Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Problems with pc


  • Please log in to reply

#1
Dohnovan

Dohnovan

    Member

  • Member
  • PipPip
  • 68 posts

I have been having problems with my pc for months now and I'm not sure what to do. My computer is way slower and takes forever to boot up now. I'm not sure if it's because of malware or spyware but it's been a problem for a bit. I have also been having problems with my antivirus. I had the one month option selected in farbar, I'm not sure if that's a problem. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Dohnovan (administrator) on DESKTOP-LBHF8BQ (Micro-Star International Co., Ltd MS-7A38) (22-12-2020 11:19:45)
Running from C:\Users\Dohnovan\Desktop
Loaded Profiles: Dohnovan
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Users\Dohnovan\Desktop\Genshin Impact\launcher.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\AMD\Performance Profile Client\RyzenMaster\AUEPRyzenMasterAC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361132.inf_amd64_1f7832db1fb1721f\B361196\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361132.inf_amd64_1f7832db1fb1721f\B361196\atiesrxx.exe
(A-Volute -> ) C:\Program Files\SteelSeries\SS Audio\Foundation\SSAudioSvc32.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Discord Inc. -> Discord Inc.) C:\Users\Dohnovan\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dohnovan\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dohnovan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe <2>
(The Qt Company Oy -> The Qt Company Ltd.) C:\Users\Dohnovan\Desktop\Genshin Impact\QtWebEngineProcess.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [68822328 2020-12-09] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-20] (Valve -> Valve Corporation)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514608 2020-12-10] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Discord] => C:\Users\Dohnovan\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514608 2020-12-10] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\87.1.18.75\Installer\chrmstp.exe [2020-12-18] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-15]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0637FEC9-06AC-449A-BF4E-E6BED95DCC3A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {08E5B611-4DA5-4724-BF5F-CEB73F9E0C7D} - System32\Tasks\SSAudioSvc64Run => C:\Program Files\Steelseries\SS Audio\Foundation\x64\SSAudioSvc64.exe [797088 2020-01-08] (A-Volute -> )
Task: {0928E190-F287-4F5C-B4C2-C91EBEF0A617} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {0AE5AFF8-DA37-4C4D-BCBF-4A9756DF79D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AFE60A3-3C00-4AF5-BFF5-8D96C9C8F860} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {3CDC5251-0B55-4A4A-9579-2488F886DFF1} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {568E4EEF-5E99-4C66-B8E9-DA74BFF2DCA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {6362EC19-6715-47A3-9A15-F835690645AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {72272DFC-049E-46D5-8C98-9563407B5D9D} - System32\Tasks\SSAudioSvc32Run => C:\Program Files\Steelseries\SS Audio\Foundation\SSAudioSvc32.exe [1299872 2020-01-08] (A-Volute -> )
Task: {7D175ED4-61FE-450C-9073-38242E442B00} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {7D484749-46DF-40A9-AF50-007BE595726C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {7FA9297C-A680-4599-8F69-9B5EEB62B562} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8509A40D-10D6-45D9-895E-94C7A3F3F0D4} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Dohnovan\Downloads\esetonlinescanner_enu.exe [15012440 2020-11-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8D9E4B5D-B55E-4A9C-9A5F-61CDAC51320E} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2108490749-413910539-1021375685-1003 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-09] (Microsoft Windows -> )
Task: {9B71F504-D30A-4432-A5B6-B56CAAD31691} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [895080 2020-10-28] (Bitdefender SRL -> Bitdefender)
Task: {B6928123-FBFA-4D0E-91EA-C81EB0C167C8} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B79F3B0E-1D13-435E-96AC-8F6757E33C16} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC2173B5-C39F-40B2-99E4-F41B28F26961} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C3C72E27-BE05-4DBD-9484-48B8A42FD0AF} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CA2648CC-46F6-4596-A94D-30A0110515FA} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Dohnovan\Downloads\esetonlinescanner_enu.exe [15012440 2020-11-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {DD89C244-71DD-449A-8122-B2146D339BD7} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DFC1261E-30C4-4D33-86B3-AC5EF056A2C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E90C32A5-7EE5-42DC-97BD-B7CEDA264326} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F1567A25-4B79-45E7-B65D-3C8975B8BB74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1a8f5a04-83c8-490b-b4bc-64e8c2c6fd6d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1cd6b0cf-5059-4ef2-9609-a8d02c0c81b4}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{3c01823b-a919-4197-a2ce-b7ef6cd5d03a}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{57a5de9c-d2e2-48be-96b9-44b1389dcc84}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8f09853e-c450-47d3-b7bc-5aedbe848278}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{dad6bf82-733a-495c-84a7-154afa6ad446}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e0510115-42dc-46d8-842a-cc54eeda8aa9}: [DhcpNameServer] 10.0.1.1
 
Edge: 
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-12]
Edge Extension: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-11]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-21]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-11-21]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2020-12-12]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [No File]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default [2020-12-22]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Slides) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-14]
CHR Extension: (Docs) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-14]
CHR Extension: (Google Drive) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (Sheets) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-14]
CHR Extension: (Google Docs Offline) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (MetaMask) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2020-12-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [125488 2020-05-26] (Perfect World Entertainment -> Perfect World Entertainment Inc)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61832 2020-11-13] (Advanced Micro Devices, Inc. -> AMD)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-17] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5136328 2020-12-21] (SurfRight B.V. -> SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-21] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1355768 2020-10-28] (Bitdefender SRL -> Bitdefender)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-28] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-12-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-12-08] (Razer USA Ltd. -> Razer Inc.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-12-15] (SteelSeries ApS -> )
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [581792 2020-12-08] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2638328 2020-12-08] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [481936 2020-12-08] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [429800 2020-12-21] (SurfRight B.V. -> SurfRight B.V.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-21] (Malwarebytes Inc -> Malwarebytes)
S3 ocznvme; C:\WINDOWS\System32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [53656 2020-11-15] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [135688 2016-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [37360 2019-04-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [640760 2020-10-02] (Bitdefender SRL -> Bitdefender)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Corporation) [File not signed]
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2018-02-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-06-19] (Zemana Ltd. -> Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-12-22 11:19 - 2020-12-22 11:23 - 000026203 _____ C:\Users\Dohnovan\Desktop\FRST.txt
2020-12-22 11:15 - 2020-12-22 11:15 - 002286592 _____ (Farbar) C:\Users\Dohnovan\Downloads\FRST64.exe
2020-12-22 10:26 - 2020-12-22 10:26 - 000000017 _____ C:\Users\Dohnovan\Desktop\twitch.txt
2020-12-21 10:31 - 2020-12-21 10:31 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-12-21 10:22 - 2020-12-21 10:22 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-21 10:19 - 2020-12-21 10:29 - 000003116 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-12-21 10:19 - 2020-12-21 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-12-21 10:15 - 2020-12-21 10:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-21 10:04 - 2020-11-17 14:52 - 001753912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-21 10:04 - 2020-11-17 14:52 - 001753912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-21 10:04 - 2020-11-17 14:52 - 001359680 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-21 10:04 - 2020-11-17 14:52 - 001359680 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-21 10:04 - 2020-11-17 14:52 - 001047992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-21 10:04 - 2020-11-17 14:52 - 001047992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-21 10:04 - 2020-11-17 14:52 - 000910456 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-21 10:04 - 2020-11-17 14:52 - 000910456 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-21 10:04 - 2020-11-17 14:51 - 001593664 _____ (AMD) C:\WINDOWS\system32\coinst_20.45.dll
2020-12-21 10:04 - 2020-11-17 14:51 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-12-21 10:04 - 2020-11-17 14:50 - 001490752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2020-12-21 10:04 - 2020-11-17 14:50 - 001356096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-12-21 10:04 - 2020-11-17 14:50 - 000150336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-21 10:04 - 2020-11-17 14:50 - 000130880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-21 10:04 - 2020-11-17 13:15 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2020-12-21 10:04 - 2020-11-17 13:15 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2020-12-21 10:04 - 2020-11-17 13:15 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2020-12-21 10:04 - 2020-11-17 13:15 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2020-12-21 10:04 - 2020-11-17 13:15 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2020-12-21 09:58 - 2020-12-21 09:58 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-21 09:58 - 2020-12-21 09:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-21 06:44 - 2020-12-21 06:44 - 001006032 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2020-12-21 06:44 - 2020-12-21 06:44 - 001004496 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2020-12-21 06:44 - 2020-12-21 06:44 - 000179144 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpshell.dll
2020-12-20 09:43 - 2020-12-21 10:29 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-12-11 12:00 - 2020-12-11 12:00 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\552BB782.sys
2020-12-11 08:32 - 2020-12-11 08:32 - 000253976 _____ (Cisco Webex LLC) C:\Users\Dohnovan\Downloads\webex (1).exe
2020-12-09 19:08 - 2020-12-09 19:08 - 030469496 _____ (Piriform Software Ltd) C:\Users\Dohnovan\Downloads\ccsetup574.exe
2020-12-09 19:01 - 2020-12-22 11:33 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\discord
2020-12-09 19:00 - 2020-12-09 19:01 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Discord
2020-12-09 19:00 - 2020-12-09 19:00 - 068822328 _____ (Discord Inc.) C:\Users\Dohnovan\Downloads\DiscordSetup (2).exe
2020-12-09 15:51 - 2020-12-09 15:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-09 15:50 - 2020-12-09 15:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-09 15:50 - 2020-12-09 15:50 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-09 15:50 - 2020-12-09 15:50 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 15:50 - 2020-12-09 15:50 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-09 15:50 - 2020-12-09 15:50 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 15:50 - 2020-12-09 15:50 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 15:50 - 2020-12-09 15:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 15:50 - 2020-12-09 15:50 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-09 15:50 - 2020-12-09 15:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-09 15:50 - 2020-12-09 15:50 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-09 15:50 - 2020-12-09 15:50 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-09 15:49 - 2020-12-09 15:49 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-09 15:49 - 2020-12-09 15:49 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 15:49 - 2020-12-09 15:49 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 15:49 - 2020-12-09 15:49 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 15:49 - 2020-12-09 15:49 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-09 15:49 - 2020-12-09 15:49 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-09 15:49 - 2020-12-09 15:49 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-09 15:49 - 2020-12-09 15:49 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 15:49 - 2020-12-09 15:49 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-09 15:49 - 2020-12-09 15:49 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-04 00:23 - 2020-12-04 00:23 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2747D718.sys
2020-11-29 20:51 - 2020-12-20 08:57 - 000000518 _____ C:\Users\Dohnovan\Desktop\genshin impact.txt
2020-11-29 20:50 - 2020-11-29 20:50 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\.mono
2020-11-29 20:49 - 2020-11-29 20:49 - 000000000 ____D C:\Users\Dohnovan\AppData\LocalLow\miHoYo
2020-11-29 17:57 - 2020-11-29 17:57 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\miHoYo
2020-11-29 17:56 - 2020-12-21 22:17 - 000000000 ____D C:\Users\Dohnovan\Desktop\Genshin Impact
2020-11-29 17:56 - 2020-11-29 17:56 - 000000822 _____ C:\Users\Public\Desktop\Genshin Impact.lnk
2020-11-29 17:56 - 2020-11-29 17:56 - 000000822 _____ C:\ProgramData\Desktop\Genshin Impact.lnk
2020-11-29 17:56 - 2020-11-29 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact
2020-11-29 17:54 - 2020-11-29 17:54 - 127562752 _____ (miHoYo Co.,Ltd) C:\Users\Dohnovan\Downloads\GenshinImpact_install_20201028210739.exe
2020-11-28 15:39 - 2020-12-12 21:48 - 000000091 _____ C:\Users\Dohnovan\Desktop\d&d info.txt
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-12-22 11:33 - 2020-06-18 15:04 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4C0E0C52-0BCF-4545-B5E0-AA2D9A8EA0A4}
2020-12-22 11:29 - 2020-04-29 21:54 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-12-22 11:29 - 2019-06-19 14:48 - 004040413 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-12-22 11:21 - 2019-06-19 19:30 - 000000000 ____D C:\FRST
2020-12-22 11:20 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-22 11:16 - 2019-06-19 19:29 - 002286592 _____ (Farbar) C:\Users\Dohnovan\Desktop\FRST64.exe
2020-12-22 10:11 - 2020-06-18 14:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-22 07:09 - 2019-08-06 19:21 - 000000000 ____D C:\Program Files\CCleaner
2020-12-21 16:30 - 2018-05-21 15:36 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\D3DSCache
2020-12-21 16:24 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-21 10:39 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-21 10:39 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-21 10:33 - 2017-12-08 21:06 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-21 10:31 - 2017-12-09 10:39 - 000000000 ___RD C:\Users\Dohnovan\OneDrive
2020-12-21 10:31 - 2017-04-11 09:20 - 000000000 ____D C:\Program Files\AMD
2020-12-21 10:22 - 2020-06-18 15:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-21 10:22 - 2020-06-18 14:39 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-21 10:22 - 2019-06-19 14:54 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-12-21 10:22 - 2019-06-19 14:54 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-12-21 10:21 - 2019-12-07 02:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-21 10:21 - 2017-04-11 09:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-21 10:19 - 2020-06-18 15:04 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-12-21 10:16 - 2018-04-14 09:45 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\CrashDumps
2020-12-21 10:04 - 2017-04-11 09:20 - 000000000 ____D C:\AMD
2020-12-21 09:58 - 2020-08-09 15:14 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-21 09:58 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-21 09:58 - 2019-07-21 13:34 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-21 09:58 - 2019-07-21 13:34 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-21 09:57 - 2019-07-21 13:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-21 06:44 - 2019-06-19 14:54 - 000429800 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys
2020-12-20 17:50 - 2020-06-18 15:04 - 000003824 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-12-20 17:50 - 2020-06-18 15:04 - 000003382 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-12-20 17:50 - 2019-06-20 09:43 - 000000808 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-12-20 09:13 - 2018-03-13 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-12-19 10:40 - 2020-06-13 09:56 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 10:40 - 2020-06-13 09:56 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-19 10:40 - 2020-06-13 09:56 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-18 11:06 - 2020-09-19 14:59 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-12-18 11:06 - 2020-09-19 14:59 - 000002330 _____ C:\Users\Public\Desktop\Brave.lnk
2020-12-18 11:06 - 2020-09-19 14:59 - 000002330 _____ C:\ProgramData\Desktop\Brave.lnk
2020-12-17 09:02 - 2019-12-07 02:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2020-12-16 16:15 - 2017-04-07 14:15 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-11 12:45 - 2019-04-05 08:21 - 000000000 ____D C:\Users\Dohnovan\Desktop\mbar
2020-12-11 12:45 - 2019-04-05 08:21 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-12-09 19:20 - 2020-06-18 10:03 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-09 19:20 - 2018-01-25 14:56 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\BitTorrent
2020-12-09 19:15 - 2020-07-04 13:49 - 000000000 ____D C:\Users\Dohnovan\Desktop\Tauri Launcher
2020-12-09 19:15 - 2017-12-09 12:16 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-09 19:09 - 2020-06-18 15:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-09 19:09 - 2019-08-06 19:21 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-09 19:09 - 2019-08-06 19:21 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-12-09 19:01 - 2020-09-08 07:36 - 000002249 _____ C:\Users\Dohnovan\Desktop\Discord.lnk
2020-12-09 19:01 - 2017-12-08 21:16 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-12-09 19:01 - 2017-12-08 21:15 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\SquirrelTemp
2020-12-09 17:19 - 2020-06-18 14:49 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-09 17:14 - 2020-06-18 14:39 - 000436016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-09 17:10 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 15:57 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 10:59 - 2018-01-14 10:42 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-08 10:59 - 2018-01-14 10:42 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-08 10:59 - 2018-01-14 10:42 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-08 08:50 - 2020-04-29 22:13 - 000481936 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-12-08 08:50 - 2020-04-29 22:13 - 000386800 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2020-12-08 08:49 - 2020-04-29 22:13 - 002638328 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-12-08 08:49 - 2020-04-29 22:13 - 000802976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-12-04 01:02 - 2019-06-30 10:48 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\NPE
2020-12-03 14:52 - 2020-06-18 15:04 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 14:52 - 2020-06-18 15:04 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-28 01:39 - 2020-11-02 09:08 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6b1325f7ebb04
2020-11-28 01:39 - 2020-11-02 09:07 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b1323b307d96
2020-11-24 10:05 - 2020-06-18 15:04 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2108490749-413910539-1021375685-1003
2020-11-24 10:05 - 2020-06-18 13:32 - 000002379 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-23 22:43 - 2020-04-04 11:09 - 000000109 _____ C:\Users\Dohnovan\Desktop\pwi password.txt
2020-11-22 13:52 - 2020-06-18 13:32 - 000000000 ____D C:\Users\Dohnovan
 
==================== Files in the root of some directories ========
 
2017-12-18 13:43 - 2017-12-18 13:43 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2019-12-02 19:28 - 2019-12-02 19:28 - 000000000 _____ () C:\Users\Dohnovan\AppData\Local\{2E790E1A-D8C4-4654-B4E8-3C78CC7E0B81}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Dohnovan (22-12-2020 11:35:15)
Running from C:\Users\Dohnovan\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-06-18 22:05:25)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2108490749-413910539-1021375685-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2108490749-413910539-1021375685-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2108490749-413910539-1021375685-1002 - Limited - Disabled)
Dohnovan (S-1-5-21-2108490749-413910539-1021375685-1003 - Administrator - Enabled) => C:\Users\Dohnovan
Guest (S-1-5-21-2108490749-413910539-1021375685-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2108490749-413910539-1021375685-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
APOInstallerMSISetup (HKLM\...\{5C4734F8-9AF3-4324-A36E-DC147853B2F5}) (Version: 1.2.1101 - Steelseries) Hidden
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.1.0.17816 - Perfect World Entertainment)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.36.1 - Asmedia Technology)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{C9BA81B6-4A0F-454A-B331-81A45A57573E}) (Version: 1.2.1101 - Steelseries) Hidden
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.17.169 - Bitdefender)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 87.1.18.75 - Brave Software Inc)
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
Discord (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.5.3.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.8.889 - SurfRight B.V.)
Intel® Wireless Bluetooth® (HKLM-x32\...\{0E13241D-76B0-4A4C-9665-3969F55C08D5}) (Version: 19.40.1702.1091 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{263d87d0-9772-40be-ab36-eabbdbff49f7}) (Version: 21.20.1 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20332 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.1.0 - Nexon)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Path of Building version 1.4.137 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.137 - Openarl)
ProductDaemonSetup (HKLM\...\{C31282E4-C1A3-433C-A803-D9ED4A99DC8F}) (Version: 1.2.1101 - Steelseries) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.21.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1215.121019 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SSAudio (HKLM-x32\...\{1c112a1f-1120-415d-85ab-7a3de5b0a9c2}) (Version: 1.2.1101 - Steelseries)
SSAudioDaemonMSISetup (HKLM\...\{CDEA766D-38C5-448B-8316-02D01C842E1E}) (Version: 1.2.1101 - Steelseries) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.14 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.14 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
The Witcher 3 Mod Manager (HKLM\...\{B8F09437-C8B5-4DFD-B655-C93E8C05A8DE}) (Version: 0.6.4 - stefan3372)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-3) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
 
Packages:
=========
9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.3.75.0_x64__hvr7qkvwfhvx6 [2020-07-19] (Magik Hub) [MS Ad]
Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-12] (eyeo GmbH)
AdGuard AdBlocker -> C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-11] (Performix)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.183.600.0_x86__kgqvnymyfvs32 [2020-12-11] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.6.10.0_x86__h6adky7gbf63m [2020-12-17] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.38.3802.0_x86__ytsefhwckbdv6 [2020-12-15] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.0.5_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-29] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-12-09] (Plex)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-12-27] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [HitmanPro.Alert Shell Extension] -> {6FAC02B7-77D6-418B-AC11-962C65CDE8DD} => C:\WINDOWS\system32\hmpshell.dll [2020-12-21] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-07-27 14:14 - 2020-07-27 14:14 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-19 05:40 - 2020-03-19 05:40 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2020-03-19 05:40 - 2020-03-19 05:40 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2020-03-08 15:32 - 2012-11-14 03:04 - 000327680 _____ () [File not signed] C:\Users\Dohnovan\Desktop\Epic Perfect World\patcher\p2sp_4th_lib.dll
2020-03-08 15:32 - 2014-03-08 17:04 - 000098304 _____ () [File not signed] C:\Users\Dohnovan\Desktop\Epic Perfect World\patcher\PackDLL.dll
2020-03-08 15:32 - 2012-11-14 03:04 - 000040960 _____ () [File not signed] C:\Users\Dohnovan\Desktop\Epic Perfect World\patcher\SysInfo.dll
2020-12-20 22:30 - 2020-12-11 16:37 - 000445952 _____ () [File not signed] C:\Users\Dohnovan\Desktop\Genshin Impact\MHYQtCommon.dll
2020-11-13 14:48 - 2020-11-13 14:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2019-12-23 09:49 - 2019-12-23 09:49 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-12-23 09:49 - 2019-12-23 09:49 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2020-12-20 22:30 - 2020-12-11 16:29 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Dohnovan\Desktop\Genshin Impact\libcrypto-1_1-x64.dll
2020-12-20 22:30 - 2020-12-11 16:29 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Dohnovan\Desktop\Genshin Impact\libssl-1_1-x64.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000058880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-13 15:00 - 2020-11-13 15:00 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2020-11-29 17:56 - 2020-12-11 16:29 - 006159480 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Dohnovan\Desktop\Genshin Impact\Qt5Core.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> {DFAEECB9-2C31-4635-BFCD-485BAEABDD31} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll => No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 14:03 - 2017-03-18 14:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\Dohnovan\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "OPENVPN-GUI"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F0412D97-2B69-47C9-BBFB-2ED8469D7CE2}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{54B9FF3F-545D-4E04-86D8-EA8F5621F500}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{A0E149A6-970C-44C4-AFFC-02FC91A4CB96}C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{C8177E75-DFAB-46C2-B950-CE420F73D664}C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{1A19CF1E-D116-42F0-B9A7-384643F19007}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{EB032B57-B507-45D3-A36B-2EB7427FE64F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{8B20679D-6B13-4526-A9F9-DA769BDB75F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [{6194837C-5728-41B2-9102-A3C8FA70A4DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]
FirewallRules: [{E246DB11-0299-4E9E-BAF1-F9600C9E1E87}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F01FBF58-567C-4C2D-9E09-69501E7126D0}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0C6F481E-F930-4C76-AE5C-202166C80AE3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{3A8F03ED-1DF4-4EFC-AB24-470F3D8E2A04}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A73A6A68-3D6E-4ACB-BB1C-69891D2BC2E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D98FA1A5-1463-4F80-B944-62DCFE82B0DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{21FC1428-1EFB-47FF-BF78-DB5B1945382E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A8E5B1A0-6D7D-4D9C-96E1-B72039726CC2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3D351B8C-C55C-4E63-8639-18CAD54C17A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{F51AAC48-DBDB-4C61-8F51-A45DA1FA8EB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{778DC5E1-C574-45F8-B392-C78E46DEBF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]
FirewallRules: [{9D6CABF9-DFDA-4F3C-9AC8-6092BAA007E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]
FirewallRules: [{8D6BD339-6DB0-4B01-B064-950E1CB534FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{D37551E3-AE21-495A-90C1-0CE6907D3259}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{47CDB22F-7783-4CED-BF1C-D9ACDD81E0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{7F676C03-41AA-4617-AA13-BC0B88A05086}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{F2E459D0-8C52-44F9-B805-AFDA263B500D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AE0EC883-ECC1-4257-9241-1C9586835901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{2C813A9F-F998-4D44-8B34-6963CF481A47}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{355EBCE9-2330-4B92-8E46-C7C76C402DA4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{4F7CACBF-BBB5-428E-B6EE-D1163044D084}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{31B319D4-01B2-48FE-81A7-51110CE771B7}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{732F52FA-463B-4228-8163-A5EC1E0B8C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{50E286A9-EC43-4A42-82B3-B541B6893C62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{1F8ED8C6-7BC4-4A9D-A0C4-CB325EFD5D6B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{E1E9BDFC-BB39-4D5E-B9CC-F37AA903F734}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{C00B9E7C-48C9-403C-A6C7-EF0F869BEEC6}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [TCP Query User{A233F08F-5982-4711-85E2-A5AB6B2413D6}C:\users\dohnovan\desktop\tauri launcher\launcher.exe] => (Allow) C:\users\dohnovan\desktop\tauri launcher\launcher.exe => No File
FirewallRules: [UDP Query User{67787C8A-6E03-4C10-A39A-B801F1DA8CC1}C:\users\dohnovan\desktop\tauri launcher\launcher.exe] => (Allow) C:\users\dohnovan\desktop\tauri launcher\launcher.exe => No File
FirewallRules: [{10E915F4-B060-41ED-9099-5EF5FEDC51B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{A1107BB9-D07D-4538-921E-DD81D2AEECB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [TCP Query User{1CCF9CB6-5616-4D68-9F54-857142823256}C:\users\dohnovan\desktop\tauri launcher\launcher.exe] => (Allow) C:\users\dohnovan\desktop\tauri launcher\launcher.exe => No File
FirewallRules: [UDP Query User{1E7F3146-2404-4722-94C4-BF984C21F99B}C:\users\dohnovan\desktop\tauri launcher\launcher.exe] => (Allow) C:\users\dohnovan\desktop\tauri launcher\launcher.exe => No File
FirewallRules: [{0450D4F0-E982-4FBF-A817-393889D462C4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CF2C3AA-B258-40B9-A70E-603E0BA64661}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A3957E32-D9C1-47BE-B58E-D32EC0F2841E}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{88E2F2B2-F5D5-4190-8851-22F655B0AAD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8EE8D815-BB01-472A-9352-DED7E437DEBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8CFE1B7-2112-4A35-9F11-6B7012002BBE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FABF3262-1B4A-4363-8D1B-B47D75C57CFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1811899A-EEA9-42D8-8D9B-8FE5F1770405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{5A4ABCD0-9C26-4B7B-A71B-7A462C5FAEE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
 
==================== Restore Points =========================
 
18-12-2020 21:19:31 Scheduled Checkpoint
21-12-2020 10:10:44 Radeon Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (12/21/2020 10:20:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (12/21/2020 10:16:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.19041.610, time stamp: 0x5d4af3f4
Faulting module name: amdihk64.dll_unloaded, version: 2.0.0.1788, time stamp: 0x5f59853d
Exception code: 0xc0000005
Fault offset: 0x00000000000046bc
Faulting process id: 0x2064
Faulting application start time: 0x01d6d6ef42eba094
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: amdihk64.dll
Report Id: fe04b068-829b-4900-9ec7-dbbe0edfe57b
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
 
Error: (12/21/2020 10:16:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StartMenuExperienceHost.exe, version: 0.0.0.0, time stamp: 0x4fe0bcb3
Faulting module name: amdihk64.dll_unloaded, version: 2.0.0.1788, time stamp: 0x5f59853d
Exception code: 0xc0000005
Fault offset: 0x000000000000598f
Faulting process id: 0x1dcc
Faulting application start time: 0x01d6d6ef39110976
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Faulting module path: amdihk64.dll
Report Id: 580cc87c-dc29-4655-a648-847815aac6ef
Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
 
Error: (12/20/2020 10:27:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2020.20110.11001.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1458
 
Start Time: 01d6d6f524aced96
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
 
Report Id: 3b630268-b55f-451f-adfd-0a06fd7bd804
 
Faulting package full name: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (12/18/2020 09:19:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Windows (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (12/15/2020 01:40:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0x802fb29b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x19c9a147
Faulting process id: 0x22ec
Faulting application start time: 0x01d6d25b9d8a4645
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
Faulting module path: unknown
Report Id: fb9fa198-d076-49d2-8f8c-48525e7943fc
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/15/2020 01:40:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Razer Synapse 3.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Razer.Synapse3.App.ShowErrorWindow()
   at Razer.Synapse3.App.DispatcherOnUnhandledException(System.Windows.Threading.DispatcherUnhandledExceptionEventArgs)
   at Razer.Synapse3.App+<>c.<RegisterGlobalExceptionHandling>b__46_1(System.Object, System.Windows.Threading.DispatcherUnhandledExceptionEventArgs)
   at System.Windows.Threading.DispatcherUnhandledExceptionEventHandler.Invoke(System.Object, System.Windows.Threading.DispatcherUnhandledExceptionEventArgs)
   at System.Windows.Threading.Dispatcher.CatchException(System.Exception)
   at System.Windows.Threading.Dispatcher.CatchExceptionStatic(System.Object, System.Exception)
   at System.Windows.Threading.ExceptionWrapper.CatchException(System.Object, System.Exception, System.Delegate)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
 
Error: (12/14/2020 10:58:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.546 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 484c
 
Start Time: 01d6d2a72a07e897
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 
Report Id: 4b019386-dc4a-433a-910b-30bfd8cf3ac6
 
Faulting package full name: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: CortanaUI
 
Hang type: Activation
 
 
System errors:
=============
Error: (12/21/2020 10:31:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (12/21/2020 10:31:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/21/2020 10:31:50 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The AMD User Experience Program Launcher service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (12/21/2020 10:22:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AMDRyzenMasterDriver service failed to start due to the following error: 
The system cannot find the path specified.
 
Error: (12/21/2020 10:21:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsserv service.
 
Error: (12/21/2020 10:20:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LBHF8BQ)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.
 
Error: (12/21/2020 10:20:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LBHF8BQ)
Description: The server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
 
Error: (12/21/2020 10:10:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
 
Date: 2020-12-22 10:15:54.0420000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 10:15:54.0390000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 10:15:54.0260000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 04:22:49.6980000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 04:22:49.6950000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 04:22:49.6880000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 04:22:49.6850000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
Date: 2020-12-22 04:22:49.6740000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265038319206311538\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1.51 05/02/2017
Motherboard: Micro-Star International Co., Ltd B350M BAZOOKA (MS-7A38)
Processor: AMD Ryzen 5 1400 Quad-Core Processor 
Percentage of memory in use: 83%
Total physical RAM: 8144.69 MB
Available physical RAM: 1383.36 MB
Total Virtual: 18087.41 MB
Available Virtual: 4186.05 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:189.22 GB) NTFS
 
\\?\Volume{34b487b2-1f24-455b-888b-88fe24145180}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{7c6e70a3-6b38-47db-a32a-880393128539}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1BA58450)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,720 posts

Hello, based on the logs your system appears to be clean. I recommend opening a topic in the correct section, for example here: http://www.geekstogo...199-windows-10/


  • 0

#3
Dohnovan

Dohnovan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Thank you very much for your reply. I will do that, I really appreciate your help and hope you have a wonderful day/night, and if you do celebrate Christmas, Merry Christmas even tho it's a little bit early!


  • 0

#4
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,720 posts

Merry christmas. :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP