 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.4.6f1 (64-bit)
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\3082
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1055
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1049
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1046
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1045
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1040
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1036
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1033
2020-11-17 13:47 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1029
2020-11-17 13:47 - 2020-07-23 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSCodium
2020-11-17 13:47 - 2020-07-22 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-11-17 13:47 - 2020-07-21 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-11-17 13:47 - 2020-07-19 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-11-17 13:47 - 2020-06-16 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 [GOG.com]
2020-11-17 13:47 - 2020-05-30 05:39 - 000000000 ____D C:\Program Files\UNP
2020-11-17 13:47 - 2020-04-17 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-17 13:47 - 2020-04-11 17:42 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2020-11-17 13:47 - 2020-04-04 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-11-17 13:47 - 2020-03-15 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-11-17 13:47 - 2020-02-24 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-11-17 13:47 - 2020-01-28 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-11-17 13:47 - 2020-01-25 00:33 - 000000000 ____D C:\WINDOWS\ShellNew
2020-11-17 13:47 - 2020-01-25 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2020-11-17 13:47 - 2020-01-13 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-11-17 13:47 - 2020-01-11 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2020-11-17 13:47 - 2020-01-11 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2020-11-17 13:47 - 2020-01-02 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2020-11-17 13:47 - 2020-01-01 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-17 13:47 - 2019-12-30 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2020-11-17 13:47 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\regid.1995-09.com.example
2020-11-17 13:47 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UWPHook
2020-11-17 13:47 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-17 13:47 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2020-11-17 13:47 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-11-17 13:47 - 2019-12-18 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-17 13:47 - 2019-12-18 22:13 - 000000000 ____D C:\WINDOWS\system32\Samsung
2020-11-17 13:47 - 2019-12-18 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-11-17 13:47 - 2019-12-18 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-11-17 13:47 - 2019-12-07 20:18 - 000000000 ____D C:\WINDOWS\Setup
2020-11-17 13:47 - 2019-12-07 20:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-17 13:47 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-17 13:47 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2020-11-17 13:45 - 2020-07-24 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2020-11-17 13:45 - 2020-07-22 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-11-17 13:45 - 2020-02-15 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-11-17 13:43 - 2019-12-07 20:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-17 13:43 - 2019-12-07 20:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-17 13:43 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-17 13:43 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-17 13:43 - 2019-12-07 20:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-17 13:37 - 2019-12-07 20:52 - 000000000 ____D C:\WINDOWS\OCR
2020-11-17 08:35 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-17 08:33 - 2019-12-19 12:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-17 01:58 - 2019-12-19 12:13 - 000000000 ____D C:\Users\origi\AppData\Local\Packages
2020-11-17 01:58 - 2019-12-19 12:11 - 000000000 ____D C:\ProgramData\Packages
2020-11-16 18:56 - 2020-04-11 16:47 - 000000000 ____D C:\Users\origi\AppData\LocalLow\uTorrent
2020-11-16 18:56 - 2019-12-19 12:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-16 18:54 - 2019-12-19 12:13 - 000000000 ___RD C:\Users\origi\3D Objects
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-16 18:53 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-16 18:51 - 2019-12-07 20:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-16 18:50 - 2020-07-19 23:19 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-11-16 18:49 - 2020-09-23 13:48 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2020-11-16 18:49 - 2020-09-23 13:31 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-11-16 18:49 - 2020-07-25 21:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macroplant LLC
2020-11-16 18:49 - 2020-07-01 20:46 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnakeBite
2020-11-16 18:49 - 2020-06-23 19:27 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2
2020-11-16 18:49 - 2020-06-23 18:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2 for Terraria 1.3.5.3
2020-11-16 18:49 - 2020-04-05 21:00 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-11-16 18:49 - 2020-01-19 15:22 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-11-16 18:49 - 2020-01-01 13:58 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-16 18:49 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-11-16 18:48 - 2019-12-19 12:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-16 18:47 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-16 17:26 - 2019-12-19 12:14 - 000000000 ___RD C:\Users\origi\OneDrive
2020-11-16 17:16 - 2019-12-19 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-16 17:16 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-15 22:06 - 2019-12-18 23:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Twitch
2020-11-15 18:10 - 2020-04-17 16:39 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-14 22:25 - 2020-04-04 20:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\vlc
2020-11-14 12:37 - 2019-12-29 23:33 - 000000000 ____D C:\Users\origi\AppData\Local\UnrealEngine
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\ProgramData\Desktop\Battlestate Games Launcher.lnk
2020-11-12 01:44 - 2019-12-23 14:33 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-12 01:44 - 2019-12-23 14:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 23:33 - 2019-12-19 23:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-07 00:04 - 2019-12-19 11:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 14:27 - 2020-06-28 23:21 - 000000000 ____D C:\Users\origi\AppData\Local\GameAnalytics
2020-11-04 10:57 - 2019-12-19 23:13 - 000000000 ____D C:\Users\origi\AppData\LocalLow\MCC
2020-10-31 13:53 - 2020-08-17 00:43 - 000000000 ____D C:\websymbols
2020-10-31 00:03 - 2020-09-06 23:41 - 000795000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-10-28 22:20 - 2019-12-19 12:36 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-10-28 22:20 - 2019-12-19 12:36 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-10-28 22:20 - 2019-12-19 12:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-28 22:20 - 2019-12-19 12:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-28 22:20 - 2019-12-19 12:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-28 00:20 - 2019-12-19 12:15 - 000000000 ____D C:\Users\origi\AppData\Local\PlaceholderTileLogoFolder
 
==================== Files in the root of some directories ========
 
2020-08-27 23:25 - 2020-08-27 23:26 - 000000190 _____ () C:\Users\origi\AppData\Roaming\modthegungeon.conf
2020-08-06 21:25 - 2020-08-06 21:25 - 000013981 _____ () C:\Users\origi\AppData\Local\recently-used.xbel
2020-01-21 23:21 - 2020-07-22 00:33 - 000007601 _____ () C:\Users\origi\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Addition.txt: 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2020
Ran by origi (27-11-2020 18:43:00)
Running from C:\Users\origi\Desktop
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-11-16 07:53:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1797817695-3140524087-3623043744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1797817695-3140524087-3623043744-503 - Limited - Disabled)
Guest (S-1-5-21-1797817695-3140524087-3623043744-501 - Limited - Disabled)
origi (S-1-5-21-1797817695-3140524087-3623043744-1001 - Administrator - Enabled) => C:\Users\origi
WDAGUtilityAccount (S-1-5-21-1797817695-3140524087-3623043744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
AltServer (HKLM-x32\...\{6CC7EBC1-2C38-4717-B13D-CB0A478552EF}) (Version: 1.3.2 - Riley Testut)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.2.0 - GIGABYTE Technology Co.,Inc.)
AORUS LCD Panel Setting (HKLM-x32\...\{82026686-454E-4233-83E3-4045BC3FB31C}_is1) (Version: 1.0.3.1 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version:  - Ubisoft)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0.1 - shockingsoft.com)
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 10.4.2.1226 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.4.2.1226 - Battlestate Games)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.66.0 - Bethesda Softworks)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.205.0.1006 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.1 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Deus Ex: Mankind Divided (HKLM-x32\...\1296690054_is1) (Version: 1.19 hotfix - GOG.com)
Deus Ex: Mankind Divided™ DLC - Season Pass (HKLM-x32\...\1753119582_is1) (Version: 1.19 hotfix - GOG.com)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648 - GOG.com)
Dying Light: Ultimate Collection (HKLM-x32\...\Dying Light: Ultimate Collection_is1) (Version:  - )
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.8.9819 - Battlestate Games)
Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
Hades (HKLM-x32\...\Hades_is1) (Version:  - )
icecap_collection_neutral (HKLM-x32\...\{2A00DCB3-752F-446C-B3B3-1B6ADFBFF3E3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{BE5E54C4-6B68-4AE3-A7F4-45F0D29D48D3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{1E6E5904-E97F-41F7-B3DB-0C8CD3180E3C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{7FD392DF-51A1-4DC1-9C6F-BF7C58A576AC}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
iExplorer (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\2ee35ebaf226322a) (Version: 4.3.4.0 - Macroplant LLC)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{65A59264-DFCE-498D-A091-D124C6EFB6FF}) (Version: 12.10.8.5 - Apple Inc.)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LazyClicker (HKLM-x32\...\{FB523953-2434-4FB2-A027-F42B395659F8}) (Version: 1.1.0.27 - LazyClicker)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft .NET Core SDK 3.1.302 (x64) from Visual Studio (HKLM\...\{539053B2-E414-46BC-B4CD-365E79AFEA79}) (Version: 3.1.302.015188 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0006 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2037.624 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Mordhau (HKLM-x32\...\Mordhau_is1) (Version:  - )
Mozilla Firefox 82.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 82.0.3 (x64 en-US)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
Node.js (HKLM\...\{97FD2F60-C3CD-417D-A5F6-C538B37054CC}) (Version: 12.16.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
PlanetSide 2 (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plex Media Server (HKLM-x32\...\{203FDA60-7969-4EB3-BD69-4D1752B3C6F9}) (Version: 1.18.2438 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{440398c3-62c1-4e0e-b558-5ca3f78e1d94}) (Version: 1.18.7.2438 - Plex, Inc.)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.8.5 (32-bit) (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{44a59e57-34e2-4d86-93ba-a2588bfac760}) (Version: 3.8.5150.0 - Python Software Foundation)
Python 3.8.5 Add to Path (32-bit) (HKLM-x32\...\{2D01141A-8022-4100-B256-02EFB0F1830B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Core Interpreter (32-bit) (HKLM-x32\...\{31F7FCA7-1F15-48FD-BFB9-91FE58FC2F07}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Development Libraries (32-bit) (HKLM-x32\...\{657AEF25-7BC3-4E93-A08C-ECD14E8A74AE}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Documentation (32-bit) (HKLM-x32\...\{F7A293EB-21B8-45DE-85A5-8ADEB68B9EFB}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Executables (32-bit) (HKLM-x32\...\{F6156224-C882-453A-9046-EFCD31982E68}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 pip Bootstrap (32-bit) (HKLM-x32\...\{71C0D67F-EF42-4C5C-A2AE-04FD8B38AB1C}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Standard Library (32-bit) (HKLM-x32\...\{4D147A72-5C01-47B2-8789-1D1969F6AC32}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{653FBD26-2D1A-48C1-AAB1-0AB6F2A3749B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Test Suite (32-bit) (HKLM-x32\...\{DE45C740-8250-4A49-8B81-FE347C70E6BA}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Utility Scripts (32-bit) (HKLM-x32\...\{9450D936-1E4F-44EF-A0D4-92C471229B98}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{CEEAEA02-2472-4BF6-8994-52D6783F5575}) (Version: 3.8.7140.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1030.101917 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1311.27 - Rockstar Games)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1105.1 - GIGABYTE)
Risk of Rain 2 (HKLM-x32\...\Risk of Rain 2_is1) (Version:  - )
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version:  - )
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior Contracts_is1) (Version:  - )
Spotify (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Spotify) (Version: 1.1.46.916.g416cacf1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{B5747469-E9CA-4F7C-A964-0A32DF449B24}) (Version: 1.18.2438 - Plex, Inc.) Hidden
superhot: mind control delete (HKLM-x32\...\superhot: mind control delete_is1) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
Terraria Tweaker 2 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2) (Version: "2.3.1405.0" - TiberiumFusion)
Terraria Tweaker 2 for Terraria 1.3.5.3 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2 for Terraria 1.3.5.3) (Version: "2.2.1353.0" - TiberiumFusion)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
thriXXX 3DKink-500.001 (HKLM-x32\...\3DKink-500.001) (Version:  - thriXXX Software GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Twitch (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2019.4.6f1 - Unity Technologies ApS)
Unity Hub 2.3.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.3.2 - Unity Technologies Inc.)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UWPHok (HKLM-x32\...\UWPHook 2.5.1) (Version: 2.5.1 - Briano)
UWPHook (HKLM-x32\...\{52B9D66E-8B17-4E82-94EE-9664614B67A2}) (Version: 2.5.1 - Briano) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{B2AC4CE4-2533-4485-B3B5-2F645C2DD325}) (Version: 14.26.28808 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\2a34e2d9) (Version: 16.6.30320.27 - Microsoft Corporation)
Visual Studio Team Explorer 2017 (HKLM-x32\...\b0a2d319) (Version: 15.9.28307.1216 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.4 - Black Tree Gaming Ltd.)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{2CCEC45B-1462-4FFD-8214-90E3C25000F7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0A54CADD-CBA1-4BC9-A134-6C9F91F41B9A}) (Version: 16.5.29521 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
VSCodium (HKLM\...\{D77B7E06-80BA-4137-BCF4-654B95CCEBC5}_is1) (Version: 1.47.2 - Microsoft Corporation)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version:  - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version:  - Ubisoft)
WeMod (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\WeMod) (Version: 6.3.11 - WeMod)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.47.2.0_x86__kgqvnymyfvs32 [2020-11-25] (king.com)
Clustertruck -> C:\Program Files\WindowsApps\tinyBuildGames.3289435C1E20_1.0.3.0_x86__3sz1pp2ynv2xe [2020-01-04] (tinyBuild Games)
Death's Gambit -> C:\Program Files\WindowsApps\CartoonInteractiveGroupIn.DeathsGambit_1.0.0.0_x64__6c1aaymwt3dwm [2020-02-18] (Cartoon Interactive Group Inc.)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.48.4.0_x86__kgqvnymyfvs32 [2020-11-07] (king.com)
FTL: Faster Than Light -> C:\Program Files\WindowsApps\Mutable\SubsetGames.FTLFasterThanLight_1.6.13.0_x86__gvagsjwfgyhyc [2020-01-10] (Subset Games)
Golf With Your Friends -> C:\Program Files\WindowsApps\Team17DigitalLimited.GolfWithYourFriendsWin10_1.0.12.0_x64__j5x4vj4y67jhc [2020-10-29] (Team17 Digital Limited)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Mutable\Microsoft.Chelan_1.1955.0.0_x64__8wekyb3d8bbwe [2020-11-21] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
My Friend Pedro Win10 -> C:\Program Files\WindowsApps\DevolverDigital.MyFriendPedroWin10_1.0.6.0_x64__6kzv4j18v0c96 [2020-05-06] (Devolver Digital)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-04-14] (Realtek Semiconductor Corp)
The Master Chief Collection: Halo 2 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo2_1.1448.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3: ODST -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3ODST_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo CE -> C:\Program Files\WindowsApps\Microsoft.HaloCombatEvolved_1.1367.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
Totally Accurate Battle Simulator (Game Preview) -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.24.0_x64__r2vq7k2y0v9ct [2020-09-01] (Landfall Games)
UNDERTALE -> C:\Program Files\WindowsApps\8-4Ltd.Undertale-Windows10_1.1.0.0_x86__c74r4999cqbdr [2020-01-04] (8-4, Ltd.)
West of Loathing -> C:\Program Files\WindowsApps\Asymmetric.WestofLoathing_1.1111.1111.0_x64__y20smdktffva2 [2020-04-30] (Asymmetric Publications, LLC)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-04-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-22] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\origi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --force-dark-mode
 
==================== Loaded Modules (Whitelisted) =============
 
2020-11-18 18:30 - 2019-08-05 13:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll
2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 085372416 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 098275328 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 000092672 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 003922432 _____ () [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 002010112 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GbtCpuLib.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2020-11-18 18:30 - 2019-12-09 17:27 - 000289792 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVBIOSLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000628736 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvComW.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000013312 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvCrypt.dll
2020-11-18 18:30 - 2020-10-23 11:27 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVDisplay.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000240640 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvIllumLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000218112 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvOrderLib.dll
2020-11-18 18:32 - 2020-09-14 09:07 - 000472576 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\GVDisplay.dll
2020-07-08 10:49 - 2020-07-08 10:49 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACDDR_Lib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-11-05 07:49 - 2020-11-05 07:49 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 001079808 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\MFC80U.DLL
2018-08-30 16:26 - 2018-08-30 16:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
2020-02-27 04:16 - 2020-02-27 04:16 - 000518144 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2019-12-29 23:33 - 2019-12-29 23:33 - 000547840 _____ (The Chromium Authors) [File not signed] E:\Program Files\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-11-18 18:30 - 2019-08-27 13:22 - 000224256 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvAutoUpdate.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-11-05 15:15 - 2020-11-05 15:15 - 000492544 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-10-22 15:05 - 2020-10-22 15:05 - 002107392 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
SearchScopes: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-31] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\sharepoint.com -> hxxps://mqoutlook-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\wustat.windows.com -> hxxp://wustat.windows.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 15:49 - 2020-11-23 20:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\;C:\Program Files\VSCodium\bin;C:\Program Files\dotnet\
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\Control Panel\Desktop\\Wallpaper -> E:\Pictures\Wallpapers\RGB Circles.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Synapse3"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{F10D8E68-791F-40DA-B562-571EC41B5850}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
FirewallRules: [TCP Query User{940071B3-1041-4A24-9CD6-36A0502F8418}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
FirewallRules: [{44B75A98-6FC8-40C6-9EBF-C16D01755B28}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{A933E254-B7CE-4C1A-888A-C3E35222C782}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [UDP Query User{B6446B56-F82C-4ABC-BB1F-637DEC2B7F89}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{6D2A8BAA-6BB1-4876-9122-F48193FF86BF}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{C4763C34-DCA4-4E02-B3D0-A49C58951873}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [TCP Query User{19752260-5051-43C3-B0BA-962487E1C33F}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [{08A7615C-013D-445F-8E0E-E7BD1ED90D6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{027D44AF-D56D-4483-963E-AC5795B19E62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A193A34-7EFE-4DFA-A067-4E753DB615F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7187FD66-B038-40AA-9455-58B0BDE2B267}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{54D767F1-03F2-4457-948B-AF0FB9A293E0}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{95179F55-D539-4CCD-A60D-E65966490B8D}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [UDP Query User{F0FD4D93-F6DE-411F-86C9-C69D2BCB6794}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{A3134F08-16BE-4B7D-89F4-48A33035CF54}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{D7ED7EBC-65F4-44DE-9E4B-129A75F9D25B}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{60E24A6F-4970-4D38-A294-E392C7E62792}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{325DCF6B-91C0-4783-A4CE-8E1F092F642D}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [TCP Query User{78C9547E-474E-4F31-A8E0-D8386AA715C4}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [{F44F34B3-9256-463E-A5EF-AD01CA3B2D4D}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [{CB509D4A-F2C1-400A-822A-F96E6F84A3AB}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [UDP Query User{A2390B05-03FD-4FF0-9D91-AD3EC97BD96D}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{6B3FA829-0710-45F7-A03A-3FD37AEAF171}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{864D0893-5D28-4E25-97DF-788A8F24600D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43EC5C06-C5C2-437A-B078-B86D69973A3F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{C36AEA6D-181B-4149-AEF0-24A28DF74D3C}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [TCP Query User{F318B14C-86A2-4A84-9CE2-BCA4DB71EC71}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [{B13B0A28-5CD1-4D3E-960A-FABE2F743E12}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{BAD16577-D190-4412-98F0-FEFA6098F3EE}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{34020297-0BDC-4BC0-BFD5-3687EAA12AE5}] => (Block) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{87219C25-F2EC-40E1-97FC-5D4D41F4338F}] => (Allow) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{33DFD611-4C4E-4B7C-B1DA-622AFE290435}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{8D1BB9DB-4E7F-4D46-A3D6-FDDD22AF366C}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{F7861289-6A85-4C72-BDBA-083871DE2E4A}] => (Allow) E:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{45A508BD-343A-4D9E-945F-70CC137AC76C}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{BB29CB11-64CD-4DF4-B66E-A95E49B1CFDB}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{FD2C0B71-4D0F-4808-8575-3745905AD28B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{42B6660B-5ED1-4BDF-ACE0-BCE07F03781E}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [TCP Query User{2E6F1D60-AAEB-48C7-A51E-38370BF4EF6D}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [{306AADBD-AAB4-48E8-B6BE-1D07B1664146}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{14214BC4-7917-4BE6-8A67-A2CFBA885D72}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{0AA59250-7B8C-4F0B-B5D8-E7ED64852855}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7894A19D-2B41-4099-9E03-82B6D3308E9D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{25104F42-C5A8-4AE5-9A08-42298714AADB}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{99B4E8E8-1893-45F4-B5B0-AAD3BF112D6F}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{D74360E7-C50A-46DF-AD5E-2C9688CF483A}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{CCB71434-5169-4097-BA00-7690F3C94336}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{902D3AF8-D32A-49DF-BAE8-1CE4254B49EA}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{FD22DB00-BAB7-421D-A3E1-FE4A6BE12D4B}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{59509B66-C71C-40E8-B222-A05CF7ADA902}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{917C14FA-FDFF-4937-BCAE-39FB92079AAC}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{CEABD935-8832-494B-A277-AD723C16E8F8}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{B0039ED2-34D8-4DFB-B8EB-41154C09EB05}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{7415C043-6DD1-4770-A6C8-153E8015635A}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{34EFECF9-D2DC-414B-A068-4E4C11EB15A0}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{9D3CB140-B85C-431D-851D-33EBBB64EC4B}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{F7A51524-6680-4817-93B3-4FB20321B983}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{3C65C792-A8A6-4101-8CBF-FAD144FE474C}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{76D91F81-F31B-43C4-9177-0E98E20133F9}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{231FB57E-6AF9-4F2C-8C54-DF7F8F2A6C50}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{501753C0-C5BD-4D9D-839B-268FE5CB0B86}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{14C03299-DCF1-4508-9CD7-1930CFE6A274}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{D2E7ADDF-1589-4FD8-B3FC-B3D85A9B6F5A}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{8258957B-DCB5-458C-A270-134327AF3811}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{12EB542A-9BFF-47E6-87D3-6F1FF5E34FC6}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{C3C791EF-22BA-4F59-BC25-51D0DB5E0278}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{6CB92D7C-7DC3-4EF9-8A37-9CF84197A520}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [{4DF7FE8E-0264-44E6-996A-3EA5A94F8F1E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{3EB1A1BC-42C9-44A0-89E2-F9549E72F139}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{FFD736D3-BF75-404F-824A-E87DD328C3C6}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{479AD954-D64B-46EF-B046-3A916A2EC95F}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{8B221CFE-47F8-4418-8A2E-7C501FB79A01}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{2BF9EA75-998A-4D25-8EED-266FBB0A448E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{75B083B5-47D8-4A9F-918B-8CF993A4005E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FE0709B9-6DEE-484F-95D1-8F53EEEB9016}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{80301D8A-7F60-4685-836F-B3CA6609C81A}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{5A6BBD9F-E23D-49EF-8003-E642669DC7E8}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [TCP Query User{666556D2-4339-4484-ADBA-D27818139021}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [{F5195C8B-3C8F-4A3E-8A2C-09EAA4D02842}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [{AA3F5F3A-F171-441A-BBE7-4FE7B3C3C54D}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [{9AB356E3-1C49-45D0-92D7-21143CECE733}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF43DDDA-4442-4233-92D0-7B28CA43BE7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D32F1D5B-BD93-4F80-84D4-A6F24F3169AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A112E236-9BD0-4F0E-8E86-3BD9995DA22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DB41F1CC-4157-4B2E-A46B-7773491713E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FC6E254-4932-44EE-8D54-F26D58C8CDB8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE17E754-D40D-4F7B-B445-04F317D4BA55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{238925C4-1354-4AA1-865D-9620EE84EE56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{56B0067E-EA09-4D6F-83E3-866094057A59}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{B4288E7E-F78B-45DB-9477-1BCF095B4053}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{FB7BE848-FDE0-4D65-854D-A34E5904B18B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2E58401E-54F3-4071-9DD0-8A3A3B1F7D5B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{55F4F4E4-6DE8-4FF7-B391-C1E19A1E0988}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{625B937E-C165-4A10-ABEC-6739A4F19C76}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EC3D6E3F-D22B-45FF-86FD-73A42E37BC01}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{FCE58226-D93B-44EF-B104-E9B412434148}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{B3D20E8A-DAC4-4319-9B5C-13D59B6BC4D8}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FEE9CE96-58F4-4030-88CB-5B5EE3B47F3A}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{03684179-A6B7-408B-A2B0-41545EC96826}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [UDP Query User{655C2BD9-62B4-4B6D-BD3A-72C4AEC22A73}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [TCP Query User{BE68303A-CA83-45AF-AA41-E58A9D8245F3}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{32E8EDC4-0755-42CB-8BD0-1A4EB166C618}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{410561EF-AB33-4577-B74F-B67E1FC6DF4F}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{B2E877D3-5FF6-4FCA-BB52-BC96F1D944F6}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{16B1414A-FE63-4C3A-B9C7-5587D7AC39D2}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{68E21DC7-8280-4F29-80E2-E6BB9677AFC1}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{79D1F9F0-DBCB-4B21-8FA6-69D2F2F2E332}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{08C2D746-BDCB-45BF-80E3-DDCDDD0EE60C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{420E550E-47C4-4454-A99A-8EE7BBCA1EDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8079971B-C0B8-4E0A-9744-6D2A1973AF10}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{BCDE392E-AEFB-43AC-AC45-EBCA7CBD289E}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{15887DF6-8639-4AAB-A645-BC33B1BACC1D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{465FB64B-5046-4360-9AEE-EF848A8994D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32EAD7C7-073D-4808-8491-BB3BC3B0B971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA6EA858-6A11-4455-8ABF-32AD4BA524C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBD423BF-4015-4ACF-9104-6B0F247AE9E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7544C042-590A-40EC-BD55-3CF5B74790E4}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8767F310-C7B1-4FF3-98AD-F83BF76E2F02}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F143E14A-ED9B-49A4-BEEF-027B7A355C9C}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7EADD2C3-3F8F-4CAA-B403-E0814133A116}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
 
==================== Restore Points =========================
 
23-11-2020 21:06:16 Installed DirectX
27-11-2020 17:28:15 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112
 
==================== Faulty Device Manager Devices ============
 
Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/25/2020 12:01:46 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{9a8732ff-18d5-0322-1c0f-0df7da13f473}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (11/25/2020 12:01:46 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{6f91f53b-c14a-3a64-b8d5-75033d930404}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (11/24/2020 08:25:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x20dc
Faulting application start time: 0x01d6c243c3c81070
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 62479c28-105e-4e80-adbb-cd6cd7a63d33
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1060
Faulting application start time: 0x01d6c243c351cb9e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 8dd8dd82-e66a-41e2-95e3-70ec3aec38fd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0xcc8
Faulting application start time: 0x01d6c243c2dd2f8e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 0783a1f3-ceb6-4e65-85d4-87a69114e06b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x8e8
Faulting application start time: 0x01d6c243c2680fa4
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: a315d439-23f7-4c2a-aa2e-adb2a5276891
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1968
Faulting application start time: 0x01d6c243c1f320f2
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 2d098043-ea4b-4339-9381-3ca9127dd020
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/24/2020 08:25:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1460
Faulting application start time: 0x01d6c243c17bbe03
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 4b6139a1-5477-4c9d-88cd-c85a9374e367
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/24/2020 08:21:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AORUS LCD Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:41:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240017: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.327.1458.0).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (11/24/2020 07:37:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AORUS LCD Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/24/2020 07:37:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA FrameView SDK service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2020-11-27 13:39:54.2010000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:45.1350000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:37.7120000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444770255.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:13.9190000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444736970.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-27 13:39:04.4280000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.DE!ml
ID: 2147757793
Severity: Severe
Category: Trojan
Path: file:_C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444736970.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\origi\AppData\Local\WeMod\app-6.3.11\WeMod.exe
Security intelligence Version: AV: 1.327.1600.0, AS: 1.327.1600.0, NIS: 1.327.1600.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
CodeIntegrity:
===================================
 
Date: 2020-11-24 20:01:15.8600000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 20:01:11.2530000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 20:01:11.2390000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:55:43.5890000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:55:43.5750000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:51:51.2970000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:51:51.2810000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
Date: 2020-11-24 19:40:43.2850000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F8 05/24/2019
Motherboard: Gigabyte Technology Co., Ltd. Z390 UD
Processor: Intel® Core™ i7-9700KF CPU @ 3.60GHz
Percentage of memory in use: 62%
Total physical RAM: 16315.74 MB
Available physical RAM: 6106.4 MB
Total Virtual: 32699.74 MB
Available Virtual: 15884.63 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:476.31 GB) (Free:123.7 GB) NTFS
Drive e: (General Data) (Fixed) (Total:1863 GB) (Free:23.54 GB) NTFS
 
\\?\Volume{b980258e-7d1d-4849-9afc-62f134671dbe}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{6f91f53b-c14a-3a64-b8d5-75033d930404}\ () (Fixed) (Total:134.04 GB) (Free:0 GB) NTFS
\\?\Volume{9a8732ff-18d5-0322-1c0f-0df7da13f473}\ () (Fixed) (Total:0.38 GB) (Free:0 GB) NTFS
\\?\Volume{5b1288a7-6dfa-3ed5-2a67-433444f12d55}\ () (Fixed) (Total:0.23 GB) (Free:0 GB) NTFS
\\?\Volume{a0c79aa4-df4d-c91a-9b4d-d792d91b3c8f}\ () (Fixed) (Total:0.12 GB) (Free:0 GB) NTFS
\\?\Volume{80d34bf8-f98b-51da-b17a-8eba6eddd503}\ () (Fixed) (Total:0.66 GB) (Free:0 GB) NTFS
\\?\Volume{0b93ca05-ce54-9fb7-26ea-9bfb7aa697a4}\ () (Fixed) (Total:3.6 GB) (Free:0 GB) NTFS
\\?\Volume{3db56128-1cef-3089-2d29-5603c1d1e215}\ () (Fixed) (Total:3.01 GB) (Free:0 GB) NTFS
\\?\Volume{fef99fd2-93ea-80ca-9155-61e105c116a9}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{6c13b06c-a0dc-e5f8-ab8a-7be7b50dd034}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{39facdf8-c027-8a74-e579-ac7250cc7dc1}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{e930a4ec-d1bd-3b79-11a2-3df525ee525a}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{eaca5632-2c1b-ac1d-f709-31a4953839c1}\ () (Fixed) (Total:3.45 GB) (Free:0 GB) NTFS
\\?\Volume{68f7e57c-6419-88e0-5f5a-c90c1a5bf2f9}\ () (Fixed) (Total:0.39 GB) (Free:0 GB) NTFS
\\?\Volume{0fa0f211-8bd9-4599-9a11-04caf0476453}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 9.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 10.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 11.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 12.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 13.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 14.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 15.
 
==================== End of Addition.txt =======================

  • 0

#18
Mingo_TTV
Posted 27 November 2020 - 01:56 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi,

 

Sorry, I didn't see that you had replied until now.

I've attached the two logs.

Attached Files


  • 0

#19
DR M
Posted 27 November 2020 - 01:51 PM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Thank you.

 

I am currently reviewing the logs.


  • 0

#20
DR M
Posted 28 November 2020 - 05:20 PM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts
Hi, Mingo_TTV.
 
It seems that Kaspersky products are not completely uninstalled. Let's use Revo uninstaller to completely remove them.
 
1. Uninstall Kaspersky with Revo
  • Download the Revo Uninstaller (Free Download) and save it on your Desktop.
  • Double click on the exe file created on your Desktop to run the installer, and follow the instructions to install the program.
  • Double click the program's icon to open it.
  • Write in the search area, on the top left, the following program:
Kaspersky Secure Connection
  • Choose the Uninstall tab from the menu and let the program to create a Restore point.
  • Choose Scan, and then the Advanced mode scan.
  • Select all the Sophos Anti-Virus items found, Delete and Next.
  • Let the procedure be completed and click on Finish.
  • Restart the computer.
Repeat the above procedure for the following program:
Kaspersky Total Security
 
2. Uninstall a Firefox profile
  • Close your Firefox browser.
  • Press the Windows logo key on your keyboard, together with the letter R.
  • In the run area type firefox.exe -profilemanager and click OK. The Firefox - Choose User Profile dialog opens.
  • Select the a559bv13.default profile.
  • Click Delete Profile...
  • Click Exit to close the Firefox - Choose User Profile dialog.
 
3. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: Mozilla\Firefox\Profiles\a559bv13.default -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2019-12-25 10:02:22&bName=
C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.
 
4. Feedback
 
Regardless the start up issue with the black screen and the flickering taskbar, are you dealing with any other issue? Please, proceed with the above and then we will deal with anything else.
  • 0

#21
Mingo_TTV
Posted 28 November 2020 - 05:53 PM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi DR M,

 

I haven't been able to complete steps 1 or 2, and haven't attempted step 3 as it seems dependant on the step 2 being completed.

 

Step 1: When searching, nothing comes up for Kaspersky Secure Connection or even when I type "ka" as shown in the screenshot below. download.png

 

Step 2: When viewing my profiles, the requested one that you asked me to delete isn't appearing. The only 2 that are showing are included in the next screenshot below. download(1).png

 

 

 

The only other issue that I am aware of that also started with the flickering screen issue is that my profile picture is now a very pixelated dafault profile picture. Please see the final attached screenshot below. download(2).png

 

Attached Thumbnails

  • download.png
  • download (1).png
  • download (2).png

  • 0

#22
DR M
Posted 28 November 2020 - 06:22 PM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts
Hi.

The profile account in Firefox that needs to be deleted is default (the second one).

Remove that and we will deal with the other issues later.
  • 0

#23
Mingo_TTV
Posted 30 November 2020 - 02:31 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

I've deleted the second profile and run the fix. Fix log is below;

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2020
Ran by origi (30-11-2020 17:38:58) Run:3
Running from C:\Users\origi\Desktop
Loaded Profiles: origi
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: Mozilla\Firefox\Profiles\a559bv13.default -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2019-12-25 10:02:22&bName=
C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"FF NewTab: Mozilla\Firefox\Profiles\a559bv13.default -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2019-12-25 10:02:22&bName=" => not found
"C:\Users\origi\AppData\Roaming\WeMod\App\trainers\download\Trainer_30650_e93ea0d06e.dll.1606444777686.tmp" => not found
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55146241 B
Java, Flash, Steam htmlcache => 30722912 B
Windows/system/drivers => 103088994 B
Edge => 0 B
Chrome => 375577490 B
Firefox => 431720209 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 31236 B
NetworkService => 53594 B
origi => 4198651190 B
 
RecycleBin => 2526965262 B
EmptyTemp: => 7.2 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End -1 Fixlog 17:41:38 ====

  • 0

#24
DR M
Posted 01 December 2020 - 06:40 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi, Mingo_TTV.

The computer now is clean from malware, thus, we can deal with the other issues. A flickering taskbar or other errors, including an explorer.exe error, may indicate corrupted system files. I would suggest an in-place upgrade of the computer. This will reinstall and update the operating system and fix any corruptions, without removing any file or program.

A. In-place upgrade

1. Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
2. Save the tool on your Desktop and double click to run it.
3. On the License terms page, if you accept the license terms, select Accept.
4. On the What do you want to do page, select Upgrade this PC now, and then select Next.
6. Follow the instructions and select Keep personal files and apps, when you are asked to.
7. It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
8. After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

When the upgrade is finished, please report here again, providing fresh FRST logs:

2. Fresh FRST logs

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply.

  • 0

#25
Mingo_TTV
Posted 02 December 2020 - 06:39 PM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Thank you for your help again DR M.

 

I have followed your instructions up until step 6 as it won't let me select any other options as per the screenshot attached.

Attached Thumbnails

  • Screenshot 2020-12-03 113618.png

  • 0

Advertisements

#26
DR M
Posted 03 December 2020 - 09:24 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi, Mingo_TTV.

 

Since I didn't provided a link to the Microsoft page (my fault and apologize :)  ), I would like to make sure that you went to the correct page and followed the instructions.

 

This is the page from where you will download the media tool.


  • 0

#27
DR M
Posted 05 December 2020 - 08:59 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi. :)

It seems that this issue is not only yours. It's a bug regarding the last Windows upgrade (20H20) and it's going to be fixed during this month.

For now, what you can do to fix that bug is to follow these steps:

  • Open Settings > Update & Security > Windows Update.
  • Click on View update history button.
  • Click on Uninstall updates.
  • In Control Panel window, look for KB4562830.
  • Select the update package and click on Uninstall.
  • Reboot your system.

Then, follow the instructions in my previous post here: http://www.geekstogo...-2#entry2654865


  • 0

#28
Mingo_TTV
Posted 06 December 2020 - 12:06 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hey,

 

Looks like you were right about that bug. After uninstalling that update I was able to reinstall Windows and keep my files. :)

 

Since reintalling windows, my desktop and taskbar no longer flickers after restarting! One weird thing that has happened is that half of my background desktop image is now their weird yellow texture, and the other half is my old desktop picture. This isn't an issue for me to change back to the original picture but just seems strange to happen after the install. Attached are the 2 logs from FRST.

 

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2020
Ran by origi (administrator) on DESKTOP-Q4STC4U (Gigabyte Technology Co., Ltd. Z390 UD) (06-12-2020 16:56:13)
Running from C:\Users\origi\Desktop
Loaded Profiles: origi
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(CloudBees, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe
(Discord Inc. -> Discord Inc.) C:\Users\origi\AppData\Local\Discord\app-0.0.307\Discord.exe <6>
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(LogMeIn, Inc. -> LogMeIn Inc.) E:\Program Files\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) E:\Program Files\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.621_none_e7694895260e0b6d\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Spotify AB -> Spotify Ltd) C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe <5>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\Program Files\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Spotify] => C:\Users\origi\AppData\Roaming\Spotify\Spotify.exe [23233936 2020-11-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Discord] => C:\Users\origi\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [EpicGamesLauncher] => E:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33131408 2020-11-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24625144 2020-02-19] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104586376 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\origi\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14804552 2020-11-28] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514096 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-17] (Google LLC -> Google LLC)
Startup: C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2020-11-18]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {059ACACA-6610-4154-B0B9-1A814E39B8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {07471E98-CE11-41B9-8E9C-F87637FF5892} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08312EB4-2F82-40FD-AD4B-7B3E4090C6F8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F70B12F-62ED-4511-A9ED-81246B0BE16A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {269EC9E7-DCAB-4AC3-BCB9-56E335C3E95B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4644676E-2EDF-4E50-8CF5-7ED69E09BD03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EFA01D9-BD05-4C48-851F-56B7628B1B5E} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33903328 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {5CFA99A2-D0F8-4F7A-A306-8A9BC8BF63F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-19] (Google LLC -> Google LLC)
Task: {7778467F-4FC4-48CF-B33A-C9CA872D2C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-22] (Microsoft Corporation -> Microsoft)
Task: {81C207F1-0636-4A3C-8FD6-BB5186762748} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1797817695-3140524087-3623043744-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-10] (Microsoft Windows -> )
Task: {9A362EF8-91BE-4938-AD25-3A5E6B5DDB25} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A815A5A3-12B2-446C-A0E6-1DA57640A676} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC31F993-D52B-4E9B-8ACA-77AEB8F34F25} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2406F25-CE5B-4CC2-AA7D-21A5E7349531} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6830620-5111-4D25-ACB7-9A56F48B9CCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB812079-3B97-46E1-A5E8-8D60F2DE7894} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-17] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) <==== ATTENTION
Task: {C0093AFA-6E4B-4565-9BD9-6CFD85292586} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)
Task: {C04310FD-E714-4DC4-9084-F7A7E8BCE848} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {C38684F7-90AB-4E69-B4DC-FEA8387E48B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6CA24E4-A723-4698-8CC1-4956551F3DE5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEA2E469-8192-4C60-AFCA-6D31A1D20AC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3C431D0-6611-4ADA-9CEB-0106933773B2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6D3B0E0-FC64-4235-9749-426DF16A519E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {DD6F9B9D-C2B5-4B40-953B-BBDB50753853} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-20] (Adobe Inc. -> Adobe)
Task: {DDACF7FE-8A0A-4373-8372-CA5A26F6DC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E0C819C2-CC85-46FA-BBC1-D87EDDC7F3E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E677DACB-D605-4FF2-AF1E-E4DDC6A1CD80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E79C0B2C-BEAF-4FEA-9662-EE2C274784DC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFC4D013-162D-44F8-B495-8E218B48F2C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6396AAE-D305-4B73-8FD3-5D2804D888DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE4A4DF8-6C58-481E-9E60-61FDF8204AAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{d67f30f0-0c71-4697-9b7d-1371f23a70e1}: [DhcpNameServer] 192.168.0.1
 
Edge: 
======
Edge Profile: C:\Users\origi\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-16]
 
FireFox:
========
FF ProfilePath: C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release [2020-12-03]
FF Extension: (Honey) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\[email protected] [2020-12-01]
FF Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\[email protected] [2020-10-03]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\origi\AppData\Roaming\Mozilla\Firefox\Profiles\w11yp6xr.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> E:\Program Files\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1797817695-3140524087-3623043744-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\origi\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-05] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-12-19] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-12-19] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default [2020-12-06]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://www.cashrewards.com.au; hxxps://www.guilded.gg
CHR Extension: (Honey) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-11-18]
CHR Extension: (uBlock Origin) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-04]
CHR Extension: (Dark Mode) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2020-11-12]
CHR Extension: (Adobe Acrobat) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-26]
CHR Extension: (Kaspersky Protection) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-01]
CHR Extension: (Cashrewards) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\foehlpanophbpagddidofdpeiappcmgf [2020-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-12-03]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-11-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-19]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-12]
CHR Extension: (HMA VPN Proxy Unblocker) - C:\Users\origi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poeojclicodamonabcabmapamjkkmnnk [2020-07-19]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AORUS LCD Panel Service; C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe [360960 2018-12-21] (CloudBees, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-10-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1728072 2020-11-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-26] (GOG Sp. z o.o. -> GOG.com)
R2 Hamachi2Svc; E:\Program Files\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10896008 2020-11-24] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-23] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2148856 2020-02-19] (Plex, Inc. -> Plex, Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-10-19] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-11-18] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145304 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\71013\driver_cpu_temperature\logi_core_temp.sys [25448 2020-11-23] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-11-23] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-11-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-11-23] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [138904 2020-12-06] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-01-15] (Apple Inc.) [File not signed]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-12-07 08:57 - 2020-12-06 14:02 - 000000000 ____D C:\Windows.old
2020-12-07 08:54 - 2020-12-07 08:57 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-07 08:54 - 2020-12-07 08:54 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-07 08:52 - 2020-12-07 08:52 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-07 08:52 - 2020-12-07 08:52 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-07 08:52 - 2020-12-07 08:52 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-07 08:52 - 2020-12-07 08:52 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-12-07 08:52 - 2020-12-07 08:52 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-07 08:48 - 2020-12-07 08:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-07 08:48 - 2020-12-07 08:48 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-07 08:48 - 2020-12-07 08:48 - 000000000 ____D C:\Program Files\MSBuild
2020-12-07 08:48 - 2020-12-07 08:48 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-06 16:54 - 2020-12-06 16:54 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-12-06 16:54 - 2020-12-06 16:54 - 000138904 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-12-06 16:54 - 2020-12-06 16:54 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-12-06 16:36 - 2020-12-06 16:36 - 000000020 ___SH C:\Users\origi\ntuser.ini
2020-12-06 14:06 - 2020-12-06 14:06 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-06 14:02 - 2020-12-06 14:02 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-12-06 14:02 - 2020-12-06 14:02 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-12-06 14:02 - 2020-12-06 14:02 - 000003710 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-12-06 14:02 - 2020-12-06 14:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-06 14:02 - 2020-12-06 14:02 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-06 14:02 - 2020-12-06 14:02 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-12-06 14:02 - 2020-12-06 14:02 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bbed68e44aa1
2020-12-06 14:02 - 2020-12-06 14:02 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-06 14:02 - 2020-12-06 14:02 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-12-06 14:02 - 2020-12-06 14:02 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1797817695-3140524087-3623043744-1001
2020-12-06 14:02 - 2020-12-06 14:02 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1797817695-3140524087-3623043744-500
2020-12-06 14:02 - 2020-12-06 14:02 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002638 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2020-12-06 14:02 - 2020-12-06 14:02 - 000002586 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-12-06 14:02 - 2020-12-06 14:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-06 14:02 - 2020-12-06 14:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-12-06 14:00 - 2020-12-06 14:00 - 000000368 ____H C:\WINDOWS\Tasks\Intel PTT EK Recertification.job
2020-12-06 13:58 - 2020-12-06 16:36 - 000000000 ____D C:\Users\origi
2020-12-06 13:58 - 2019-12-07 20:10 - 000001105 _____ C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-06 12:18 - 2020-12-06 16:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-06 11:30 - 2020-12-06 11:30 - 000000000 ___HD C:\$Windows.~WS
2020-12-01 20:12 - 2020-12-01 20:12 - 000000000 ____D C:\Users\origi\AppData\Roaming\NemirtingasEpicEmu
2020-11-30 17:38 - 2020-11-30 17:41 - 000001969 _____ C:\Users\origi\Desktop\Fixlog.txt
2020-11-29 10:36 - 2020-12-07 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-11-29 10:36 - 2020-11-29 10:36 - 007458656 _____ (VS Revo Group ) C:\Users\origi\Desktop\revosetup.exe
2020-11-29 10:36 - 2020-11-29 10:36 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-11-29 10:36 - 2020-11-29 10:36 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-11-29 10:36 - 2020-11-29 10:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-11-29 09:58 - 2020-11-29 09:58 - 000000000 ____D C:\Users\origi\AppData\Local\Activision
2020-11-29 09:58 - 2020-11-29 09:58 - 000000000 ____D C:\ProgramData\Activision
2020-11-29 09:52 - 2020-12-07 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops Cold War
2020-11-29 09:52 - 2020-11-29 09:52 - 000000869 _____ C:\Users\Public\Desktop\Call of Duty Black Ops Cold War.lnk
2020-11-29 09:52 - 2020-11-29 09:52 - 000000869 _____ C:\ProgramData\Desktop\Call of Duty Black Ops Cold War.lnk
2020-11-29 09:13 - 2020-12-07 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hollow Knight [GOG.com]
2020-11-29 09:13 - 2020-11-29 09:13 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Team Cherry
2020-11-29 09:06 - 2020-12-06 12:04 - 000000000 ____D C:\Program Files\Call of Duty Black Ops Cold War
2020-11-28 22:29 - 2020-11-28 22:29 - 000000000 ____D C:\Users\origi\Documents\Horizon Zero Dawn
2020-11-28 21:40 - 2020-11-28 21:40 - 000000659 _____ C:\Users\Public\Desktop\Horizon - Zero Down CE.lnk
2020-11-28 21:40 - 2020-11-28 21:40 - 000000659 _____ C:\ProgramData\Desktop\Horizon - Zero Down CE.lnk
2020-11-28 19:33 - 2020-12-07 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-11-28 19:33 - 2020-11-28 19:33 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-11-28 19:33 - 2020-11-28 19:33 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-11-28 15:45 - 2020-11-28 15:45 - 000000489 _____ C:\Users\Public\Desktop\Black Mesa.lnk
2020-11-28 15:45 - 2020-11-28 15:45 - 000000489 _____ C:\ProgramData\Desktop\Black Mesa.lnk
2020-11-28 15:43 - 2020-11-28 15:43 - 000000000 ____D C:\Users\origi\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-28 15:43 - 2020-11-28 15:43 - 000000000 ____D C:\Users\origi\AppData\LocalLow\KingArt
2020-11-28 15:24 - 2020-11-28 15:24 - 000000661 _____ C:\Users\Public\Desktop\Iron Harvest.lnk
2020-11-28 15:24 - 2020-11-28 15:24 - 000000661 _____ C:\ProgramData\Desktop\Iron Harvest.lnk
2020-11-27 19:17 - 2020-12-07 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-11-27 19:17 - 2020-12-06 11:10 - 000000000 ____D C:\Users\origi\AppData\Roaming\qBittorrent
2020-11-27 19:17 - 2020-11-27 19:26 - 000000000 ____D C:\Program Files\qBittorrent
2020-11-27 19:17 - 2020-11-27 19:17 - 000000000 ____D C:\Users\origi\AppData\Local\qBittorrent
2020-11-27 18:43 - 2020-11-27 18:44 - 000085359 _____ C:\Users\origi\Desktop\Addition.txt
2020-11-27 18:41 - 2020-12-06 16:56 - 000032784 _____ C:\Users\origi\Desktop\FRST.txt
2020-11-27 13:36 - 2020-11-27 13:36 - 000000000 ____D C:\Users\origi\AppData\Local\WeMod
2020-11-26 22:35 - 2020-11-26 22:36 - 000000000 ____D C:\Users\origi\AppData\LocalLow\SUPERHOT_Team
2020-11-24 19:55 - 2020-11-24 19:55 - 000909824 _____ (Farbar) C:\Users\origi\Desktop\FSS.exe
2020-11-23 20:27 - 2020-12-06 16:54 - 000000000 ____D C:\Users\origi\AppData\LocalLow\IGDump
2020-11-23 20:26 - 2020-11-26 23:32 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-23 20:26 - 2020-11-26 23:32 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-23 20:26 - 2020-11-23 20:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\Users\origi\AppData\Local\mbam
2020-11-23 20:26 - 2020-11-23 20:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-23 20:21 - 2020-11-23 20:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-23 20:20 - 2020-11-23 20:17 - 002076624 _____ (Malwarebytes) C:\Users\origi\Desktop\MBSetup.exe
2020-11-23 20:16 - 2020-11-24 19:37 - 000000000 ____D C:\AdwCleaner
2020-11-23 20:15 - 2020-11-23 20:15 - 008447152 _____ (Malwarebytes) C:\Users\origi\Desktop\AdwCleaner.exe
2020-11-23 20:10 - 2020-11-23 20:10 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2020-11-23 20:10 - 2020-11-23 20:10 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2020-11-23 20:10 - 2020-11-23 20:10 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2020-11-23 20:09 - 2020-12-06 16:56 - 000000000 ____D C:\Users\origi\Desktop\FRST-OlderVersion
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege.url
2020-11-22 23:14 - 2020-11-22 23:14 - 000000233 _____ C:\Users\origi\Desktop\Tom Clancy's Rainbow Six Siege - Vulkan.url
2020-11-21 20:08 - 2020-11-28 19:34 - 000000000 ____D C:\Program Files\LGHUB
2020-11-19 21:27 - 2020-11-19 21:30 - 000000000 ____D C:\Users\origi\Documents\Assassin's Creed Valhalla
2020-11-19 20:23 - 2020-11-19 20:23 - 000000235 _____ C:\Users\origi\Desktop\Assassin's Creed Valhalla.url
2020-11-19 19:22 - 2020-11-19 19:22 - 000000234 _____ C:\Users\origi\Desktop\Watch Dogs Legion.url
2020-11-18 18:46 - 2020-12-06 16:56 - 002288640 _____ (Farbar) C:\Users\origi\Desktop\FRST64.exe
2020-11-18 18:46 - 2020-12-06 16:56 - 000000000 ____D C:\FRST
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\Users\Public\Documents\Creative
2020-11-18 18:32 - 2020-11-18 18:32 - 000000000 ____D C:\ProgramData\Documents\Creative
2020-11-18 18:31 - 2020-12-07 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2020-11-18 18:31 - 2020-11-18 18:31 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Users\origi\AppData\Local\Downloaded Installations
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\Patriot
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files\ENE
2020-11-18 18:31 - 2020-11-18 18:31 - 000000000 ____D C:\Program Files (x86)\ENE
2020-11-18 18:31 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2020-11-18 18:30 - 2020-12-07 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2020-11-18 18:30 - 2020-11-18 18:32 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\Users\Public\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000001243 _____ C:\ProgramData\Desktop\AORUS ENGINE.lnk
2020-11-18 18:30 - 2020-11-18 18:30 - 000000000 ____D C:\Users\origi\Documents\temp
2020-11-18 18:17 - 2020-11-07 15:01 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-11-18 18:17 - 2020-11-07 15:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2020-11-18 18:17 - 2020-11-07 15:01 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:41 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001506032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 001027992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-11-18 18:15 - 2020-11-08 04:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-18 18:15 - 2020-11-08 04:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 005520792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-18 18:15 - 2020-11-08 04:37 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-11-18 18:15 - 2020-11-08 04:37 - 000445848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-11-18 18:15 - 2020-11-08 04:36 - 007005008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-11-18 18:15 - 2020-11-08 04:36 - 005976296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-18 18:15 - 2020-11-07 15:01 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-17 09:52 - 2020-11-17 09:52 - 000000000 ____D C:\Users\origi\AppData\Roaming\HelloGames
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-11-17 09:37 - 2020-11-17 09:37 - 000000629 _____ C:\ProgramData\Desktop\No Man's Sky.lnk
2020-11-17 09:36 - 2020-11-27 11:54 - 000000000 ____D C:\Users\origi\AppData\Roaming\SUPERHOTMCD
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\Users\Public\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-17 09:34 - 2020-11-17 09:34 - 000000669 _____ C:\ProgramData\Desktop\SUPERHOT - MIND CONTROL DELETE.lnk
2020-11-16 18:47 - 2020-12-06 16:54 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-16 17:36 - 2020-11-16 17:36 - 000000000 ___HD C:\$WinREAgent
2020-11-16 17:31 - 2020-08-03 22:37 - 000065910 _____ C:\Users\origi\Documents\Tom Leys - CV.pdf
2020-11-16 17:30 - 2020-11-23 21:07 - 000000000 ____D C:\Users\origi\Documents\My Games
2020-11-15 20:11 - 2020-11-15 20:11 - 000000000 ____D C:\Users\origi\Downloads\Django Unchained 2012 BluRay 720p [Hindi 2.0 + English 5.1] AAC x264 ESub - mkvCinemas [Telly]
2020-11-14 12:43 - 2020-11-14 12:43 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Hopoo Games, LLC
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\Users\Public\Desktop\Risk of Rain 2.lnk
2020-11-14 12:40 - 2020-11-14 12:40 - 000000573 _____ C:\ProgramData\Desktop\Risk of Rain 2.lnk
2020-11-14 12:37 - 2020-11-14 12:37 - 000000000 ____D C:\Users\origi\AppData\Local\Mordhau
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\Users\Public\Desktop\Mordhau.lnk
2020-11-14 12:13 - 2020-11-14 12:13 - 000000487 _____ C:\ProgramData\Desktop\Mordhau.lnk
2020-11-11 23:27 - 2020-11-11 23:27 - 000042673 _____ C:\Users\origi\Documents\Book1.xlsx
2020-11-11 17:23 - 2020-12-06 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\Users\Public\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 21:31 - 2020-11-06 21:31 - 000000807 _____ C:\ProgramData\Desktop\Sniper - Ghost Warrior Contracts.lnk
2020-11-06 16:22 - 2020-12-06 13:59 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2020-11-06 16:22 - 2020-11-09 21:46 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-12-07 08:57 - 2020-10-08 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.1
2020-12-07 08:57 - 2020-10-03 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex - Mankind Divided [GOG.com]
2020-12-07 08:57 - 2020-10-01 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-12-07 08:57 - 2020-09-28 01:38 - 000000000 ____D C:\ProgramData\Packages
2020-12-07 08:57 - 2020-09-28 01:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-07 08:57 - 2020-09-16 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-07 08:57 - 2020-09-06 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-12-07 08:57 - 2020-08-10 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2020-12-07 08:57 - 2020-08-04 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.4.6f1 (64-bit)
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\3082
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1055
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1049
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1046
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1045
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1040
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1036
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1033
2020-12-07 08:57 - 2020-07-23 00:44 - 000000000 ____D C:\WINDOWS\system32\1029
2020-12-07 08:57 - 2020-07-23 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSCodium
2020-12-07 08:57 - 2020-07-22 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2020-12-07 08:57 - 2020-07-21 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-12-07 08:57 - 2020-07-19 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-12-07 08:57 - 2020-06-16 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 [GOG.com]
2020-12-07 08:57 - 2020-05-30 05:39 - 000000000 ____D C:\Program Files\UNP
2020-12-07 08:57 - 2020-04-17 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-07 08:57 - 2020-04-11 17:42 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2020-12-07 08:57 - 2020-04-04 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-12-07 08:57 - 2020-03-15 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-12-07 08:57 - 2020-02-24 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-12-07 08:57 - 2020-01-28 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-12-07 08:57 - 2020-01-25 00:33 - 000000000 ____D C:\WINDOWS\ShellNew
2020-12-07 08:57 - 2020-01-25 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2020-12-07 08:57 - 2020-01-13 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-12-07 08:57 - 2020-01-11 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2020-12-07 08:57 - 2020-01-11 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2020-12-07 08:57 - 2020-01-02 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2020-12-07 08:57 - 2020-01-01 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-07 08:57 - 2019-12-30 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2020-12-07 08:57 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\regid.1995-09.com.example
2020-12-07 08:57 - 2019-12-23 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UWPHook
2020-12-07 08:57 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-12-07 08:57 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2020-12-07 08:57 - 2019-12-19 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-12-07 08:57 - 2019-12-18 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-12-07 08:57 - 2019-12-18 22:13 - 000000000 ____D C:\WINDOWS\system32\Samsung
2020-12-07 08:57 - 2019-12-18 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-12-07 08:57 - 2019-12-18 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-07 08:57 - 2019-12-07 20:18 - 000000000 ____D C:\WINDOWS\Setup
2020-12-07 08:57 - 2019-12-07 20:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-07 08:57 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-07 08:57 - 2019-03-19 15:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-12-07 08:57 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-07 08:57 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2020-12-07 08:54 - 2020-07-24 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2020-12-07 08:54 - 2020-07-22 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-12-07 08:54 - 2020-02-15 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-12-07 08:53 - 2019-12-07 20:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-07 08:53 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-07 08:52 - 2020-09-28 01:36 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-12-07 08:50 - 2019-12-07 20:52 - 000000000 ____D C:\WINDOWS\OCR
2020-12-07 08:48 - 2019-12-07 20:10 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-12-07 08:48 - 2019-12-07 20:10 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-12-07 08:48 - 2019-12-07 20:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2020-12-07 08:48 - 2019-12-07 20:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-12-07 08:48 - 2019-12-07 20:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2020-12-07 08:48 - 2019-12-07 20:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2020-12-06 16:56 - 2019-12-19 12:33 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-06 16:56 - 2019-12-07 20:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-06 16:55 - 2020-07-19 23:19 - 000000000 ___RD C:\Users\origi\iCloudDrive
2020-12-06 16:55 - 2020-04-17 17:59 - 000000000 ____D C:\Users\origi\AppData\Local\LGHUB
2020-12-06 16:55 - 2020-04-16 22:50 - 000000000 ____D C:\Users\origi\AppData\Roaming\LGHUB
2020-12-06 16:55 - 2019-12-19 12:13 - 000000000 ____D C:\Users\origi\AppData\Local\Packages
2020-12-06 16:55 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Discord
2020-12-06 16:55 - 2019-12-18 20:58 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-06 16:55 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-06 16:54 - 2020-09-28 01:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-06 16:54 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Roaming\Spotify
2020-12-06 16:54 - 2019-12-18 20:59 - 000000000 ____D C:\Users\origi\AppData\Local\Spotify
2020-12-06 16:54 - 2019-12-07 20:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-06 16:54 - 2019-12-07 20:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-06 16:38 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-06 16:36 - 2020-09-28 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-06 16:36 - 2020-09-28 01:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-06 16:36 - 2019-12-19 12:13 - 000000000 ___RD C:\Users\origi\3D Objects
2020-12-06 14:13 - 2019-12-07 20:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-06 14:02 - 2020-09-28 01:36 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-06 14:02 - 2020-09-28 01:36 - 000003182 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-06 14:02 - 2019-12-07 20:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-06 14:02 - 2019-12-07 20:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-06 14:02 - 2019-12-07 20:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-06 14:01 - 2020-09-28 01:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-06 14:01 - 2020-09-28 01:36 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-06 14:01 - 2020-09-28 01:36 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-06 14:00 - 2019-12-07 20:14 - 000000000 __RSD C:\WINDOWS\Media
2020-12-06 13:59 - 2020-09-23 13:48 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2020-12-06 13:59 - 2020-09-23 13:31 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-12-06 13:59 - 2020-07-25 21:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macroplant LLC
2020-12-06 13:59 - 2020-07-19 23:19 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-12-06 13:59 - 2020-07-01 20:46 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnakeBite
2020-12-06 13:59 - 2020-06-23 19:27 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2
2020-12-06 13:59 - 2020-06-23 18:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria Tweaker 2 for Terraria 1.3.5.3
2020-12-06 13:59 - 2020-04-05 21:00 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-12-06 13:59 - 2020-01-19 15:22 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-12-06 13:59 - 2020-01-01 13:58 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-06 13:59 - 2019-12-07 20:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-06 13:58 - 2020-11-04 21:19 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-12-06 13:58 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-12-06 13:58 - 2019-12-19 12:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-12-06 13:58 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-12-06 13:57 - 2020-09-28 01:33 - 000443608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-06 13:14 - 2020-01-28 13:17 - 000000000 ____D C:\Users\origi\AppData\Local\Battle.net
2020-12-06 12:18 - 2020-01-08 20:08 - 000000000 ____D C:\ESD
2020-12-06 11:28 - 2019-12-23 16:45 - 000000000 ____D C:\Users\origi\AppData\Local\CrashDumps
2020-12-06 11:25 - 2019-12-19 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-06 06:06 - 2020-04-17 16:39 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-03 21:04 - 2019-12-19 23:41 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Mozilla
2020-12-03 21:03 - 2020-11-01 22:07 - 000000000 ____D C:\Users\origi\AppData\Roaming\EasyAntiCheat
2020-12-01 19:40 - 2019-12-18 22:45 - 000000000 ____D C:\Users\origi\AppData\Local\D3DSCache
2020-11-30 17:46 - 2019-12-19 23:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 09:58 - 2020-10-18 21:55 - 000000000 ____D C:\Users\origi\Documents\Call Of Duty Black Ops Cold War
2020-11-29 09:06 - 2020-02-15 10:08 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-11-28 12:09 - 2020-11-04 21:19 - 000000000 ____D C:\Users\origi\AppData\Roaming\WeMod
2020-11-28 10:30 - 2020-05-03 16:32 - 000000000 ____D C:\Users\origi\AppData\Local\Ubisoft Game Launcher
2020-11-27 22:12 - 2020-03-09 13:16 - 000000000 ____D C:\ProgramData\Disturbed
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 17:31 - 2020-01-19 15:25 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-27 17:28 - 2019-12-19 12:36 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-27 13:36 - 2020-11-04 21:19 - 000002159 _____ C:\Users\origi\Desktop\WeMod.lnk
2020-11-27 13:36 - 2019-12-18 21:56 - 000000000 ____D C:\Users\origi\AppData\Local\SquirrelTemp
2020-11-27 13:31 - 2019-12-25 21:04 - 000000000 ____D C:\Users\origi\AppData\Roaming\uTorrent
2020-11-24 20:21 - 2019-12-19 12:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-11-24 19:52 - 2020-10-08 22:14 - 000000000 ____D C:\Program Files\Cheat Engine 7.1
2020-11-24 19:36 - 2020-08-03 21:29 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 21:07 - 2019-12-26 16:49 - 000000000 ____D C:\Users\origi\AppData\Local\BattlEye
2020-11-23 20:11 - 2020-09-06 23:33 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-11-21 21:42 - 2020-10-03 13:35 - 000000000 ____D C:\Users\origi\AppData\LocalLow\Temp
2020-11-19 20:43 - 2020-05-03 16:40 - 000000000 ____D C:\Users\origi\AppData\Local\My Games
2020-11-19 19:17 - 2020-05-03 16:32 - 000001310 _____ C:\Users\origi\Desktop\Ubisoft Connect.lnk
2020-11-19 17:57 - 2020-07-21 23:22 - 000000000 ____D C:\Battlestate Games
2020-11-19 08:36 - 2019-12-18 21:28 - 001562560 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-11-19 08:35 - 2020-04-18 17:06 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000170424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000158136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000154032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-11-19 08:35 - 2019-12-18 21:28 - 000033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-11-18 19:48 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA
2020-11-18 18:19 - 2019-12-19 12:36 - 000000000 ____D C:\Users\origi\AppData\Local\NVIDIA Corporation
2020-11-18 14:35 - 2019-12-25 21:02 - 000000000 ____D C:\Users\origi\AppData\Local\BitTorrentHelper
2020-11-17 08:33 - 2019-12-19 12:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-17 08:33 - 2019-12-19 12:22 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-16 18:56 - 2020-04-11 16:47 - 000000000 ____D C:\Users\origi\AppData\LocalLow\uTorrent
2020-11-16 17:26 - 2019-12-19 12:14 - 000000000 ___RD C:\Users\origi\OneDrive
2020-11-16 17:16 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-15 22:06 - 2019-12-18 23:53 - 000000000 ____D C:\Users\origi\AppData\Roaming\Twitch
2020-11-14 22:25 - 2020-04-04 20:44 - 000000000 ____D C:\Users\origi\AppData\Roaming\vlc
2020-11-14 12:37 - 2019-12-29 23:33 - 000000000 ____D C:\Users\origi\AppData\Local\UnrealEngine
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2020-11-14 11:00 - 2020-07-21 23:23 - 000000791 _____ C:\ProgramData\Desktop\Battlestate Games Launcher.lnk
2020-11-12 01:44 - 2019-12-23 14:33 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-12 01:44 - 2019-12-23 14:33 - 000000000 ____D C:\WINDOWS\system32\MRT
 
==================== Files in the root of some directories ========
 
2020-08-27 23:25 - 2020-08-27 23:26 - 000000190 _____ () C:\Users\origi\AppData\Roaming\modthegungeon.conf
2020-08-06 21:25 - 2020-08-06 21:25 - 000013981 _____ () C:\Users\origi\AppData\Local\recently-used.xbel
2020-01-21 23:21 - 2020-07-22 00:33 - 000007601 _____ () C:\Users\origi\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2020
Ran by origi (06-12-2020 16:57:15)
Running from C:\Users\origi\Desktop
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-12-06 03:02:59)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1797817695-3140524087-3623043744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1797817695-3140524087-3623043744-503 - Limited - Disabled)
Guest (S-1-5-21-1797817695-3140524087-3623043744-501 - Limited - Disabled)
origi (S-1-5-21-1797817695-3140524087-3623043744-1001 - Administrator - Enabled) => C:\Users\origi
WDAGUtilityAccount (S-1-5-21-1797817695-3140524087-3623043744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
AltServer (HKLM-x32\...\{6CC7EBC1-2C38-4717-B13D-CB0A478552EF}) (Version: 1.3.2 - Riley Testut)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.2.0 - GIGABYTE Technology Co.,Inc.)
AORUS LCD Panel Setting (HKLM-x32\...\{82026686-454E-4233-83E3-4045BC3FB31C}_is1) (Version: 1.0.3.1 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version:  - Ubisoft)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0.1 - shockingsoft.com)A
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 10.4.2.1226 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.4.2.1226 - Battlestate Games)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.66.0 - Bethesda Softworks)
Black Mesa: Definitive Edition (HKLM-x32\...\Black Mesa: Definitive Edition_is1) (Version:  - )
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.205.0.1006 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.1 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Deus Ex: Mankind Divided (HKLM-x32\...\1296690054_is1) (Version: 1.19 hotfix - GOG.com)
Deus Ex: Mankind Divided™ DLC - Season Pass (HKLM-x32\...\1753119582_is1) (Version: 1.19 hotfix - GOG.com)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648 - GOG.com)
Dying Light: Ultimate Collection (HKLM-x32\...\Dying Light: Ultimate Collection_is1) (Version:  - )
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.8.9819 - Battlestate Games)
Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
GIMP 2.10.18 (HKLM\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
Hades (HKLM-x32\...\Hades_is1) (Version:  - )
Hollow Knight (HKLM-x32\...\1308320804_is1) (Version: 1.4.3.2 - GOG.com)
Horizon: Zero Down CE (HKLM-x32\...\Horizon: Zero Down CE_is1) (Version:  - )
icecap_collection_neutral (HKLM-x32\...\{2A00DCB3-752F-446C-B3B3-1B6ADFBFF3E3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{BE5E54C4-6B68-4AE3-A7F4-45F0D29D48D3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{1E6E5904-E97F-41F7-B3DB-0C8CD3180E3C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{7FD392DF-51A1-4DC1-9C6F-BF7C58A576AC}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
iExplorer (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\2ee35ebaf226322a) (Version: 4.3.4.0 - Macroplant LLC)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
Iron Harvest (HKLM-x32\...\Iron Harvest_is1) (Version:  - )
iTunes (HKLM\...\{65A59264-DFCE-498D-A091-D124C6EFB6FF}) (Version: 12.10.8.5 - Apple Inc.)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LazyClicker (HKLM-x32\...\{FB523953-2434-4FB2-A027-F42B395659F8}) (Version: 1.1.0.27 - LazyClicker)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft .NET Core SDK 3.1.302 (x64) from Visual Studio (HKLM\...\{539053B2-E414-46BC-B4CD-365E79AFEA79}) (Version: 3.1.302.015188 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft OneDrive (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0006 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2037.624 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Mordhau (HKLM-x32\...\Mordhau_is1) (Version:  - )
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
Node.js (HKLM\...\{97FD2F60-C3CD-417D-A5F6-C538B37054CC}) (Version: 12.16.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
PlanetSide 2 (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plex Media Server (HKLM-x32\...\{203FDA60-7969-4EB3-BD69-4D1752B3C6F9}) (Version: 1.18.2438 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{440398c3-62c1-4e0e-b558-5ca3f78e1d94}) (Version: 1.18.7.2438 - Plex, Inc.)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.8.5 (32-bit) (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{44a59e57-34e2-4d86-93ba-a2588bfac760}) (Version: 3.8.5150.0 - Python Software Foundation)
Python 3.8.5 Add to Path (32-bit) (HKLM-x32\...\{2D01141A-8022-4100-B256-02EFB0F1830B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Core Interpreter (32-bit) (HKLM-x32\...\{31F7FCA7-1F15-48FD-BFB9-91FE58FC2F07}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Development Libraries (32-bit) (HKLM-x32\...\{657AEF25-7BC3-4E93-A08C-ECD14E8A74AE}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Documentation (32-bit) (HKLM-x32\...\{F7A293EB-21B8-45DE-85A5-8ADEB68B9EFB}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Executables (32-bit) (HKLM-x32\...\{F6156224-C882-453A-9046-EFCD31982E68}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 pip Bootstrap (32-bit) (HKLM-x32\...\{71C0D67F-EF42-4C5C-A2AE-04FD8B38AB1C}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Standard Library (32-bit) (HKLM-x32\...\{4D147A72-5C01-47B2-8789-1D1969F6AC32}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{653FBD26-2D1A-48C1-AAB1-0AB6F2A3749B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Test Suite (32-bit) (HKLM-x32\...\{DE45C740-8250-4A49-8B81-FE347C70E6BA}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Utility Scripts (32-bit) (HKLM-x32\...\{9450D936-1E4F-44EF-A0D4-92C471229B98}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{CEEAEA02-2472-4BF6-8994-52D6783F5575}) (Version: 3.8.7140.0 - Python Software Foundation)
qBittorrent 4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.1 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1030.101917 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1311.27 - Rockstar Games)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1105.1 - GIGABYTE)
Risk of Rain 2 (HKLM-x32\...\Risk of Rain 2_is1) (Version:  - )
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version:  - )
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior Contracts_is1) (Version:  - )
Spotify (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{B5747469-E9CA-4F7C-A964-0A32DF449B24}) (Version: 1.18.2438 - Plex, Inc.) Hidden
superhot: mind control delete (HKLM-x32\...\superhot: mind control delete_is1) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
Terraria Tweaker 2 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2) (Version: "2.3.1405.0" - TiberiumFusion)
Terraria Tweaker 2 for Terraria 1.3.5.3 (HKLM-x32\...\TiberiumFusion Terraria Tweaker 2 for Terraria 1.3.5.3) (Version: "2.2.1353.0" - TiberiumFusion)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
thriXXX 3DKink-500.001 (HKLM-x32\...\3DKink-500.001) (Version:  - thriXXX Software GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Twitch (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2019.4.6f1 - Unity Technologies ApS)
Unity Hub 2.3.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.3.2 - Unity Technologies Inc.)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UWPHok (HKLM-x32\...\UWPHook 2.5.1) (Version: 2.5.1 - Briano)
UWPHook (HKLM-x32\...\{52B9D66E-8B17-4E82-94EE-9664614B67A2}) (Version: 2.5.1 - Briano) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{B2AC4CE4-2533-4485-B3B5-2F645C2DD325}) (Version: 14.26.28808 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\2a34e2d9) (Version: 16.6.30320.27 - Microsoft Corporation)
Visual Studio Team Explorer 2017 (HKLM-x32\...\b0a2d319) (Version: 15.9.28307.1216 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.4 - Black Tree Gaming Ltd.)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{2CCEC45B-1462-4FFD-8214-90E3C25000F7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0A54CADD-CBA1-4BC9-A134-6C9F91F41B9A}) (Version: 16.5.29521 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
VSCodium (HKLM\...\{D77B7E06-80BA-4137-BCF4-654B95CCEBC5}_is1) (Version: 1.47.2 - Microsoft Corporation)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version:  - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version:  - Ubisoft)
WeMod (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\WeMod) (Version: 6.3.11 - WeMod)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-28] (king.com)
Clustertruck -> C:\Program Files\WindowsApps\tinyBuildGames.3289435C1E20_1.0.3.0_x86__3sz1pp2ynv2xe [2020-01-04] (tinyBuild Games)
Death's Gambit -> C:\Program Files\WindowsApps\CartoonInteractiveGroupIn.DeathsGambit_1.0.0.0_x64__6c1aaymwt3dwm [2020-02-18] (Cartoon Interactive Group Inc.)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.49.3.0_x86__kgqvnymyfvs32 [2020-12-03] (king.com)
FTL: Faster Than Light -> C:\Program Files\WindowsApps\Mutable\SubsetGames.FTLFasterThanLight_1.6.13.0_x86__gvagsjwfgyhyc [2020-01-10] (0)
Golf With Your Friends -> C:\Program Files\WindowsApps\Team17DigitalLimited.GolfWithYourFriendsWin10_1.0.12.0_x64__j5x4vj4y67jhc [2020-10-29] (Team17 Digital Limited)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Mutable\Microsoft.Chelan_1.1955.0.0_x64__8wekyb3d8bbwe [2020-11-21] (0)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
My Friend Pedro Win10 -> C:\Program Files\WindowsApps\DevolverDigital.MyFriendPedroWin10_1.0.6.0_x64__6kzv4j18v0c96 [2020-05-06] (Devolver Digital)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-28] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-04-14] (Realtek Semiconductor Corp)
The Master Chief Collection: Halo 2 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo2_1.1448.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo 3: ODST -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3ODST_1.12.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: Halo CE -> C:\Program Files\WindowsApps\Microsoft.HaloCombatEvolved_1.1367.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios)
Totally Accurate Battle Simulator (Game Preview) -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.24.0_x64__r2vq7k2y0v9ct [2020-09-01] (Landfall Games)
UNDERTALE -> C:\Program Files\WindowsApps\8-4Ltd.Undertale-Windows10_1.1.0.0_x86__c74r4999cqbdr [2020-01-04] (8-4, Ltd.)
West of Loathing -> C:\Program Files\WindowsApps\Asymmetric.WestofLoathing_1.1111.1111.0_x64__y20smdktffva2 [2020-04-30] (Asymmetric Publications, LLC)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-04-24] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\origi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-22] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\origi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --force-dark-mode
 
==================== Loaded Modules (Whitelisted) =============
 
2020-11-18 18:30 - 2019-08-05 13:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 002010112 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GbtCpuLib.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\yccV2.dll
2020-11-18 18:30 - 2019-12-09 17:27 - 000289792 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVBIOSLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000628736 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvComW.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000013312 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvCrypt.dll
2020-11-18 18:30 - 2020-10-23 11:27 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVDisplay.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000240640 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvIllumLib.dll
2020-11-18 18:30 - 2019-08-05 13:26 - 000218112 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvOrderLib.dll
2020-11-18 18:32 - 2020-09-14 09:07 - 000472576 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\GVDisplay.dll
2020-11-18 18:30 - 2019-08-05 13:27 - 001079808 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\MFC80U.DLL
2020-11-18 18:30 - 2019-08-27 13:22 - 000224256 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvAutoUpdate.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\sharepoint.com -> hxxps://mqoutlook-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\wustat.windows.com -> hxxp://wustat.windows.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 15:49 - 2020-11-23 20:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\;C:\Program Files\VSCodium\bin;C:\Program Files\dotnet\
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\Control Panel\Desktop\\Wallpaper -> E:\Pictures\Wallpapers\RGB Circles.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1797817695-3140524087-3623043744-1001\...\StartupApproved\Run: => "Synapse3"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{0D904128-706D-4FA4-9B71-36FE7F080029}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AE718B52-A428-42A2-B6D0-BDA4920C8681}E:\program files\epic games\rs2v\binaries\win64\vngame.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\vngame.exe () [File not signed]
FirewallRules: [TCP Query User{EFDCCB25-0A87-4526-9986-934416EE09E5}E:\program files\epic games\rs2v\binaries\win64\vngame.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\vngame.exe () [File not signed]
FirewallRules: [UDP Query User{BEC9CE0B-63C2-4061-8754-71D5D8BED070}C:\program files\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [TCP Query User{21504C64-33FC-4F40-A786-DE09BD8933BB}C:\program files\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{9E2E1459-F4D4-4F64-A3EA-E457668B52DB}E:\games\horizon - zero down ce\horizonzerodawn.exe] => (Allow) E:\games\horizon - zero down ce\horizonzerodawn.exe () [File not signed]
FirewallRules: [TCP Query User{17F4B817-54BF-425B-BBB2-6EE85E2FD805}E:\games\horizon - zero down ce\horizonzerodawn.exe] => (Allow) E:\games\horizon - zero down ce\horizonzerodawn.exe () [File not signed]
FirewallRules: [UDP Query User{5CCD532A-2063-4549-9610-6A37CACC3D42}E:\games\iron harvest\release\ironharvest.exe] => (Allow) E:\games\iron harvest\release\ironharvest.exe () [File not signed]
FirewallRules: [TCP Query User{1AB7205C-BC7E-40C2-A404-9B90AD06F596}E:\games\iron harvest\release\ironharvest.exe] => (Allow) E:\games\iron harvest\release\ironharvest.exe () [File not signed]
FirewallRules: [{8B160FB0-65A7-4A8B-B52E-06F3EF666BAB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{43B6D078-CB1C-4115-919B-BDBB047020AE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{7EADD2C3-3F8F-4CAA-B403-E0814133A116}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F143E14A-ED9B-49A4-BEEF-027B7A355C9C}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{8767F310-C7B1-4FF3-98AD-F83BF76E2F02}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{7544C042-590A-40EC-BD55-3CF5B74790E4}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{BBD423BF-4015-4ACF-9104-6B0F247AE9E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA6EA858-6A11-4455-8ABF-32AD4BA524C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32EAD7C7-073D-4808-8491-BB3BC3B0B971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{465FB64B-5046-4360-9AEE-EF848A8994D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15887DF6-8639-4AAB-A645-BC33B1BACC1D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BCDE392E-AEFB-43AC-AC45-EBCA7CBD289E}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8079971B-C0B8-4E0A-9744-6D2A1973AF10}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\New folder\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{420E550E-47C4-4454-A99A-8EE7BBCA1EDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{08C2D746-BDCB-45BF-80E3-DDCDDD0EE60C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{79D1F9F0-DBCB-4B21-8FA6-69D2F2F2E332}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{68E21DC7-8280-4F29-80E2-E6BB9677AFC1}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{16B1414A-FE63-4C3A-B9C7-5587D7AC39D2}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B2E877D3-5FF6-4FCA-BB52-BC96F1D944F6}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{410561EF-AB33-4577-B74F-B67E1FC6DF4F}E:\program files\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{32E8EDC4-0755-42CB-8BD0-1A4EB166C618}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{BE68303A-CA83-45AF-AA41-E58A9D8245F3}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{655C2BD9-62B4-4B6D-BD3A-72C4AEC22A73}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [TCP Query User{03684179-A6B7-408B-A2B0-41545EC96826}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [UDP Query User{FEE9CE96-58F4-4030-88CB-5B5EE3B47F3A}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B3D20E8A-DAC4-4319-9B5C-13D59B6BC4D8}C:\users\origi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\origi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCE58226-D93B-44EF-B104-E9B412434148}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{EC3D6E3F-D22B-45FF-86FD-73A42E37BC01}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{625B937E-C165-4A10-ABEC-6739A4F19C76}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{55F4F4E4-6DE8-4FF7-B391-C1E19A1E0988}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2E58401E-54F3-4071-9DD0-8A3A3B1F7D5B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FB7BE848-FDE0-4D65-854D-A34E5904B18B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{B4288E7E-F78B-45DB-9477-1BCF095B4053}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{56B0067E-EA09-4D6F-83E3-866094057A59}C:\users\origi\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\origi\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{238925C4-1354-4AA1-865D-9620EE84EE56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE17E754-D40D-4F7B-B445-04F317D4BA55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FC6E254-4932-44EE-8D54-F26D58C8CDB8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB41F1CC-4157-4B2E-A46B-7773491713E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A112E236-9BD0-4F0E-8E86-3BD9995DA22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D32F1D5B-BD93-4F80-84D4-A6F24F3169AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF43DDDA-4442-4233-92D0-7B28CA43BE7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AB356E3-1C49-45D0-92D7-21143CECE733}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA3F5F3A-F171-441A-BBE7-4FE7B3C3C54D}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [{F5195C8B-3C8F-4A3E-8A2C-09EAA4D02842}] => (Allow) E:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe => No File
FirewallRules: [TCP Query User{666556D2-4339-4484-ADBA-D27818139021}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [UDP Query User{5A6BBD9F-E23D-49EF-8003-E642669DC7E8}E:\program files\epic games\breakpointdemo\grb.exe] => (Allow) E:\program files\epic games\breakpointdemo\grb.exe => No File
FirewallRules: [TCP Query User{80301D8A-7F60-4685-836F-B3CA6609C81A}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FE0709B9-6DEE-484F-95D1-8F53EEEB9016}E:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) E:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{75B083B5-47D8-4A9F-918B-8CF993A4005E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2BF9EA75-998A-4D25-8EED-266FBB0A448E}E:\program files\epic games\gtav\gta5.exe] => (Allow) E:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8B221CFE-47F8-4418-8A2E-7C501FB79A01}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{479AD954-D64B-46EF-B046-3A916A2EC95F}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{FFD736D3-BF75-404F-824A-E87DD328C3C6}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{3EB1A1BC-42C9-44A0-89E2-F9549E72F139}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{4DF7FE8E-0264-44E6-996A-3EA5A94F8F1E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{6CB92D7C-7DC3-4EF9-8A37-9CF84197A520}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{C3C791EF-22BA-4F59-BC25-51D0DB5E0278}E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{12EB542A-9BFF-47E6-87D3-6F1FF5E34FC6}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{8258957B-DCB5-458C-A270-134327AF3811}E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [{D2E7ADDF-1589-4FD8-B3FC-B3D85A9B6F5A}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{14C03299-DCF1-4508-9CD7-1930CFE6A274}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{501753C0-C5BD-4D9D-839B-268FE5CB0B86}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{231FB57E-6AF9-4F2C-8C54-DF7F8F2A6C50}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{76D91F81-F31B-43C4-9177-0E98E20133F9}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{3C65C792-A8A6-4101-8CBF-FAD144FE474C}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{F7A51524-6680-4817-93B3-4FB20321B983}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{9D3CB140-B85C-431D-851D-33EBBB64EC4B}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{34EFECF9-D2DC-414B-A068-4E4C11EB15A0}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{7415C043-6DD1-4770-A6C8-153E8015635A}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{B0039ED2-34D8-4DFB-B8EB-41154C09EB05}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{CEABD935-8832-494B-A277-AD723C16E8F8}] => (Allow) E:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{917C14FA-FDFF-4937-BCAE-39FB92079AAC}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{59509B66-C71C-40E8-B222-A05CF7ADA902}] => (Allow) E:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{FD22DB00-BAB7-421D-A3E1-FE4A6BE12D4B}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{902D3AF8-D32A-49DF-BAE8-1CE4254B49EA}] => (Allow) E:\SteamLibrary\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{CCB71434-5169-4097-BA00-7690F3C94336}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{D74360E7-C50A-46DF-AD5E-2C9688CF483A}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{99B4E8E8-1893-45F4-B5B0-AAD3BF112D6F}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{25104F42-C5A8-4AE5-9A08-42298714AADB}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{7894A19D-2B41-4099-9E03-82B6D3308E9D}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0AA59250-7B8C-4F0B-B5D8-E7ED64852855}] => (Allow) E:\Program Files\Ubisoft\Ubisoft Game Launcher\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{14214BC4-7917-4BE6-8A67-A2CFBA885D72}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{306AADBD-AAB4-48E8-B6BE-1D07B1664146}] => (Allow) E:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{2E6F1D60-AAEB-48C7-A51E-38370BF4EF6D}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [UDP Query User{42B6660B-5ED1-4BDF-ACE0-BCE07F03781E}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [{FD2C0B71-4D0F-4808-8575-3745905AD28B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BB29CB11-64CD-4DF4-B66E-A95E49B1CFDB}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{45A508BD-343A-4D9E-945F-70CC137AC76C}C:\program files\vscodium\vscodium.exe] => (Allow) C:\program files\vscodium\vscodium.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F7861289-6A85-4C72-BDBA-083871DE2E4A}] => (Allow) E:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{8D1BB9DB-4E7F-4D46-A3D6-FDDD22AF366C}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{33DFD611-4C4E-4B7C-B1DA-622AFE290435}E:\program files\unity hub\unity hub.exe] => (Allow) E:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{87219C25-F2EC-40E1-97FC-5D4D41F4338F}] => (Allow) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{34020297-0BDC-4BC0-BFD5-3687EAA12AE5}] => (Block) E:\Program Files\Unity\Hub\Editor\2019.4.6f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{BAD16577-D190-4412-98F0-FEFA6098F3EE}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{B13B0A28-5CD1-4D3E-960A-FABE2F743E12}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [TCP Query User{F318B14C-86A2-4A84-9CE2-BCA4DB71EC71}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [UDP Query User{C36AEA6D-181B-4149-AEF0-24A28DF74D3C}E:\emutarkov 12.7.8445\server\server.exe] => (Allow) E:\emutarkov 12.7.8445\server\server.exe (Node.js) [File not signed]
FirewallRules: [{43EC5C06-C5C2-437A-B078-B86D69973A3F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6B3FA829-0710-45F7-A03A-3FD37AEAF171}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{A2390B05-03FD-4FF0-9D91-AD3EC97BD96D}C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\origi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{CB509D4A-F2C1-400A-822A-F96E6F84A3AB}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [{F44F34B3-9256-463E-A5EF-AD01CA3B2D4D}] => (Allow) E:\SteamLibrary\steamapps\common\D.R.O.N.E. The Game\D.R.O.N.E. Launcher.exe (Five Studios Interactive SL -> Five Studios Interactive)
FirewallRules: [TCP Query User{78C9547E-474E-4F31-A8E0-D8386AA715C4}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [UDP Query User{325DCF6B-91C0-4783-A4CE-8E1F092F642D}E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe] => (Allow) E:\program files\epic games\killingfloor2\binaries\win64\kfgame.exe => No File
FirewallRules: [TCP Query User{60E24A6F-4970-4D38-A294-E392C7E62792}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{D7ED7EBC-65F4-44DE-9E4B-129A75F9D25B}E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\program files\epic games\rs2v\binaries\win64\risingstorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{A3134F08-16BE-4B7D-89F4-48A33035CF54}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{F0FD4D93-F6DE-411F-86C9-C69D2BCB6794}E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) E:\program files\call of duty black ops cold war beta\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{95179F55-D539-4CCD-A60D-E65966490B8D}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe () [File not signed]
FirewallRules: [UDP Query User{54D767F1-03F2-4457-948B-AF0FB9A293E0}E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe] => (Allow) E:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mcc-win64-shipping-winstore.exe () [File not signed]
FirewallRules: [{7187FD66-B038-40AA-9455-58B0BDE2B267}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A193A34-7EFE-4DFA-A067-4E753DB615F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{027D44AF-D56D-4483-963E-AC5795B19E62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08A7615C-013D-445F-8E0E-E7BD1ED90D6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{19752260-5051-43C3-B0BA-962487E1C33F}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{C4763C34-DCA4-4E02-B3D0-A49C58951873}E:\games\dying light - ultimate collection\dyinglightgame.exe] => (Allow) E:\games\dying light - ultimate collection\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [TCP Query User{6D2A8BAA-6BB1-4876-9122-F48193FF86BF}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{B6446B56-F82C-4ABC-BB1F-637DEC2B7F89}E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) E:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [{A933E254-B7CE-4C1A-888A-C3E35222C782}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{44B75A98-6FC8-40C6-9EBF-C16D01755B28}] => (Allow) E:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [TCP Query User{940071B3-1041-4A24-9CD6-36A0502F8418}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
FirewallRules: [UDP Query User{F10D8E68-791F-40DA-B562-571EC41B5850}E:\games\risk of rain 2\risk of rain 2.exe] => (Allow) E:\games\risk of rain 2\risk of rain 2.exe () [File not signed]
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:476.31 GB) (Free:119.68 GB) (25%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (12/06/2020 04:37:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x28e8
Faulting application start time: 0x01d6cb91e9f7e2a0
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: db90130c-9aaa-45cc-9010-e01610dcf341
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x28b4
Faulting application start time: 0x01d6cb91e97bd1b4
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 7908b1d8-0c93-4dbc-a621-274dc0d5425c
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x20b8
Faulting application start time: 0x01d6cb91e918a995
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: a9758ea4-2064-4670-825d-8025562ddd3d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1a08
Faulting application start time: 0x01d6cb91e8b68a7b
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: c8a74a02-407a-4c57-8522-a3a83a026f71
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x2964
Faulting application start time: 0x01d6cb91e85463a1
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 4f948581-5036-4b0b-bdde-19cba6c695ef
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x3c4
Faulting application start time: 0x01d6cb91e7f068b1
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 86d57a2d-acbc-4365-b53c-b0dacb04b3b6
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x28c4
Faulting application start time: 0x01d6cb91e78a8393
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 74a3e0b9-a4e2-4276-884d-565a60a32a0e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2020 04:37:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x27c8
Faulting application start time: 0x01d6cb91e727ddf4
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: e1c9ad09-e021-4492-a68e-51e6b2bf1741
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (12/06/2020 04:53:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AORUS LCD Panel Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/06/2020 04:53:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (12/06/2020 04:53:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-Q4STC4U)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.
 
Error: (12/06/2020 01:59:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (12/06/2020 01:58:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service depends on the IP Helper service which failed to start because of the following error: 
The operation completed successfully.
 
Error: (12/06/2020 01:58:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The netprofm service terminated with the following error: 
The device is not ready.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F8 05/24/2019
Motherboard: Gigabyte Technology Co., Ltd. Z390 UD
Processor: Intel® Core™ i7-9700KF CPU @ 3.60GHz
Percentage of memory in use: 42%
Total physical RAM: 16315.74 MB
Available physical RAM: 9317.91 MB
Total Virtual: 29627.74 MB
Available Virtual: 20189.04 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:476.31 GB) (Free:119.68 GB) NTFS
Drive e: (General Data) (Fixed) (Total:1863 GB) (Free:84.14 GB) NTFS
 
\\?\Volume{b980258e-7d1d-4849-9afc-62f134671dbe}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{a0c79aa4-df4d-c91a-9b4d-d792d91b3c8f}\ () (Fixed) (Total:0.12 GB) (Free:0 GB) NTFS
\\?\Volume{5b1288a7-6dfa-3ed5-2a67-433444f12d55}\ () (Fixed) (Total:0.23 GB) (Free:0 GB) NTFS
\\?\Volume{80d34bf8-f98b-51da-b17a-8eba6eddd503}\ () (Fixed) (Total:0.66 GB) (Free:0 GB) NTFS
\\?\Volume{0b93ca05-ce54-9fb7-26ea-9bfb7aa697a4}\ () (Fixed) (Total:3.6 GB) (Free:0 GB) NTFS
\\?\Volume{3db56128-1cef-3089-2d29-5603c1d1e215}\ () (Fixed) (Total:3.01 GB) (Free:0 GB) NTFS
\\?\Volume{fef99fd2-93ea-80ca-9155-61e105c116a9}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{6c13b06c-a0dc-e5f8-ab8a-7be7b50dd034}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{39facdf8-c027-8a74-e579-ac7250cc7dc1}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{e930a4ec-d1bd-3b79-11a2-3df525ee525a}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{eaca5632-2c1b-ac1d-f709-31a4953839c1}\ () (Fixed) (Total:3.45 GB) (Free:0 GB) NTFS
\\?\Volume{68f7e57c-6419-88e0-5f5a-c90c1a5bf2f9}\ () (Fixed) (Total:0.39 GB) (Free:0 GB) NTFS
\\?\Volume{6f91f53b-c14a-3a64-b8d5-75033d930404}\ () (Fixed) (Total:134.04 GB) (Free:0 GB) NTFS
\\?\Volume{9a8732ff-18d5-0322-1c0f-0df7da13f473}\ () (Fixed) (Total:0.38 GB) (Free:0 GB) NTFS
\\?\Volume{0fa0f211-8bd9-4599-9a11-04caf0476453}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: C1BCBF4B)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 9.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 10.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 11.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 12.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 13.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 14.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 15.
 
==================== End of Addition.txt =======================

 

Attached Thumbnails

  • Screenshot 2020-12-06 170343.png

  • 0

#29
DR M
Posted 07 December 2020 - 06:58 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi.

It's good that the initial issue is resolved. As for your desktop background, can you fix it by inserting it again or the problem is permanent now? If the latter is happening, then you should consider asking for help from the Hardware forum here, as it may be a sign of graphics problem.

Now let's do some cleaning and check services:

1. Try to remove Kaspersky again

Use the Kaspersky removal tool as you did before, following the instructions here: https://support.kasp...all/1464#block2

Please report here if any problem during the procedure.


2. Run FSS to check services

  • Please download Farbar Service Scanner and save it on your Desktop.
  • Right click on the tool icon and run it as administrator.
  • Make sure all the options are checked.
  • Click on the Scan button.
  • It will create a log (FSS.txt) on your Desktop.
  • Copy and paste the log's content to your next reply.

 

3. Run FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

In your next reply please post

1. What happened with Kaspersky removal tool
2. The FSS.txt
3. The fixlog.txt


  • 0

#30
Mingo_TTV
Posted 08 December 2020 - 12:23 AM

Mingo_TTV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Yeah the desktop wallpaper was fixed in a couple of clicks, I just thought it was interesting that it happened in the first place after the reset. 

I'm trying to access the link you added under the Kapersky Removal Tool and I am still unable to access it. Would you possibly be able to copy what it says there, otherwise I can just google it if needed.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP