Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sluggish Computer


  • Please log in to reply

#1
FrankHamm

FrankHamm

    New Member

  • Member
  • Pip
  • 1 posts

My computer started a few days ago lagging during streaming shows and playing online as well as offline video games, Programs take 2 to 2 times longer to open, and Task manager shows higher use off cpu, gpu and ram. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Franklin (administrator) on FRANKLINSDESKTO (14-02-2021 23:50:07)
Running from C:\Users\oooch\Desktop
Loaded Profiles: Franklin
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpn-browser-helper.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\x86\Endpoint Security Platform\MFEConsole.exe <2>
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\McChHost.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\mfewch.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5004.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5004.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.72.4001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-23] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2233312 2019-08-31] (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2020-03-23] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Jomantha] => E:\Program Files (x86)\n52te\n52teHid.exe [159744 2008-06-13] (Razer USA Ltd.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [267056 2021-01-14] (Razer USA Ltd. -> Razer Inc.)
HKLM\ DisallowedCertificates: 99C494ECE4FC093EEE13C4D65B1B1E01B9B5D434 (U)
HKLM\ DisallowedCertificates: DA36FAF56B2F6FBA1604F5BE46D864C9FA013BA3 (U)
HKLM\ DisallowedCertificates: FCE1B1E25374DD94F5935BEB86CA643D8C8D1FF4 (U)
HKLM\ DisallowedCertificates: FFAD03329B9E527A43EEC66A56F9CBB5393E6E13 (U)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\ DisallowedCertificates: 99C494ECE4FC093EEE13C4D65B1B1E01B9B5D434 (U)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\ DisallowedCertificates: DA36FAF56B2F6FBA1604F5BE46D864C9FA013BA3 (U)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\ DisallowedCertificates: FCE1B1E25374DD94F5935BEB86CA643D8C8D1FF4 (U)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\ DisallowedCertificates: FFAD03329B9E527A43EEC66A56F9CBB5393E6E13 (U)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2478848 2021-02-07] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26319144 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Amazon Music Helper] => C:\Users\oooch\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091960 2020-02-04] (Amazon Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Amazon Music] => C:\Users\oooch\AppData\Local\Amazon Music\Amazon Music.exe********************************************************************* [20137400 2020-02-04] () [File not signed]
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Overwolf] => E:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1752920 2020-12-23] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Discord] => C:\Users\oooch\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514720 2021-01-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151552 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514720 2021-01-18] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [393392 2016-07-21] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-08] (Google LLC -> Google LLC)
Startup: C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\511223.lnk [2016-09-21]
ShortcutTarget: 511223.lnk ->  (No File)
Startup: C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-01-25]
ShortcutTarget: Twitch.lnk -> C:\Users\oooch\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\oooch\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08342276-DE16-461A-8129-09C7DCBB8897} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C907451-0AD5-46D6-BB0D-8E7F5F820DC1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E196B4B-7DE2-4E71-B39C-6976D75E18F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0FF2EFDC-76FC-4EAB-90EA-6522E0E3A3FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {24739695-0F12-487B-A67C-8A318308063C} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {46C5E293-865F-4ADC-993A-5F2FE49139C2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49CBB2BF-ED77-4FE7-A119-E5CE92AF0626} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {522D6B7F-710D-4A7F-8265-4E95B9B1EBE8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {55A61A07-F448-4F4D-B6D9-FA1BED54099C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {57143B35-ACA4-4C90-BFB7-EAE3880EF166} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {65525B46-6E98-4D43-904E-61F6F1153AD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A20E964-A174-4E51-A8C1-C2C6F83B3C7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6EB03C78-0350-47E5-BB73-F7FB91D529C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-25] (Google Inc -> Google Inc.)
Task: {71C36D91-3727-4AB0-BBBC-85AC67BE68E4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77329665-BC4D-4D8E-8E9F-E2FB57EFC47D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FA6962B-40FC-4926-87F0-E45ED24ACE7A} - System32\Tasks\IntegrationManager => C:\Users\oooch\AppData\Local\intmanager\int.exe
Task: {855ACCE4-7200-4D5D-9949-B7BA5FCEE1CC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {8F190172-AF5B-4B99-AF69-1D9D5B010D5D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9FD82C4B-7C3B-4DF7-82F5-3BE23B84D15F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A09F775B-EDE1-46FB-9707-89787FD69253} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB777F20-8C41-4A71-9C24-A2E894241A7D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {BBCB19F7-15F0-42DB-B1BC-C98744751C9B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0BF1EC4-1B26-41B0-80D7-415E435247D6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE73025-58A0-419D-B88D-F6F990B04366} - System32\Tasks\SmartShare => e:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe
Task: {D5C064E7-D34D-457F-A7BE-BF6458B8E0D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-25] (Google Inc -> Google Inc.)
Task: {F2093FE0-D709-4651-9FED-4B604D989036} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2A5A4D9-DEDE-4940-BEBC-EC65A86D262D} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\Engine\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-05] (McAfee, Inc. -> McAfee, LLC.)
Task: {F7A59894-3B20-4C54-9CCD-E6D3C334B11D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8EB546D-E46A-4A3E-ADF4-EB440CE78067} - System32\Tasks\Overwolf Updater Task => E:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488664 2020-12-23] (Overwolf Ltd -> Overwolf LTD)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39c5fa5c-c637-42eb-b8d5-25c40f2b0d02}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{efff2f27-3cd2-407a-8d89-dc6216dfa817}: [DhcpNameServer] 192.168.42.129
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
=======
DownloadDir: E:\downloads
Edge HomeButtonPage: HKU\S-1-5-21-1115690857-3098581168-450002322-1003 -> hxxp://www.google.com/
Edge Extension: (McAfee® Endpoint Security Web Control) -> EdgeExtension_5A894077McAfeeEndpointSecurityWebControl_wafk5atnkzcwy => C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2020-02-22]
Edge Extension: (No Name) -> EdgeExtension_CapitalOneEnofromCapitalOne_jwbp9gf99gyz6 => C:\Program Files\WindowsApps\CapitalOne.EnofromCapitalOne_3.2.0.0_neutral__jwbp9gf99gyz6 [not found]
Edge Extension: (Microsoft S/MIME Control) -> EdgeExtension_MicrosoftOutlookEdgeExtensionSmime_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.Outlook.EdgeExtension.Smime_20.19.814.2_x64__8wekyb3d8bbwe [2020-03-31]
Edge DefaultProfile: Default
Edge Profile: C:\Users\oooch\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-14]
Edge DownloadDir: E:\downloads
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{[email protected]}] - 57697232\extensions\{[email protected]} => not found
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\e10swcffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.safesear.ch/?type=20171129-155-ff-sm
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-14]
CHR DownloadDir: E:\downloads
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/?gws_rd=ssl"
CHR Extension: (BetterTTV) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-17]
CHR Extension: (Docs) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-25]
CHR Extension: (Honey) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-01-07]
CHR Extension: (Eno® from Capital One®) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2021-02-04]
CHR Extension: (Adobe Acrobat) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-15]
CHR Extension: (ExpressVPN: VPN proxy to unblock everything) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Kindle Cloud Reader) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2017-06-23]
CHR Extension: (McAfee Endpoint Security Web Control) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jjkchpdmjjdmalgembblgafllbpcjlei [2020-12-18]
CHR Extension: (McAfee® Web Boost) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klekeajafkkpokaofllcadenjdckhinm [2020-11-16]
CHR Extension: (Capital One Shopping: Save in seconds) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Yahoo Web) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onfbpchiaanlhadkbcpbbmimedgdoaco [2019-10-14]
CHR Extension: (FileConverterSearches) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pacopnfmngmkhdlmedepfmoblolhiaie [2020-11-15]
CHR Extension: (Gmail) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\oooch\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-1115690857-3098581168-450002322-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1115690857-3098581168-450002322-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji]
CHR HKU\S-1-5-21-1115690857-3098581168-450002322-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock]
CHR HKU\S-1-5-21-1115690857-3098581168-450002322-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\mcchplg.crx [2019-10-15]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-15] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2020-03-23] (Express Vpn LLC -> ExpressVPN)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-24] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 InstallRoot; C:\Program Files\DoD-PKE\InstallRoot\InstallRootService.exe [789824 2017-11-16] (CS.DoD PKE Engineering.DoDPKE60003 -> DoD PKE Engineering)
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-23] (Logitech Inc -> Logitech Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S4 mracsvc; C:\WINDOWS\System32\mracsvc.exe [10654992 2018-06-29] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9424040 2020-07-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; E:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2488664 2020-12-23] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-20] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294240 2021-01-15] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-12-08] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [291304 2021-01-14] (Razer USA Ltd. -> Razer Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2018-07-12] (Echobit, LLC -> Echobit, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2020-03-23] (ExprsVPN LLC -> ExpressVPN)
S3 gdrv; C:\Windows\gdrv.sys [26192 2016-05-18] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2020-05-27] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 JmtFltr; C:\WINDOWS\system32\drivers\JmtFltr.sys [46464 2007-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-01-23] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-23] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2020-02-22] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [82368 2021-01-07] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2020-02-22] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2020-02-22] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-02-22] (McAfee, Inc. -> McAfee, LLC)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [28160 2013-07-17] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [9871128 2018-06-29] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [37832 2015-05-07] (Intel® Intel Network Drivers -> Intel Corporation)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2017-04-08] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [53656 2020-11-15] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0088; C:\WINDOWS\System32\drivers\RzDev_0088.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_022b; C:\WINDOWS\System32\drivers\RzDev_022b.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-06-11] (McAfee, Inc. -> The OpenVPN Project)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Corporation) [File not signed]
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 vhidmini; C:\WINDOWS\System32\drivers\vhidmini.sys [13952 2007-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 VOICEMOD_Driver; \SystemRoot\system32\drivers\vmdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-14 23:42 - 2021-02-14 23:48 - 000085017 ____C C:\Users\oooch\Desktop\Addition.txt
2021-02-14 23:34 - 2021-02-14 23:50 - 000039959 ____C C:\Users\oooch\Desktop\FRST.txt
2021-02-14 23:34 - 2021-02-14 23:50 - 000000000 ____D C:\FRST
2021-02-14 23:32 - 2021-02-14 23:32 - 002297856 ____C (Farbar) C:\Users\oooch\Desktop\FRST64.exe
2021-02-14 15:05 - 2021-02-14 15:05 - 000000000 ____D C:\WINDOWS\Panther
2021-02-12 13:43 - 2021-02-12 13:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 13:43 - 2021-02-12 13:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 13:43 - 2021-02-12 13:43 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-12 13:43 - 2021-02-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-09 20:03 - 2021-02-09 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2021-02-09 16:03 - 2021-02-09 16:03 - 000000000 ____D C:\Users\oooch\AppData\Local\Vivox
2021-02-09 15:16 - 2021-02-09 15:16 - 000000000 ____D C:\Users\oooch\AppData\Local\FCT
2021-02-09 15:11 - 2021-02-09 15:11 - 000000223 ____C C:\Users\oooch\Desktop\First Class Trouble Demo.url
2021-02-08 08:09 - 2021-02-08 08:11 - 000000000 ____D C:\ProgramData\BlueStacks
2021-02-08 08:09 - 2021-02-08 08:09 - 000000000 ____D C:\Program Files\BlueStacks
2021-02-05 20:45 - 2021-02-06 03:26 - 000000000 ____D C:\ProgramData\NETC
2021-02-05 20:45 - 2021-02-06 03:26 - 000000000 ____D C:\Program Files (x86)\UTILILAB
2021-02-05 20:45 - 2021-02-05 20:45 - 000000000 ____D C:\Users\oooch\AppData\Roaming\UTILILAB
2021-02-05 20:45 - 2021-02-05 20:45 - 000000000 ____D C:\ProgramData\UTILILAB
2021-02-01 08:41 - 2021-02-01 08:41 - 000000000 ____D C:\Users\oooch\AppData\Roaming\twitch-desktop-electron-platform
2021-01-31 17:09 - 2021-01-31 17:09 - 000001737 ____C C:\Users\oooch\Desktop\Among Us - Shortcut.lnk
2021-01-30 02:56 - 2021-01-23 03:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-30 02:56 - 2021-01-23 03:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-30 02:56 - 2021-01-23 03:57 - 001453720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-30 02:56 - 2021-01-23 03:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-30 02:56 - 2021-01-23 03:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-30 02:56 - 2021-01-23 03:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-30 02:56 - 2021-01-23 03:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-30 02:56 - 2021-01-23 03:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-30 02:56 - 2021-01-23 03:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-30 02:56 - 2021-01-23 03:56 - 001193112 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 001512104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 001164968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 000680088 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 000672936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 000558248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-30 02:56 - 2021-01-23 03:54 - 000547480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 008262312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 007392920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 004611760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 002731184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 002103448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 001732264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446140.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 001589400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 001491608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446140.dll
2021-01-30 02:56 - 2021-01-23 03:53 - 000813208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-30 02:56 - 2021-01-23 03:50 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-23 06:50 - 2021-01-23 06:50 - 000000000 ____D C:\Users\oooch\AppData\Local\Stardock
2021-01-23 06:49 - 2021-01-23 06:50 - 000000000 ____D C:\ProgramData\Stardock
2021-01-20 23:15 - 2021-01-20 23:23 - 000000000 ____D C:\Users\oooch\AppData\Local\Glyph
2021-01-20 23:15 - 2021-01-20 23:23 - 000000000 ____D C:\ProgramData\Glyph
2021-01-20 23:15 - 2021-01-20 23:22 - 000000000 ____D C:\Program Files (x86)\Glyph
2021-01-20 23:15 - 2021-01-20 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2021-01-20 16:57 - 2021-01-20 17:09 - 000000000 ____D C:\Users\oooch\AppData\Roaming\lunarclient
2021-01-20 16:57 - 2021-01-20 16:59 - 000000000 ____D C:\Users\oooch\.lunarclient
2021-01-20 16:57 - 2021-01-20 16:57 - 000002346 ____C C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lunar Client.lnk
2021-01-20 16:57 - 2021-01-20 16:57 - 000000000 ____D C:\Users\oooch\AppData\Local\lunarclient-updater
2021-01-19 17:22 - 2021-02-11 15:41 - 000000000 ____D C:\Users\oooch\AppData\Roaming\crewlink
2021-01-19 17:22 - 2021-01-19 17:22 - 000002353 ____C C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrewLink.lnk
2021-01-19 17:22 - 2021-01-19 17:22 - 000002345 ____C C:\Users\oooch\Desktop\CrewLink.lnk
2021-01-19 17:22 - 2021-01-19 17:22 - 000000000 ____D C:\Users\oooch\AppData\Local\crewlink-updater
2021-01-19 16:25 - 2021-01-19 16:35 - 000000000 ____D C:\Users\oooch\AppData\Roaming\WorldPainter
2021-01-19 16:25 - 2021-01-19 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldPainter
2021-01-19 16:25 - 2021-01-19 16:25 - 000000000 ____D C:\Program Files\WorldPainter
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-14 23:46 - 2017-06-10 10:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-14 23:41 - 2019-08-18 14:24 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{033D1847-5E3D-4A3A-9CCF-E45E29824252}
2021-02-14 23:25 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-14 23:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-14 23:25 - 2018-01-11 03:28 - 000000000 ___DC C:\Users\oooch\AppData\Local\Packages
2021-02-14 23:23 - 2017-03-11 19:54 - 000000000 ___DC C:\Users\oooch\AppData\Roaming\discord
2021-02-14 23:22 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-14 23:22 - 2018-09-24 03:59 - 000000000 ___DC C:\Users\oooch\AppData\Local\Battle.net
2021-02-14 19:31 - 2018-05-09 02:37 - 000000000 ___DC C:\Users\oooch\AppData\Local\D3DSCache
2021-02-14 16:29 - 2019-08-18 14:23 - 000855500 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 16:29 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-14 16:25 - 2020-11-02 10:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-02-14 16:22 - 2019-08-18 14:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-14 16:21 - 2019-03-18 23:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-14 14:51 - 2016-06-30 15:48 - 000000000 ___DC C:\Users\oooch\AppData\Roaming\.minecraft
2021-02-14 12:13 - 2020-02-22 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-02-13 11:54 - 2020-11-11 18:51 - 000000000 ____D C:\Users\oooch\AppData\Local\Overwolf
2021-02-12 22:48 - 2019-08-31 19:33 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-12 22:35 - 2020-06-26 23:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-12 14:46 - 2019-07-10 04:29 - 000000000 ___RD C:\Users\oooch\3D Objects
2021-02-12 14:46 - 2016-02-13 08:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-12 14:45 - 2019-08-18 14:12 - 000459576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 14:44 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 14:39 - 2016-05-25 14:36 - 000000000 ___DC C:\Users\oooch\AppData\Local\CrashDumps
2021-02-12 13:45 - 2019-03-19 01:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-12 13:45 - 2019-03-19 01:20 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-12 13:45 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 13:40 - 2020-05-26 23:10 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-02-12 13:40 - 2019-12-13 13:53 - 000198088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-02-12 13:40 - 2019-11-27 17:25 - 001615824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-02-12 13:40 - 2019-11-27 17:25 - 000167368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-02-12 13:40 - 2019-11-27 17:25 - 000159176 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-02-12 13:40 - 2019-11-27 17:25 - 000038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-02-11 17:02 - 2019-08-18 14:24 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-11 17:01 - 2016-07-11 01:39 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-11 15:58 - 2016-03-03 14:51 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-11 15:48 - 2020-10-27 07:31 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-11 15:45 - 2019-08-18 14:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-11 15:39 - 2020-12-25 10:16 - 000000000 ____D C:\Users\oooch\AppData\Roaming\Origin
2021-02-11 15:31 - 2020-12-30 20:11 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-02-11 15:31 - 2020-12-25 10:16 - 000000000 ____D C:\Users\oooch\AppData\Local\Origin
2021-02-11 15:31 - 2020-12-25 10:16 - 000000000 ____D C:\ProgramData\Origin
2021-02-11 15:31 - 2020-12-25 10:16 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-11 05:29 - 2020-06-26 23:37 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 05:29 - 2020-06-26 23:37 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-11 00:05 - 2019-08-18 14:24 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2019-08-18 14:24 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 00:05 - 2017-06-10 10:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-11 00:05 - 2017-06-10 10:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-11 00:05 - 2017-06-10 10:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-10 17:12 - 2016-08-21 14:36 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-10 13:50 - 2016-05-25 03:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 13:33 - 2016-05-25 03:07 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 20:04 - 2021-01-08 03:17 - 000000000 ____D C:\ProgramData\Razer
2021-02-09 20:03 - 2021-01-08 03:16 - 000000000 ____D C:\Program Files (x86)\Razer
2021-02-09 20:01 - 2021-01-08 03:21 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-02-08 18:51 - 2016-05-25 02:09 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-08 12:23 - 2019-03-18 23:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-08 10:34 - 2019-08-18 14:24 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1115690857-3098581168-450002322-1003
2021-02-08 10:34 - 2019-08-17 19:45 - 000002363 ____C C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 10:34 - 2016-05-25 00:14 - 000000000 ___RD C:\Users\oooch\OneDrive
2021-02-08 08:15 - 2019-08-18 14:24 - 000003952 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-02-08 08:12 - 2020-01-23 12:06 - 000000000 ____D C:\Users\oooch\AppData\Local\BlueStacksSetup
2021-02-08 08:11 - 2020-01-23 12:09 - 000002069 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2021-02-08 08:11 - 2020-01-23 12:09 - 000002069 _____ C:\ProgramData\Desktop\BlueStacks Multi-Instance Manager.lnk
2021-02-08 08:11 - 2020-01-23 12:09 - 000001908 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2021-02-08 08:11 - 2020-01-23 12:09 - 000001908 _____ C:\ProgramData\Desktop\BlueStacks.lnk
2021-02-08 08:11 - 2019-03-14 23:25 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2021-02-08 08:11 - 2019-03-14 23:25 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2021-02-08 08:09 - 2019-05-01 05:36 - 000000000 ____D C:\Users\Public\BlueStacks
2021-02-08 08:09 - 2018-11-12 09:14 - 000000000 ___DC C:\Users\oooch\AppData\Local\Bluestacks
2021-02-06 00:33 - 2016-09-28 03:13 - 000007676 ____C C:\Users\oooch\AppData\Local\Resmon.ResmonCfg
2021-02-04 22:44 - 2019-08-18 14:24 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-04 22:44 - 2019-08-18 14:24 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-03 05:08 - 2016-05-25 00:39 - 000000000 ___DC C:\Users\oooch\AppData\Roaming\vlc
2021-02-02 23:31 - 2021-01-08 03:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-02-02 18:10 - 2017-06-10 10:13 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-02-02 06:41 - 2018-09-25 13:11 - 000000000 ___DC C:\Users\oooch\AppData\Roaming\Twitch
2021-01-30 16:36 - 2016-05-25 00:12 - 000000000 ___DC C:\Users\oooch\AppData\Local\NVIDIA
2021-01-29 05:55 - 2018-08-11 19:42 - 000000000 ____D C:\ProgramData\Riot Games
2021-01-27 06:17 - 2018-12-16 22:51 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-27 06:17 - 2018-12-16 22:51 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-27 06:17 - 2018-12-16 22:51 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-26 07:09 - 2021-01-05 08:32 - 000000000 ____D C:\Users\oooch\AppData\Local\LarianLauncher
2021-01-24 22:38 - 2020-10-30 13:32 - 000070896 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-24 22:38 - 2020-10-30 13:32 - 000059632 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-24 02:34 - 2020-11-02 10:00 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-01-23 06:49 - 2016-05-25 16:38 - 000000000 ____D C:\Users\oooch\OneDrive\Dokumente\My Games
2021-01-23 03:53 - 2021-01-12 14:36 - 000657048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-23 03:50 - 2019-07-26 01:10 - 007116688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-22 17:59 - 2019-07-26 01:10 - 000061071 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-22 14:04 - 2017-06-10 10:13 - 005629168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-22 14:04 - 2017-06-10 10:13 - 002637040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-01-22 14:04 - 2017-06-10 10:13 - 001759472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-01-22 14:04 - 2017-06-10 10:13 - 000991472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-01-22 14:04 - 2017-06-10 10:13 - 000121584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-01-22 14:04 - 2017-06-10 10:13 - 000083696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-01-22 08:28 - 2020-09-07 09:38 - 000000000 ____D C:\Users\oooch\AppData\Local\Riot Games
2021-01-22 06:57 - 2017-07-02 17:49 - 000000518 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-01-22 03:45 - 2017-06-10 10:13 - 009482357 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-01-20 16:57 - 2019-08-17 19:45 - 000000000 ____D C:\Users\oooch
2021-01-17 18:05 - 2018-03-25 14:27 - 000000000 ___DC C:\Users\oooch\AppData\LocalLow\Unity
2021-01-17 15:04 - 2017-02-02 04:00 - 000000000 ___DC C:\Users\oooch\AppData\Local\Ubisoft Game Launcher
2021-01-17 14:19 - 2017-02-02 04:00 - 000000000 ___DC C:\Users\oooch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
 
==================== Files in the root of some directories ========
 
2020-12-03 20:45 - 2020-12-03 20:45 - 000001096 _____ () C:\Users\oooch\AppData\Roaming\discord - Shortcut.lnk
2016-09-28 03:13 - 2021-02-06 00:33 - 000007676 ____C () C:\Users\oooch\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Franklin (14-02-2021 23:52:16)
Running from C:\Users\oooch\Desktop
Windows 10 Home Version 1909 18363.1379 (X64) (2019-08-18 19:24:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1115690857-3098581168-450002322-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1115690857-3098581168-450002322-1021 - Limited - Enabled)
DefaultAccount (S-1-5-21-1115690857-3098581168-450002322-503 - Limited - Disabled)
fappy (S-1-5-21-1115690857-3098581168-450002322-1015 - Limited - Disabled)
Franklin (S-1-5-21-1115690857-3098581168-450002322-1003 - Administrator - Enabled) => C:\Users\oooch
Guest (S-1-5-21-1115690857-3098581168-450002322-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1115690857-3098581168-450002322-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Enabled - Up to date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Amazon Music (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Amazon Amazon Music) (Version: 7.10.0.2175 - Amazon.com Services LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version:  - Electronic Arts, Inc.)
BitTorrent (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\BitTorrent) (Version: 7.10.5.45597 - BitTorrent Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Creativity Collection 2 SE version 1.0 (HKLM-x32\...\Creativity Collection 2 SE_is1) (Version: 1.0 - Encore)
CrewLink 2.0.1 (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\f844a100-2ca0-51d4-8013-d11548b01669) (Version: 2.0.1 - Ottomated)
CurseForge (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.167.2.4 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
Elsword version v6.1221.1.1 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v6.1221.1.1 - KOGGAMES)
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8464DE838}) (Version: 7.8.7.7 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{e660d896-e4f1-4bd0-b2de-90f6a4498f6c}) (Version: 7.8.7.7 - ExpressVPN)
Fer.al (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\WildWorks-Feral) (Version: win64_0.10.6_384 - WildWorks, Inc.)
FireAlpaca 2.3.8 (64bit) (HKLM\...\FireAlpaca64_is1) (Version: 2.3.8 - firealpaca.com)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.2.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
InstallRoot (HKLM\...\{132BB1BA-F079-48C3-89E8-4561917B9B99}) (Version: 5.2 - DoD PKE)
Intel® Chipset Device Software (HKLM-x32\...\{5fa248d9-79b2-48fb-9add-72660adaed4e}) (Version: 10.1.2.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Leawo Blu-ray Player version  1.9.6.2 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.6.2 - Leawo Software)
Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
Lunar Client (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.4.8 - Moonsworth, LLC)
Madden NFL 21  (HKLM-x32\...\{01022C15-AD1D-4808-8137-16CB9ADB6530}) (Version:  - Electronic Arts, Inc.)
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediBang Paint Pro 25.4 (64-bit) (HKLM\...\MediBang Paint Pro_is1) (Version: 25.4 - Medibang)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28808 (HKLM-x32\...\{78079cc3-1f6e-47f6-b4d6-105f08b89409}) (Version: 14.26.28808.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
mSecure (HKLM-x32\...\{D0E20E2C-76AC-41FF-913B-FFBF299E4E7B}) (Version: 3.129 - mSeven Software LLC)
n52te Editor (HKLM-x32\...\{0AC8162B-5175-41D7-B963-8307A40BD456}) (Version: 5.01 - Razer USA Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.92.46430 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.162.0.7 - Overwolf Ltd.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Pentablet version 1.6.4.1945 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.6.4.1945 - UGEE Technology Co.,Ltd)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 4.04 - NCH Software)
Product Improvement Study for HP DeskJet 3630 series (HKLM\...\{416B7D0C-0AEC-4FE6-AE40-4E12857CCA55}) (Version: 40.11.1107.1739 - HP Inc.)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.24.11 - Quicken)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.13.18.1333 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0130.011816 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for Franklin (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for oooch (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Twitch (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 80.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VALORANT (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Viscera Cleanup Detail: alpha v0.25
 (HKLM\...\UDK-c951e209-40ac-442b-89f5-a54d23dd7388) (Version:  - RuneStorm
)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\Wargaming.net Game Center) (Version: 21.0.0.3580 - Wargaming.net)
World of Tanks NA (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\WOT.NA.PRODUCTION) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
World_of_Warships_NA (HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\WOWS.NA.PRODUCTION) (Version:  - Wargaming.net)
WorldPainter 2.7.18 (HKLM\...\4144-4862-0472-7103) (Version: 2.7.18 - pepsoft.org)
 
Packages:
=========
Age of Empires Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.Darwin_100.1.38862.0_x64__8wekyb3d8bbwe [2020-07-07] (Microsoft Studios)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.7.11.0_x86__h6adky7gbf63m [2021-01-27] (Gameloft SE)
Eno® from Capital One® -> C:\Program Files\WindowsApps\CapitalOne.EnofromCapitalOne_3.4.1.0_neutral__jwbp9gf99gyz6 [2021-02-04] (Capital One)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-23] (Facebook Inc)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2020-02-22] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft S/MIME Control for Outlook on the web for Microsoft Edge -> C:\Program Files\WindowsApps\Microsoft.Outlook.EdgeExtension.Smime_20.19.814.2_x64__8wekyb3d8bbwe [2020-03-31] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-01-31] (Up to Eleven Digital Solutions GmbH)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-20] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-06] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.21.0_x86__3h5nez1g3qt2c [2021-01-19] (GT Office PDF Studio)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2016-11-11] (Microsoft Corporation) [MS Ad]
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2011.9001.0_x64__8wekyb3d8bbwe [2020-11-12] (Microsoft Corporation)
Xbox Console Companion - beta -> C:\Program Files\WindowsApps\Microsoft.XboxAppBeta_44.72.4001.0_x64__8wekyb3d8bbwe [2020-12-12] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-02-15] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\ChromeHTML: ->  <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\oooch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.commastand.com/sail/
ShortcutWithArgument: C:\Users\oooch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.commastand.com/sail/
ShortcutWithArgument: C:\Users\oooch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2020-10-28 21:26 - 2020-10-28 21:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-28 21:26 - 2020-10-28 21:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-28 21:26 - 2020-10-28 21:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-28 21:26 - 2020-10-28 21:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-28 21:26 - 2020-10-28 21:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-28 21:26 - 2020-10-28 21:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2020-12-25 10:16 - 2020-12-25 10:16 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-25 10:16 - 2020-12-25 10:16 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-25 10:16 - 2020-12-25 10:16 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-02-11 15:31 - 2020-12-25 10:16 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-08-01 18:46 - 2019-07-11 12:50 - 000145408 _____ (TODO: <公司名>) [File not signed] C:\WINDOWS\system32\wintab32.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\oooch\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [458]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.safesear.ch/web/?type=20171129-155-sshome-ie-df&q={searchTerms}
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.safesear.ch/?type=20171129-155-ie
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.safesear.ch/web/?type=20171129-155-sshome-ie-df&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.safesear.ch/web/?type=20171129-155-sshome-ie-df&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1115690857-3098581168-450002322-1003 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=86311327&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC0qGAl6E3BCh117l%2BSlw%2BOTVa45Eeewz8UkshJ9iRPzcLaD6zA60lsQuknS63T%2BAECiMT5TCfn5GURQTIVV9hwzQbrxSxOhzBTA%2Fnjg0S9KKlOJmg2AMqznK4TfYIM93AhzT2em2m8lVHkJkISq%2Btq%2Bhdq3bdA16HkQLAsCWgBXwrrpmkcvVKsJGdlslYqJeMpuNFPs9l5%2BWKYu2fDOAc5NnhEpdHHCXpGTU3Mccp9lSw%3D%3D&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2021-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\Endpoint Security\x86\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 02:24 - 2020-02-22 16:41 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
2017-07-02 17:49 - 2021-01-22 06:57 - 000000518 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
2.168.137.1 FranklinsDesktop.mshome.net # 2024 10 2 29 7 35 41 401
92.168.137.1 FranklinsDesktop.mshome.net # 2024 10 2 29 7 35 41 401
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\WorldPainter
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\Control Panel\Desktop\\Wallpaper -> c:\users\oooch\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\233566.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: ClientAnalyticsService => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: EvoSvc => 3
MSCONFIG\Services: ExpressVpnService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ibtsiva => 2
MSCONFIG\Services: InstallRoot => 2
MSCONFIG\Services: Intel® PROSet Monitoring Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LogiRegistryService => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: mracsvc => 3
MSCONFIG\Services: MSK80Service => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "PentabletService"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Jomantha"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "World of Warships"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-1115690857-3098581168-450002322-1003\...\StartupApproved\Run: => "Overwolf"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{49F38D8D-46A4-4E99-99FC-1AC034324FFB}] => (Allow) E:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1DE6D2C7-A9C6-4395-A206-284ED3B1EC28}] => (Allow) E:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F182A340-0BE4-4D40-8C8A-C1A6B2BDCB07}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5E9E8AEC-A895-43A6-AA52-04A251726656}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFCF58C3-9AC9-46E3-8049-B211C94CBCD3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{839CD423-BE4D-4B7F-BA22-2BE9C1452730}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5EB3DF6C-3BF5-42E8-89DD-C5BC8033A54E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96186CE1-49BA-4704-B603-E516562499BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6A5356AA-F0E1-4A48-BB45-A064A9B67610}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95172873-16FC-4BE8-A851-4780C7016BA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BA2A144-6504-4781-8918-2C5DAF85A526}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{7185BF7D-D21A-49F4-A7F3-A74C24E40CB9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{7B5745E5-F1EC-4E21-A2D6-2977D67805B0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Death Stranding\ds.exe (KOJIMA PRODUCTIONS Co., Ltd.) [File not signed]
FirewallRules: [{88BC373A-B8B0-417C-8AC6-75387F1EF951}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Death Stranding\ds.exe (KOJIMA PRODUCTIONS Co., Ltd.) [File not signed]
FirewallRules: [{D897F671-523A-4322-A35E-17A02A70BEC0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{989B68AE-E011-4294-A975-29392F64DF11}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5CF9AAB6-197F-4052-902F-544E42CC0652}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D00535EC-D420-40B2-8F85-23E2215E1EBA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{CFCE291B-EEAF-40A2-AA7F-F4F6A45036B9}E:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{86B345AF-4D24-4AA1-AD09-2BD19655EF5D}E:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B449E58-E923-42B1-95DE-86E3881F0C4C}E:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{80911E02-CFAC-4D28-A2AB-F1173BD419BA}E:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{AE4F2892-3546-4B66-9BA4-599D4B170EC0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{833031AC-04F8-442D-A61A-68837CEAE596}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{1F108F65-DA9E-4978-AD7E-0D2E6B05A177}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Humankind OPENDEV\Humankind.exe () [File not signed]
FirewallRules: [{D0BA7AD7-4F5B-4F53-AC46-C1F21A8A7683}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Humankind OPENDEV\Humankind.exe () [File not signed]
FirewallRules: [{AEB78991-1AA9-458E-B099-A7296F216227}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{D1F7287B-5856-4EB6-B732-C532631C0EC9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{0D84F6B2-4B90-4D61-9209-160A011DA909}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{ED48DF9D-5BFE-4457-A057-97A4A3341762}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{CB84AEA8-B523-412B-9522-A016075DB9B0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7305C6FE-A6FB-4916-8AD6-FDAE53295628}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DAE3198C-1100-47BE-834F-293B0FA5E953}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A9F92983-EAAB-419B-A828-C3F80413AD3B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{4A2EE142-AA28-4DB1-B154-87692A911A5E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{00D53C69-C74A-400B-A105-2A8DFC254449}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E47B5CB4-0860-4715-BD0A-0D816D3537A6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clue\Cluedo.exe () [File not signed]
FirewallRules: [{0CC5F8D2-E5DC-41B1-9761-8F99F49C5DFE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clue\Cluedo.exe () [File not signed]
FirewallRules: [TCP Query User{943383D0-A2FD-4A7B-BCDF-236BBB7A6691}E:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe => No File
FirewallRules: [UDP Query User{CB1A0F77-2913-43F4-B613-9A3828C64788}E:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe => No File
FirewallRules: [{93F9C843-C310-45F8-B096-36DBF620B927}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{EB40C85D-FC5C-4504-A36A-4562FAEA6217}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [TCP Query User{25EB2820-2E31-425C-96BC-3E21ED66625C}E:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) E:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{30812F93-9394-4D14-B3BD-37F2CB293558}E:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) E:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{184A7CB9-2967-4147-8C9E-F210D2920B12}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spore\runme.exe () [File not signed]
FirewallRules: [{E24469D8-5D7A-4B89-B205-3C43895D12D0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spore\runme.exe () [File not signed]
FirewallRules: [{0823AC07-1425-4E2B-A4E3-E9C4FA0BA1BA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{1BE21BCA-0121-454A-8C38-CF3A5DD66504}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B1EA6AEC-73B3-4046-A599-422DDB8DA885}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{F4696D21-A705-4A97-B4BC-52383A0CFC92}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [TCP Query User{D201DC8D-FBE1-42CE-8185-1A62CD0A6A0F}E:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe => No File
FirewallRules: [UDP Query User{7B55415F-0CBD-455B-8D74-0B99CDA3AE83}E:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe => No File
FirewallRules: [{B5796AC3-F1E6-4B74-A19B-7B90B92CC071}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{4A2977BC-2519-4FFA-8CE2-AF4CD11D7039}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{E9F352DA-F420-41B1-B287-AEE1E7B339D1}E:\program files (x86)\steam\steamapps\common\smite pt\binaries\win64\smite.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\smite pt\binaries\win64\smite.exe => No File
FirewallRules: [UDP Query User{18BEEBD9-DB21-4859-A3E9-557162E16A67}E:\program files (x86)\steam\steamapps\common\smite pt\binaries\win64\smite.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\smite pt\binaries\win64\smite.exe => No File
FirewallRules: [{E3481E5D-548E-4AEB-A4F8-C1687C72A37D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{798C1F38-A5CD-4C76-BC20-E17099A6513D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{8E6042E6-59A5-48CE-B5ED-F5CEB526D01E}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [UDP Query User{A1C82B32-CEAD-4906-B9D0-90AAD7B8CBCF}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [TCP Query User{1A3FD6E9-723C-4589-B923-94046E60F1E1}E:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe => No File
FirewallRules: [UDP Query User{7A0D0ECD-15DF-4DD6-9568-2642B801B528}E:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe => No File
FirewallRules: [TCP Query User{66999B37-3060-4879-A565-F7707E8F9730}E:\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) E:\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{38D2C4EF-5426-42D9-947D-A617F495A046}E:\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) E:\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{A260638C-DE3A-4CCB-9D8E-28E7EC118846}E:\program files (x86)\steam\steamapps\common\walking simulator 2020\walkingsimulator2020\binaries\win64\walkingsimulator2020-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\walking simulator 2020\walkingsimulator2020\binaries\win64\walkingsimulator2020-win64-shipping.exe => No File
FirewallRules: [UDP Query User{67422757-EA35-4FA3-AA81-E707F277A25A}E:\program files (x86)\steam\steamapps\common\walking simulator 2020\walkingsimulator2020\binaries\win64\walkingsimulator2020-win64-shipping.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\walking simulator 2020\walkingsimulator2020\binaries\win64\walkingsimulator2020-win64-shipping.exe => No File
FirewallRules: [{073262DB-F80D-424A-89DD-00E468B2143F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{38AD0AE5-A9BE-409F-A50C-39B03DD16369}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [TCP Query User{24A80CF4-1410-483B-855C-A80F6A056119}E:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{80F15E65-84CC-4E7D-BA93-241582309D10}E:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe => No File
FirewallRules: [{95615DC6-52B1-4B0C-9CE3-1BC07195932F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Wizard101\Wizard101.exe (KingsIsle Entertainment Inc. -> )
FirewallRules: [{32A3D5CE-9706-4BC4-8DC5-19A523522AAF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Wizard101\Wizard101.exe (KingsIsle Entertainment Inc. -> )
FirewallRules: [TCP Query User{81980E2F-5D9C-4462-BE3B-FFB26A1FAFDA}C:\users\oooch\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\oooch\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{E774D469-49F0-4C0D-8CC4-13EC711817E6}C:\users\oooch\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\oooch\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1AC398D4-96C4-423C-B5E2-A56066E0FEA0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{0FB0EACE-44FF-4863-A3F1-DED276AE14E9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{A716CC7B-EDCD-44CD-BBF0-9B617C64824E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{FD1D3AC9-EB63-4C2F-8392-350BF265A4DC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{899608AB-0022-49F6-8283-DBFB4B3F5564}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File
FirewallRules: [{C92B64C6-2C97-4109-8C9B-7DA55A14AFA9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File
FirewallRules: [TCP Query User{46037EEE-D40F-49DC-B526-C305C67279AA}E:\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\rs2v\binaries\win64\risingstorm2.exe => No File
FirewallRules: [UDP Query User{DEC5E255-9569-407E-B9E9-DC06F02418D8}E:\rs2v\binaries\win64\risingstorm2.exe] => (Allow) E:\rs2v\binaries\win64\risingstorm2.exe => No File
FirewallRules: [TCP Query User{3E55B11B-3545-456A-9E05-FE5350963CE3}E:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [UDP Query User{F918AE2D-F9CA-43EB-A3F2-695FF3E5624C}E:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [TCP Query User{758A25E9-AB78-4CD5-8980-926D03786942}E:\costumequest2\costumequest2.exe] => (Allow) E:\costumequest2\costumequest2.exe => No File
FirewallRules: [UDP Query User{577ACBE1-3580-4AD0-9D6C-2BD3D7FDE87C}E:\costumequest2\costumequest2.exe] => (Allow) E:\costumequest2\costumequest2.exe => No File
FirewallRules: [{7A46F3B7-55AE-424C-A0CE-26414DFA74B3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{B547A2EC-393C-44A4-BEF8-F50C6FD9F19D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E7233C11-3E1D-41B5-86DB-D370504A3B4B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{EDC9905C-6F63-4206-AEB9-FE28620DFB0B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{F0FE4E2B-A6B2-4CC4-BF5B-FD91092A69FD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{10A8738B-353F-4391-A543-45D8E13A9CD9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{387D3D97-F362-47D2-A168-D41F5F527B6A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{431C707E-CE0D-44C5-B0AD-CDFDE88B5D50}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{F53E69C2-D2C8-4B42-8E51-711C94B6AF18}E:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) E:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat Inc. -> Proletariat, Inc.)
FirewallRules: [UDP Query User{FA02AECF-032D-4FAE-839D-B4161DEDA40F}E:\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) E:\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat Inc. -> Proletariat, Inc.)
FirewallRules: [TCP Query User{A75632D9-7C08-4FB9-AC72-7586C3A1B702}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{BAF040D4-086A-4B48-AA54-D807FF96A951}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{2D72DAE4-755C-4047-B39B-D9981D8F89B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1241830F-C9EF-4790-AC88-2ED2B6058EC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9783D063-CA60-4186-9F0B-4A6E0E593446}C:\users\oooch\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\oooch\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{40797A7B-991F-424E-B82B-0C539F6D88DE}C:\users\oooch\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\oooch\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [{65F71DCF-06D1-43BB-AF0E-5166AD20389B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{1DCE9907-5E5F-44FD-A9B6-10FBB9906F6B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [TCP Query User{DAFAA7A7-A893-4025-A36C-96FE555E71CA}E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe => No File
FirewallRules: [UDP Query User{BE8C46F9-B175-4CD6-B2F1-1A2F82A27FE2}E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe => No File
FirewallRules: [{178CA13B-8208-4E08-B83D-839F344C93A9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Witches x Warlocks\Witches_x_Warlocks.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F9DAF870-53A1-42AC-9F71-BE62C873EFA0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Witches x Warlocks\Witches_x_Warlocks.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B1A0FACB-1C5D-4427-AF45-394FE612886C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{81A398C0-B81A-4F5A-8AED-DDE61E8CDFDB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{10977F9B-0B0A-4037-99CA-896F4A28E696}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{1FCB4F9C-EDC9-464A-98AE-78A299142733}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{ACCEB247-47A5-40F8-8117-5D82FF508B64}E:\program files (x86)\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{A6FFF583-028C-4749-AB14-D4EBEAD9A3F7}E:\program files (x86)\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{0607A21F-E5AC-499C-84EB-56D66DB0F4E4}E:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) E:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F763A342-2DCE-448C-900E-4B0C6732CF65}E:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) E:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FF3EF351-50E8-4F1B-9739-F6A8A62D3499}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]
FirewallRules: [{C145FCB5-910D-405D-A77D-374D8DDE15A8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]
FirewallRules: [{C65EF6E9-027D-4D16-B269-CD5F797F9BD9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3EB5CA84-AB57-45D1-B579-AAE8B9D8741D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3F4E7188-A247-4BF4-8723-413F4D88B6F6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{955FB7C2-CCC8-4ED8-BE2B-04E4BDA282A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1A8E6FEF-02C9-45A1-8473-F56980E5C2B1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E6E7ED82-57FB-46BF-A062-B88656E6C81B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{88856D96-34BA-481F-9EA9-E7473DDBFB67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{565E4FC8-33ED-4D00-9524-89EF280BD4B3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A983902C-220F-4853-87D4-50367870B445}C:\users\oooch\appdata\local\programs\wildworks\feral\data\build\fer.al.exe] => (Block) C:\users\oooch\appdata\local\programs\wildworks\feral\data\build\fer.al.exe () [File not signed]
FirewallRules: [UDP Query User{0975F935-39C6-4ACC-8842-53EA7D916A7E}C:\users\oooch\appdata\local\programs\wildworks\feral\data\build\fer.al.exe] => (Block) C:\users\oooch\appdata\local\programs\wildworks\feral\data\build\fer.al.exe () [File not signed]
FirewallRules: [{039DE6F2-BF53-41B3-9C1D-DC68F981D634}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8A22C8A7-36F4-446C-B94F-1C71B4C1D53C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E570E959-4F14-4B34-8F69-85973970A555}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6C229233-BC60-4428-950C-ECA145138A1E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{BF994A08-AF93-47AC-BCF1-4BF7F1121C89}E:\thelongdark\tld.exe] => (Allow) E:\thelongdark\tld.exe => No File
FirewallRules: [UDP Query User{167DAFFE-8B64-4D35-9A9A-1EC34FF7BA8F}E:\thelongdark\tld.exe] => (Allow) E:\thelongdark\tld.exe => No File
FirewallRules: [{2C5C96C7-A1C1-4759-A170-7093CD28775A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{222B52D0-8ACA-4F23-8FD1-254145A6196C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{B5621416-A50E-4053-A4F1-7F7186E8D478}E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{DF0CD024-35C4-49A7-8DD3-FBA6BDB95C10}E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{B639D27C-A74C-47B7-B98D-443E1EFD9051}] => (Block) E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{F6714409-523D-42FA-B129-E956EA4338E6}] => (Block) E:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{A2B69AA8-C84C-4E07-9BCC-5015EE17F188}E:\program files (x86)\steam\steamapps\common\madden nfl 21\madden21.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\madden nfl 21\madden21.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [UDP Query User{4DF347AB-3DF8-4870-A8F5-EE487D617681}E:\program files (x86)\steam\steamapps\common\madden nfl 21\madden21.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\madden nfl 21\madden21.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{7F1FF4B0-4856-4F99-B805-D5A793E80D77}E:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{FAB1FDDF-CBEE-4DB9-802D-B4C845F1BDDC}E:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{437CD480-BE94-433A-902C-E28CC8000B0D}C:\users\oooch\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\oooch\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{7713F3D2-9E37-4B39-81D2-8A1C512F0CBE}C:\users\oooch\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\oooch\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{D8B73C03-2CDF-48EB-BC53-18845233782D}] => (Allow) E:\Program Files (x86)\Overwolf\0.162.0.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DAF10F32-C47D-484A-9C0E-D6C5BA0E22BC}] => (Allow) E:\Program Files (x86)\Overwolf\0.162.0.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AB9D9A4A-D400-4D32-9067-E9605470538A}] => (Block) E:\Program Files (x86)\Overwolf\0.162.0.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{58699424-8A43-48D5-AC41-AB1A87A19D36}] => (Block) E:\Program Files (x86)\Overwolf\0.162.0.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{53383F4A-D563-4D3D-B014-09D022A3BF48}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{7A7435F1-92EB-4CCB-802C-F364B04E0A30}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{BF417A08-6751-4599-89EF-1D72BF51B454}E:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{9DBD792F-369B-4947-95D3-6A49B4A12E01}E:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{9DAD1639-6A66-42E7-BF5B-337A895FD76E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{34328B21-974D-4094-B683-28FC95055BFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{E268AB42-6C2A-4BF5-A904-BE378C73A5C2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{42667156-F545-4DE5-9CDC-D676078591E0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{1F021708-3F4F-470B-821E-4E761AF8065F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\missed messages\missedmessagesWindows\missed messages..exe () [File not signed]
FirewallRules: [{49179CE4-F39D-4D9F-861E-C4FD8E193BBA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\missed messages\missedmessagesWindows\missed messages..exe () [File not signed]
FirewallRules: [{011A6753-DF61-4CB3-BD01-955F5F6D62D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B0B70FA1-5B5A-4D13-A104-65F505D6D473}C:\users\oooch\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\oooch\appdata\local\programs\crewlink\crewlink.exe (Ottomated) [File not signed]
FirewallRules: [UDP Query User{EA0DDF08-0F50-4C37-BFE6-A6D79F0BB03E}C:\users\oooch\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\oooch\appdata\local\programs\crewlink\crewlink.exe (Ottomated) [File not signed]
FirewallRules: [{57DE54C1-7D5D-471B-BD57-345B4C8ADEEF}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7E845980-85D4-4433-9410-CA61C7304194}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9A4F9930-B877-4928-9278-53DB5FF08872}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{7BB48280-EBFC-4934-AC3A-E1DA6A009C58}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [TCP Query User{92A2FFC4-A8E4-4DB4-AD21-7DFFFBA0936A}E:\program files (x86)\steam\steamapps\common\among us sheriff mod\among us.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\among us sheriff mod\among us.exe () [File not signed]
FirewallRules: [UDP Query User{DBAD0C2B-A1C0-437C-ACC0-31BE03856040}E:\program files (x86)\steam\steamapps\common\among us sheriff mod\among us.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\among us sheriff mod\among us.exe () [File not signed]
FirewallRules: [{07267FD7-10E5-420E-911C-22265887C01A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{1B108CF2-B726-4EDB-AFDB-C5543FD8AB3E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{8BAD37AE-704C-41DC-8D5D-5D2112B01292}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04EDA672-4AE0-4079-9EED-5B3924EDBEC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6891F11A-F641-4323-82CA-3CD2AE3F87B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B993E44-3632-4038-AF67-9256C39B8671}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{96FD351E-D982-4E00-B1C2-BDC0D305DE6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34DB096B-203D-4A7C-ADF2-B21869FF5B0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A06D5254-F4C6-4D43-A5DD-8AAA86A25D46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1297BB6C-C204-40C9-9873-FA9ADDD0C64C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{518BE596-AA81-4EA2-B217-413A9B250524}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{544D8D72-6BBA-402E-8D3E-4B0E40F9DDB1}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0F5487FB-B2DF-4D4D-8077-B2817002B555}E:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{99D26B4A-23A1-41E6-83F7-5926E292EB9B}E:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E3059961-2933-4DD0-B2D0-C7455372AF50}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F87555F3-FEE2-45DC-B531-8BE79C7235C5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BB32DB86-AD1A-4E6E-80D0-1899A9434708}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{400D558F-08F3-4013-8BE3-04545E750E06}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{A94E723C-5047-44A9-94F1-842B8AA5D0CD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{408ED70D-D5EC-44CE-8EAA-06B1569BE309}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4A75E510-88E4-4164-B5F9-24B6F3563773}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{768BA621-A465-43B5-AFEC-FD532A706CBC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4253583C-A7AB-403A-9096-E736BC2DABF3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{FBF4122A-E9DD-4795-A147-BDE0909EBE4C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{01B11437-83E7-475A-8DA5-31003EAE8853}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\First Class Trouble Demo\FCTClient.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A670650C-D93D-4766-829A-6F89C59AAACF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\First Class Trouble Demo\FCTClient.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{BFDAC218-00D6-44CC-9A0F-53D6224F71FC}E:\program files (x86)\steam\steamapps\common\first class trouble demo\fct\binaries\win64\fctclient-win64-shipping.exe] => (Block) E:\program files (x86)\steam\steamapps\common\first class trouble demo\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [File not signed]
FirewallRules: [UDP Query User{9C4F4C53-6713-4FDC-9550-033D8A6FAEB9}E:\program files (x86)\steam\steamapps\common\first class trouble demo\fct\binaries\win64\fctclient-win64-shipping.exe] => (Block) E:\program files (x86)\steam\steamapps\common\first class trouble demo\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [File not signed]
FirewallRules: [{5CC6973C-7A92-492E-9EC5-001F6B7FA22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81F7F0F2-54AA-4C79-B7C4-5A67F51A4D3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6757F5F6-C310-47B8-85D3-5D0348E62F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{127EE98A-C60D-4986-A5D5-1438E019B554}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
Name: Micro size USB to Bluetooth Dongle
Description: Micro size USB to Bluetooth Dongle
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (02/14/2021 11:51:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20680,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 11:44:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18704,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 11:38:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19112,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 11:28:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.1350 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2928
 
Start Time: 01d70331efafebd9
 
Termination Time: 4294967295
 
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
Report Id: 57d98a40-9ee6-4353-a912-333b255e7431
 
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Hang type: Navigation
 
Error: (02/14/2021 10:57:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15420,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 09:57:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 09:42:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/14/2021 08:55:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1828,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Windows Defender:
=================
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F1 04/15/2015
Motherboard: Gigabyte Technology Co., Ltd. X99-SLI-CF
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 32574.06 MB
Available physical RAM: 23162.35 MB
Total Virtual: 37438.06 MB
Available Virtual: 26821.18 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:237.41 GB) (Free:34.24 GB) NTFS
Drive d: (050223_1810) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
Drive e: (New Volume) (Fixed) (Total:3725.9 GB) (Free:2320.67 GB) NTFS
Drive f: () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
 
\\?\Volume{27810923-c189-4881-893c-2233f4077f0d}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{7523d58e-bc0d-3a81-b62d-abc3c0e545bd}\ () (Fixed) (Total:12.1 GB) (Free:0 GB) NTFS
\\?\Volume{2751c03c-b3da-4be2-9895-2577cffff0b0}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,580 posts
  • MVP

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP