This topic is locked
if anyone would help, I will be most grateful.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2021
Ran by jonny (administrator) on LAPTOP-NP27E90N (HP HP Pavilion Notebook) (14-03-2021 09:34:21)
Running from C:\Users\jonny\Downloads
Loaded Profiles: jonny
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: English (United Kingdom)
Default browser not detected!
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Application\chrome.exe <3>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\pef\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_19_7\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\csp\3.1.286.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\mmsshost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(ZOODOTNET LIMITED -> ) C:\Users\jonny\AppData\Local\MyEss\MyEss.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-27] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\Run: [Gaijin.Net Updater] => C:\Users\jonny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2350824 2020-09-14] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\Run: [MyEss] => C:\Users\jonny\AppData\Local\MyEss\MyEss.exe [602160 2020-05-15] (ZOODOTNET LIMITED -> )
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\Run: [GoogleChrome] => "C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Application\chrome.exe"
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01C272DC-E64B-4EC3-85B0-C28600AEC3DA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {06C9526C-DC6A-4F48-92E7-98744BC3B665} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AF9A3C2-10EF-4FFD-8B7B-26090D23FB2F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {0BCAE0E4-CAD4-4597-91A8-856D992074C3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {0BFD65FB-3EB9-4C9E-B237-D9FACEDA378A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {120C039C-DDC0-4060-8157-1C195EE3BED5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1057648 2017-09-27] (HP Inc. -> HP Inc.)
Task: {19F98958-C74C-400F-A9F6-BA085A9757B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {1E122EE6-9373-4466-BC9F-78AE19F1717F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4676920 2021-01-07] (McAfee, LLC -> McAfee, LLC)
Task: {308A737D-DAF0-4FED-BDB9-CEB4A599D92B} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {34073631-CAD8-495F-9F3B-F31FF0C62145} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3445E740-D70E-4813-BB2A-828676A1786B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {3F580FFE-D1EE-4B9E-8CDC-1318389F05FB} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-08-09] (McAfee, LLC. -> McAfee, LLC.)
Task: {40EAB164-11CF-4A8E-B22C-852579EFE665} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {49D8972D-5354-439F-BA40-3A6EF757CCD7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5BAB8B8C-3BC6-4A25-8C75-867F35E920D4} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759752 2019-08-14] (McAfee, LLC. -> McAfee, LLC.)
Task: {60178100-E073-4D3D-B31A-63E5029AF636} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {618D0001-22B0-4252-98BC-0C88617D08B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {659B27F0-D667-4C53-A140-F92D314CF31F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {65A0C1E1-2685-4509-AFEA-A0F77111CB5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1057648 2017-09-27] (HP Inc. -> HP Inc.)
Task: {707C46FB-BF09-4F5C-B44B-E4E761727DF1} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {796E29A9-54C0-4A34-9894-9B4B4174B101} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-08-09] (McAfee, LLC. -> McAfee, LLC.)
Task: {804A8297-A881-4EEE-9AB2-A841A6235C27} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.132\DADUpdater.exe [4054696 2021-01-18] (McAfee, LLC -> McAfee, LLC)
Task: {9EF6938F-31B2-4B4A-8BAB-42E79095DDAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7D6A4C0-50EE-4922-8246-2A72F314EFDB} - System32\Tasks\HPCeeScheduleForjonny => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {AB0C06D0-1538-435B-BCDA-F58211F3D9B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B42ECC47-730B-4786-889A-12E91E5438C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {BBF10AA4-F137-428A-8BF7-6067EC1E4B0E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C49121A4-CB06-4891-9C8D-75D76ABC5446} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C643BFF2-8F69-4D96-87F0-0A4555C1D6A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {CB28C1EF-FC23-4EF0-A038-C6811007EED5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D04D82D3-930A-44A2-A2CB-2E5BAB94A6B3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F22243F3-3166-4EF3-B2C4-8CF65CBEF481} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1359728 2017-10-25] (HP Inc. -> HP Development Company, L.P.)
Task: {FE224BD3-E9FD-4E8C-A679-2563483B395C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-25] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjonny.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{80fcc14c-1ea0-4df1-8e24-88c36c4fe58d}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{b3378355-6d25-4fae-809e-8b42daf97730}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Edge:
=======
DownloadDir: C:\Users\jonny\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3938178760-3216329319-1005203919-1001 -> hxxps://www.google.co.uk/
Edge DefaultProfile: Default
Edge Profile: C:\Users\jonny\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-14]
Edge DownloadDir: C:\Users\jonny\Downloads
Edge HomePage: Default -> hxxps://www.google.co.uk/
Edge StartupUrls: Default -> "hxxps://www.google.co.uk/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{google:assistedQueryStats}
FireFox:
========
FF DefaultProfile: bmn2tn4j.default
FF ProfilePath: C:\Users\jonny\AppData\Roaming\Mozilla\Firefox\Profiles\bmn2tn4j.default [2021-02-14]
FF ProfilePath: C:\Users\jonny\AppData\Roaming\Mozilla\Firefox\Profiles\mjptuvsk.default-release [2021-03-14]
FF Extension: (AdGuard AdBlocker) - C:\Users\jonny\AppData\Roaming\Mozilla\Firefox\Profiles\mjptuvsk.default-release\Extensions\[email protected] [2021-03-12]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-08-23] (McAfee, LLC. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-12-27] (Adobe Systems Incorporated -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-08-23] (McAfee, LLC. -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default [2021-03-14]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.wayfair.co.uk
CHR HomePage: Default -> hxxps://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://google/"
CHR NewTab: Default -> Not-active:"chrome-extension://pficgmfbdeigbbebkioddginbcckjeof/index.html", Not-active:"chrome-extension://ammedmhjkobkdljgdngfmkkdcgldommf/ntp.html"
CHR Extension: (Slides) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-07]
CHR Extension: (AllInOneDocs) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammedmhjkobkdljgdngfmkkdcgldommf [2020-07-17]
CHR Extension: (Docs) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-07]
CHR Extension: (Google Drive) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-07]
CHR Extension: (Sheets) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Web) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pficgmfbdeigbbebkioddginbcckjeof [2020-01-18]
CHR Extension: (Gmail) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Extension: (MIm6OVfNUAQA5FjvfAySS1sPPd7GakZNabcextsn) - C:\Users\jonny\AppData\Local\Google\Chrome\User Data [2021-03-14]
CHR Profile: C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1322632 2017-12-13] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-11] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2018-08-02] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_7\McApExe.exe [747384 2019-08-23] (McAfee, LLC. -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [455584 2017-09-27] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\\McCSPServiceHost.exe [2226608 2019-06-13] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1720032 2019-08-09] (McAfee, LLC -> McAfee, LLC.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1362400 2019-08-09] (McAfee, LLC. -> McAfee, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1738368 2020-04-25] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1640240 2020-10-05] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75696 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [564584 2019-07-21] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108904 2019-07-21] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 MpKsl94cf74f5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CD261540-189D-45BE-87FF-66E178D90B19}\MpKslDrv.sys [90360 2021-03-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 MpKsla41e512c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{154E5F46-6DD3-4513-845F-AC7D26B9E55D}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-14 09:34 - 2021-03-14 09:36 - 000026259 _____ C:\Users\jonny\Downloads\FRST.txt
2021-03-14 09:33 - 2021-03-14 09:36 - 000000000 ____D C:\FRST
2021-03-14 09:27 - 2021-03-14 09:27 - 002300928 _____ (Farbar) C:\Users\jonny\Downloads\FRST64(1).exe
2021-03-14 09:26 - 2021-03-14 09:26 - 002300928 _____ (Farbar) C:\Users\jonny\Downloads\FRST64.exe
2021-03-13 21:21 - 2021-03-13 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-03-12 21:28 - 2021-03-12 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 21:27 - 2021-03-12 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 21:27 - 2021-03-12 21:27 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 21:27 - 2021-03-12 21:27 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 21:26 - 2021-03-12 21:26 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 21:26 - 2021-03-12 21:26 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 21:26 - 2021-03-12 21:26 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 21:26 - 2021-03-12 21:26 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 21:25 - 2021-03-12 21:25 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 21:25 - 2021-03-12 21:25 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 21:25 - 2021-03-12 21:25 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-06 21:26 - 2021-03-06 21:29 - 002592124 _____ C:\WINDOWS\Minidump\030621-49109-01.dmp
2021-03-06 15:36 - 2021-03-06 15:44 - 002720412 _____ C:\WINDOWS\Minidump\030621-57359-01.dmp
2021-03-05 17:26 - 2021-03-05 17:47 - 002757484 _____ C:\WINDOWS\Minidump\030521-48671-01.dmp
2021-02-26 16:53 - 2021-02-26 16:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-25 22:13 - 2021-03-14 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-24 22:19 - 2021-02-24 22:29 - 002037844 _____ C:\WINDOWS\Minidump\022421-111359-01.dmp
2021-02-24 22:06 - 2021-02-24 22:06 - 000000000 _____ C:\WINDOWS\Minidump\022421-97640-01.dmp
2021-02-24 19:14 - 2021-03-13 21:13 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjonny.job
2021-02-24 19:14 - 2021-03-13 01:13 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForjonny
2021-02-22 10:39 - 2021-01-14 08:04 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-22 10:39 - 2021-01-14 08:04 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-22 10:39 - 2021-01-14 08:04 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-22 10:39 - 2021-01-14 08:04 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-22 10:39 - 2021-01-14 08:04 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-22 10:39 - 2021-01-14 08:04 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-22 10:39 - 2021-01-14 08:04 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-22 10:39 - 2021-01-14 08:04 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-22 10:39 - 2021-01-14 08:04 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-22 10:39 - 2021-01-14 08:04 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-22 10:39 - 2021-01-14 08:02 - 000047248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 007706352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445763.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445763.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-22 10:39 - 2021-01-14 08:01 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-22 10:39 - 2021-01-14 07:59 - 005978008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-14 09:35 - 2021-03-13 21:22 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-14 09:35 - 2021-03-13 21:21 - 000000000 ____D C:\Users\jonny\AppData\LocalLow\Mozilla
2021-02-14 09:35 - 2021-02-27 11:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-14 09:35 - 2021-02-26 16:53 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-14 09:35 - 2021-02-14 09:35 - 000001000 _____ C:\ProgramData\Desktop\Firefox.lnk
2021-02-14 09:35 - 2021-02-14 09:35 - 000000000 ____D C:\Users\jonny\AppData\Roaming\Mozilla
2021-02-14 09:35 - 2021-02-14 09:35 - 000000000 ____D C:\Users\jonny\AppData\Local\Mozilla
2021-02-14 09:34 - 2021-02-14 09:34 - 000332960 _____ (Mozilla) C:\Users\jonny\Downloads\Firefox Installer.exe
2021-02-13 21:43 - 2021-02-13 21:43 - 000002435 _____ C:\Users\jonny\AppData\Roaming\Microsoft\Windows\Start Menu\Google Chrome.lnk
2021-02-13 21:43 - 2021-02-13 21:43 - 000002433 _____ C:\Users\jonny\Desktop\Google Chrome.lnk
2021-02-13 21:43 - 2021-02-13 21:43 - 000000000 ____D C:\Users\jonny\AppData\Roaming\Google
2021-02-12 19:46 - 2021-03-06 21:26 - 1269879230 _____ C:\WINDOWS\MEMORY.DMP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-14 09:37 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-14 09:10 - 2019-08-07 08:49 - 000000000 ____D C:\Program Files (x86)\Google
2021-03-14 09:01 - 2020-11-06 00:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-14 03:51 - 2020-11-06 01:19 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D127C88F-4964-416F-B4AB-8F1FA0CBD1D0}
2021-03-13 21:29 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-13 21:17 - 2018-12-12 05:11 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-13 21:15 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-13 21:15 - 2019-08-06 17:31 - 000000000 __SHD C:\Users\jonny\IntelGraphicsProfiles
2021-03-13 21:14 - 2020-11-06 00:59 - 000000000 ____D C:\Users\jonny
2021-03-13 21:13 - 2020-11-06 01:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-13 21:13 - 2020-11-06 00:52 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-13 00:34 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-13 00:32 - 2020-11-06 00:52 - 000346864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 00:29 - 2019-12-07 09:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 00:28 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 23:55 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-12 21:35 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 20:45 - 2020-05-22 18:39 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-12 20:19 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-11 00:16 - 2019-08-07 08:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 00:16 - 2019-08-07 08:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-07 11:14 - 2019-08-06 17:36 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-06 21:29 - 2020-11-15 12:14 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-06 21:25 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-06 11:11 - 2018-04-28 06:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-04 20:42 - 2020-11-06 01:26 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b3d93becedbf
2021-03-04 20:42 - 2020-11-06 01:19 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-28 13:59 - 2021-01-24 17:32 - 000000000 ____D C:\Users\jonny\AppData\Roaming\Grand Ages Rome
2021-02-27 11:22 - 2019-08-06 17:31 - 000000000 ____D C:\Users\jonny\AppData\Local\Packages
2021-02-27 09:03 - 2020-11-06 01:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3938178760-3216329319-1005203919-1001
2021-02-27 09:03 - 2020-11-06 00:59 - 000002374 _____ C:\Users\jonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 09:03 - 2019-08-06 17:38 - 000000000 ___RD C:\Users\jonny\OneDrive
2021-02-24 22:15 - 2021-02-10 20:15 - 000000000 ____D C:\Users\jonny\AppData\Local\EasyScreen
2021-02-23 20:12 - 2019-08-06 18:36 - 000000000 ____D C:\Users\jonny\AppData\Local\D3DSCache
2021-02-23 18:21 - 2018-12-12 05:26 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-02-22 10:42 - 2018-12-12 05:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-22 10:42 - 2018-12-12 05:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-19 22:47 - 2020-09-30 16:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 20:40 - 2020-11-06 01:19 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2021-02-14 08:53 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-13 21:50 - 2019-08-07 08:49 - 000000000 ____D C:\Users\jonny\AppData\Local\Google
2021-02-12 18:26 - 2020-11-06 01:11 - 000936818 _____ C:\WINDOWS\system32\PerfStringBackup.INI
==================== Files in the root of some directories ========
2020-09-13 07:58 - 2020-09-13 07:58 - 000007602 _____ () C:\Users\jonny\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2021
Ran by jonny (14-03-2021 09:38:44)
Running from C:\Users\jonny\Downloads
Windows 10 Home Version 2004 19041.867 (X64) (2020-11-06 01:21:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3938178760-3216329319-1005203919-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3938178760-3216329319-1005203919-503 - Limited - Disabled)
Guest (S-1-5-21-3938178760-3216329319-1005203919-501 - Limited - Disabled)
jonny (S-1-5-21-3938178760-3216329319-1005203919-1001 - Administrator - Enabled) => C:\Users\jonny
WDAGUtilityAccount (S-1-5-21-3938178760-3216329319-1005203919-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: McAfee Firewall (Disabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
FXCM Trading Station Desktop (HKLM-x32\...\FXTS2) (Version: - Forex Capital Markets, LLC ("FXCM LLC"))
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.11.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Litecoin Core (64-bit) (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\Litecoin Core (64-bit)) (Version: 0.17.1 - Litecoin Core project)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R21 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-GB) (HKLM\...\Mozilla Firefox 86.0 (x64 en-GB)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
MyEss (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\MyEss) (Version: 1.0 - Zoodotnet Limited)
NOW TV Player 6.8.0.0 (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\com.bskyb.nowtvplayer_is1) (Version: 6.8.0.0 - NOW TV)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.179 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.20.241 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.4 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
War Thunder Launcher 1.0.3.177 (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WhatsApp (HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\WhatsApp) (Version: 2.2043.21 - WhatsApp)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.46 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.428 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 6.0.0.43 - WildTangent) Hidden
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-03-22] (Amazon.com)
Booking.com: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comBigsavingsonhot_2.0.5.0_x64__mgae2k3ys4ra0 [2021-02-09] (Priceline Partner Network)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.53.5.0_x86__kgqvnymyfvs32 [2021-02-27] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1970.1.0_x86__kgqvnymyfvs32 [2021-03-04] (king.com)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-14] (Dropbox Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-12-12] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-08-06] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13801.20294.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-12] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-25] (Synaptics Incorporated)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-02-27] (WildTangent Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxDTCM.dll [2020-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-02-13 21:43 - 2021-02-13 21:43 - 001144320 _____ () [File not signed] C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Application\78.0.3904.108\chrome.dll
2021-02-09 01:32 - 2021-02-09 01:32 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\9c5cfbcc19c1aeccc535f309f05873d0\BRIDGECommon.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\5ddc004c538c7cdb0698e9790eae3229\BridgeExtension.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f1912b65372681c4482025d2ea64d960\CleanStartController.ni.dll
2021-01-08 01:41 - 2021-01-08 01:41 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\a354c38f659363054b8dbd29ab5fc353\Interop.IWshRuntimeLibrary.ni.dll
2021-02-12 19:17 - 2021-02-12 19:17 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\a1a85735830a58d68de6b32c054c961f\RegistrationUtilities.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\dad9dd560e38c29da6dfe6688f817cae\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\69eaa834550a1f015679f4b9d6b38bd5\CommonPortable.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\12976f63c260c230152542f8f43d1f6f\NAudio.ni.dll
2021-02-09 01:32 - 2021-02-09 01:32 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\07fe9165a3593cb64a943a8b34855409\Newtonsoft.Json.ni.dll
2021-02-09 01:33 - 2021-02-09 01:33 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\c8129da97f8be4a90c3d4e569de73f88\Newtonsoft.Json.ni.dll
2021-02-12 19:17 - 2021-02-12 19:17 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\d6754e112bc586d282a446a3d72d6335\log4net.ni.dll
2021-02-13 21:43 - 2021-02-13 21:43 - 001601024 _____ (TODO: <Company name>) [File not signed] C:\Users\jonny\AppData\Local\Google\Chrome\User Data\Application\78.0.3904.108\chrome_proxy.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {3CB084D9-7779-4F88-A638-23B37F03B6D5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {3CB084D9-7779-4F88-A638-23B37F03B6D5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3938178760-3216329319-1005203919-1001 -> {3CB084D9-7779-4F88-A638-23B37F03B6D5} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-08-23] (McAfee, LLC. -> McAfee, LLC.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 23:38 - 2018-04-11 23:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3938178760-3216329319-1005203919-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{50857A9E-345C-4C72-9A06-DCADED1E50DF}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{D3A31648-1A71-4D9C-BFC5-212C300C3CF0}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{2BF9C003-6DD5-4ED3-9573-55AE5320CE76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E4B61E76-4F08-4679-9336-D89EDDDCA6DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{7E379AA9-897D-4D74-AFB2-EB92E39977D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount and Blade Demo\runme.exe () [File not signed]
FirewallRules: [{D344820C-EAB8-4569-A5BB-8E30DCC3CE4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount and Blade Demo\runme.exe () [File not signed]
FirewallRules: [{D0A3DCC7-2EFB-4A70-A723-5A14D1784878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{AC0ACBCA-56D9-41C3-AA60-D43156BD27D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C78B5865-016A-4373-95CC-01C1600642C1}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{8EAC00C4-7974-41F9-BDB8-1BAB397657B7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2F814F63-013D-41FC-94EC-8C4CDD767B5C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D43D3A2F-D21A-43BF-8745-D243E97A6D16}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C6061CF-2D8A-4C8A-ACA3-03D2CA860816}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CF052CA-FE91-4E5B-8ACB-03041B7B665B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A64952B3-8926-4A64-8AF9-80CDB12122A8}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{CE166108-B6B0-4787-8C4A-AEF2BC09D4B1}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{1D7424EA-8189-4096-AC15-77EF91DB2E07}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{B6D5F0FF-D95F-42EC-8CF8-CA98A109D1FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A387B1BD-F3B7-4332-A2B9-E8D6EA0C8D25}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{779063D6-F787-4B0E-9182-C5DAB02B02CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{AF20FB7A-DC23-43A0-804D-57B57F881DB6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A2F49531-ABA5-4B77-B640-364208C6D45E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{08EEDF95-7D6A-4BD6-A6F2-FC1BDB9AA452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{65FD3529-9101-4D3A-8521-4CBCB03E4329}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38BE73FD-B4F6-4C52-82E9-0D0DF04D6377}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CDA099BD-C1AB-4C0C-810B-EA6727691399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7AFC5C81-9EE7-46A6-983E-050EE123A1B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F9CF9EE-760A-4946-AC6B-DEF2A41001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EDF8175-7EA6-4F7E-AD15-63809C1D2370}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87763E40-2EBF-4072-B76E-92B7BB9CDA80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{45CED60F-0843-4132-8404-39E039B71C07}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6217D100-625A-414B-A2AA-306E3A440750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe => No File
FirewallRules: [{19C56AE6-AFAC-4D0F-8EA1-0F73432C1727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Warships\bin\clientrunner\clientrunner.exe => No File
FirewallRules: [{090AE60C-2BAA-4AF3-A861-43825B767947}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{0090F211-3A46-4A10-B6C6-8DFC6BDD97D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe () [File not signed]
FirewallRules: [{137F6000-943F-4081-B237-F607F764F1C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{80A39989-E67A-47A9-A1B4-C122A7F7676D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{30FA17D4-9D38-44B4-8A11-AB8DF8D56EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{924CC9DD-7929-4D35-9AAA-86A9C2BF79FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{E74BB214-4077-4A97-AC9B-F2998CECED1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7643C06C-D1B5-4050-BFF8-B7BB275D773F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{37937B62-847D-4DEF-8517-967155A46A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DD92188F-451E-4EE4-B214-4B8890DF7A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C8CAB4AB-28C9-4758-8E85-5E496405C9D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [File not signed]
FirewallRules: [{C8F0F37B-D0A3-412F-B5A7-4E962DCF0048}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [File not signed]
FirewallRules: [{CAE5F408-B504-4F94-B690-E7B48571DBC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2E707556-3A99-4B1A-B8E7-0BED212803F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{26F101B5-5D8E-440B-8AFE-2FBEA1C18912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Plague Tale Innocence\APlagueTaleInnocence_x64.exe (Focus Home Interactive -> Asobo Studio)
FirewallRules: [{B6BAD2BF-6040-4F98-8501-9473DFFD5172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Plague Tale Innocence\APlagueTaleInnocence_x64.exe (Focus Home Interactive -> Asobo Studio)
FirewallRules: [{0BD06FCC-FE4A-4E89-B278-2991F7537528}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{0CD880F5-8E3E-43FB-A0EF-E7B83BCBB7DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{F66D8979-9C32-4118-BD06-ED34835B2E2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{59BBB6BD-8087-48CF-ABC3-352D6B240DA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{30672D0B-CA12-43D3-BDB4-65A62CADFD21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{2636A220-5E2E-4CCB-BAFB-5B0446BD9603}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{1AE5165B-6BC6-4F53-B97F-069C5B8402A3}C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{DD881F3D-7190-4768-8946-11DB36A918BB}C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{1DC89104-AF0C-4FB7-A4D5-1FBDB2382755}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Ages Rome\Rome.exe (Haemimont Games) [File not signed]
FirewallRules: [{9B63E529-3A5B-44CA-A7DF-AF2920B9F44F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Ages Rome\Rome.exe (Haemimont Games) [File not signed]
FirewallRules: [{215F8944-F4A1-47E5-B8B1-078029298EFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6AD26F6-A65A-4E76-A89B-D1242EA984DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C535405B-4662-4580-BBBC-738A9DCA0DBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{151DE636-91DE-4CC4-82AC-41B2F1B6C1C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DAED9E5-C11B-4648-A23F-C388C4F65288}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones Winter is Coming\GotPC.exe (YOUZU (SINGAPORE) PTE. LTD. -> )
FirewallRules: [{541E94A6-DB8F-4595-8070-9EADED6B6F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones Winter is Coming\GotPC.exe (YOUZU (SINGAPORE) PTE. LTD. -> )
FirewallRules: [{62E955DB-DE8F-4E5D-9E03-DE4249AA8251}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{F8BDC7B8-BE6A-4656-98ED-A510931B002E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{184F9FD9-B4D0-401C-97DA-25EF3E35293C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C638043-45A1-46B5-8959-FB1D8458B240}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{78DF54B8-5D35-4F84-8FEA-E2FA28FFCF28}C:\users\jonny\appdata\local\google\chrome\user data\application\chrome.exe] => (Allow) C:\users\jonny\appdata\local\google\chrome\user data\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3717ED50-3BE8-409C-898D-C778143B9A24}C:\users\jonny\appdata\local\google\chrome\user data\application\chrome.exe] => (Allow) C:\users\jonny\appdata\local\google\chrome\user data\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F547AE7D-53FE-417B-AF5E-199AB32182F2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{935E7E5B-559E-4F7F-AEAA-3500EA10A84C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FB5F6501-5537-4883-8CE4-477A96B1C193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5643DDA4-9FAF-4A8E-AB0A-8ADF48386AEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01E99105-11CC-47B2-9F7B-DFCC9F67FD27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB243AB2-6D97-4527-9FE4-AAB00F14EB79}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60C6EB01-355F-4CEA-8933-2A297D03F0F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E0A8061D-625C-46AF-9F57-DBD62052ED91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A7B51A6-03C2-49EC-AE1D-818DF26BCB9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60D0EA27-4394-4B7F-BC8E-6C45D850F301}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0335F760-888E-4D71-9478-38022E3AE4B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13801.20294.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
07-03-2021 20:28:58 Scheduled Checkpoint
12-03-2021 20:22:17 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/14/2021 09:01:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.19041.746, time stamp: 0x5b78739c
Faulting module name: windows.storage.dll, version: 10.0.19041.844, time stamp: 0x7313c2f7
Exception code: 0xc0000005
Fault offset: 0x0000000000103249
Faulting process ID: 0x26f4
Faulting application start time: 0x01d718b0a9faa3b6
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\system32\windows.storage.dll
Report ID: 0672c002-f0c4-4394-b713-6a4c837185de
Faulting package full name: Microsoft.OneConnect_5.2011.3081.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (03/13/2021 09:19:11 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/12/2021 08:32:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.19041.746, time stamp: 0x5b78739c
Faulting module name: windows.storage.dll, version: 10.0.19041.789, time stamp: 0xdc832f6d
Exception code: 0xc0000005
Fault offset: 0x0000000000103389
Faulting process ID: 0x3580
Faulting application start time: 0x01d7177ea4c7d419
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\system32\windows.storage.dll
Report ID: 6d337866-ea51-4ffb-8199-65307ecdf426
Faulting package full name: Microsoft.OneConnect_5.2011.3081.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (03/12/2021 08:22:56 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/12/2021 08:21:46 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/10/2021 06:06:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/09/2021 06:48:50 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (03/09/2021 06:48:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.19041.746, time stamp: 0x5b78739c
Faulting module name: windows.storage.dll, version: 10.0.19041.789, time stamp: 0xdc832f6d
Exception code: 0xc0000005
Fault offset: 0x0000000000103389
Faulting process ID: 0x2ca4
Faulting application start time: 0x01d71514c3dc36f2
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\system32\windows.storage.dll
Report ID: 6f4a4907-4952-4303-8189-6e32f58eb854
Faulting package full name: Microsoft.OneConnect_5.2011.3081.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
System errors:
=============
Error: (03/13/2021 09:17:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service did not respond on starting.
Error: (03/13/2021 09:12:35 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.
Error: (03/13/2021 09:13:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:01:33 on 13/03/2021 was unexpected.
Error: (03/13/2021 12:37:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service did not respond on starting.
Error: (03/12/2021 08:24:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service did not respond on starting.
Error: (03/12/2021 08:18:00 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.
Error: (03/12/2021 08:18:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 00:00:16 on 11/03/2021 was unexpected.
Error: (03/10/2021 06:04:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service did not respond on starting.
Windows Defender:
================
Date: 2021-03-10 18:15:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-08 19:02:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-03 19:18:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-02 19:01:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-28 19:16:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-03-12 20:43:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.333.116.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17900.7
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-03-07 11:25:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.2546.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-03-07 11:25:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.331.2546.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2021-03-13 21:24:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-13 21:18:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2021-03-13 18:32:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.25 05/28/2019
Motherboard: HP 84F7
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8071.09 MB
Available physical RAM: 2522.9 MB
Total Virtual: 10503.09 MB
Available Virtual: 2741.22 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:914.95 GB) (Free:522.3 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.33 GB) (Free:1.83 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{7bba2b35-08b3-4765-b721-f3b69e664745}\ () (Fixed) (Total:0.96 GB) (Free:0.34 GB) NTFS
\\?\Volume{2b360fef-8a9a-4837-91c7-531167bcc37a}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0C9207EE)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
