Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

black screen - Display driver failed to start

Started by GhostLoad , Mar 24 2021 01:10 PM

  • Please log in to reply

#46
GhostLoad
Posted 27 March 2021 - 07:45 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 27/03/2021 9:44:44 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/03/2021 10:41:46 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x3744 Faulting application start time: 0x01d7235a5e3b479b Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 2ff2ea6e-aad2-4d43-8579-0f4cae5761b2 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:46 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:44 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x39e8 Faulting application start time: 0x01d7235a5d0abe61 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: fb425283-9345-4787-9179-35d7f81957fc Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:44 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:13 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x47b0 Faulting application start time: 0x01d7235a4aa61913 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 050f071f-cb2c-4bbf-aa2c-a987a87788d9 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:13 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:12 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x3030 Faulting application start time: 0x01d7235a4997d185 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 9493afd6-4872-405e-9d2b-26f158042042 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:41:11 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:42 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x293c Faulting application start time: 0x01d7235a37e3102d Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: b0255cd0-b72e-45a6-86f7-d42cf98c73b7 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:42 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:40 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x4a5c Faulting application start time: 0x01d7235a36be8dba Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: b2ed7cea-13f7-4739-9d79-b094077a65e4 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:40 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:04 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x4068 Faulting application start time: 0x01d7235a216ba436 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: d7bb0de6-e48b-4485-9954-2ef15f0f0efd Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:04 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:02 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x1558 Faulting application start time: 0x01d7235a205f80dd Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: b6714ef3-48fc-4d6d-97a3-8f8da2295c8d Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:40:02 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:38:35 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x1fbc Faulting application start time: 0x01d72359ec754850 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 96c1d503-2392-4196-9793-d13e7014a572 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:38:35 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
Log: 'Application' Date/Time: 27/03/2021 10:38:34 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x2d24 Faulting application start time: 0x01d72359eb70a647 Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 47f2d12d-3efd-4fcc-87cd-87095e2fb9b2 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 27/03/2021 10:38:34 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/03/2021 10:25:55 PM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint c9 e1 1f cd a5 f7 88 4f 3c 07 df 2e a7 cb 87 85 b3 0d ab 49 is about to expire or already expired.
 
Log: 'Application' Date/Time: 27/03/2021 6:50:22 PM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint c9 e1 1f cd a5 f7 88 4f 3c 07 df 2e a7 cb 87 85 b3 0d ab 49 is about to expire or already expired.
 
Log: 'Application' Date/Time: 27/03/2021 5:35:50 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint c9 e1 1f cd a5 f7 88 4f 3c 07 df 2e a7 cb 87 85 b3 0d ab 49 is about to expire or already expired.
 
Log: 'Application' Date/Time: 27/03/2021 5:32:33 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint c9 e1 1f cd a5 f7 88 4f 3c 07 df 2e a7 cb 87 85 b3 0d ab 49 is about to expire or already expired.
 
Log: 'Application' Date/Time: 27/03/2021 5:30:13 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 8, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:30:10 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 7, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:30:07 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 6, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:30:04 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 5, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:30:01 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 4, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:29:58 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 3, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:29:56 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 2, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:29:53 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 1, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:05:21 AM
Type: Warning Category: 0
Event: 64 Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Certificate for local system with Thumbprint c9 e1 1f cd a5 f7 88 4f 3c 07 df 2e a7 cb 87 85 b3 0d ab 49 is about to expire or already expired.
 
Log: 'Application' Date/Time: 27/03/2021 5:03:51 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 8, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:48 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 7, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:45 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 6, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:43 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 5, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:40 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 4, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:36 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 3, Primary display device ID: NVIDIA GeForce GTX 970)
 
Log: 'Application' Date/Time: 27/03/2021 5:03:33 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xe0464645, Restart count: 2, Primary display device ID: NVIDIA GeForce GTX 970)

  • 0

Advertisements

#47
GhostLoad
Posted 27 March 2021 - 07:49 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2021
Ran by Miz (administrator) on MIZ-PC (27-03-2021 21:46:38)
Running from C:\Users\Miz\Desktop
Loaded Profiles: Miz
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\LogonScreenService.exe
(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7342\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Miz\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Discord Inc. -> Discord Inc.) C:\Users\Miz\AppData\Local\DiscordPTB\app-1.0.1005\DiscordPTB.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Ferox Games B.V. -> Ferox Games B.V.) C:\Users\Miz\AppData\Local\Medal\recorder-3.370.0\MedalEncoder.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\Miz\AppData\Local\Medal\app-4.625.0\Medal.exe <4>
(Ferox Games B.V. -> Medal) C:\Users\Miz\AppData\Local\Medal\app-4.625.0\resources\app\Medal.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Universal Control.exe
(Private Internet Access, Inc. -> ) C:\Program Files\Private Internet Access\pia-service.exe
(Private Internet Access, Inc. -> Private Internet Access Incorporated) C:\Program Files\Private Internet Access\pia-client.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\Miz\AppData\Local\Programs\Blitz\Blitz.exe <6>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [2201016 2019-11-26] (LG Electronics Inc. -> TODO: <Company name>)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1953024 2020-10-11] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [394824 2019-08-27] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33036768 2021-03-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [17552384 2019-11-08] (PreSonus) [File not signed]
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20904440 2020-10-28] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Private Internet Access] => C:\Program Files\Private Internet Access\pia-client.exe [4689288 2021-02-23] (Private Internet Access, Inc. -> Private Internet Access Incorporated)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090480 2021-03-18] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [com.blitz.app] => C:\Users\Miz\AppData\Local\Programs\Blitz\Blitz.exe [109893896 2021-03-25] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Medal] => C:\Users\Miz\AppData\Local\Medal\update.exe [1845072 2020-08-15] (Ferox Games B.V. -> )
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-03-24] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Miz\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [Discord] => C:\Users\Miz\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [DiscordPTB] => C:\Users\Miz\AppData\Local\DiscordPTB\Update.exe [1512760 2020-11-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-17] (Google LLC -> Google LLC)
Startup: C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2020-03-17]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
Startup: C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-03-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {050B0C51-A7F9-4A48-BDE8-CE0B7F35D8B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1146D9D0-33A1-4A25-AC54-E1CDD2665165} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057968 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {16BC023F-4003-4304-AB0F-845B0FD271A3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1939B3F1-9DBC-4C10-AB0F-55C49A8A5891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-12] (Google Inc -> Google LLC)
Task: {19B015B4-E33C-4C8A-9B64-4A7B60A33376} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {1ACFB802-16A9-40FA-9CB5-2E5D17D64B1B} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {23E3111D-9AC0-4C34-A9FE-1DAC23F4881B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ABF8D35-AC76-4E70-9FD2-CCD7D4222EC6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {2B831B19-E1B4-47EE-8FA0-32EBC974D55B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33527D3D-1481-405F-8490-CF62964A8C2C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38AC4358-D3CE-4AF6-8A4E-219472A2EB7F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683328 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B935488-1256-4D61-8F15-8334879E956B} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
Task: {3D7B8622-B8D2-48B5-9BF5-564DB9802C80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54B9A0D7-FF04-4725-8F75-A38BF0E2A4E2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {554B3E2E-30A6-4D37-A223-166FE836F864} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AE77EBB-D7B3-4E8C-A73D-A8B77894E4E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {61F19B58-53CB-449C-B4EC-880FF942497E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145800 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {626C6FA6-B264-4FE2-B5B3-A27552CD2883} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {765A4EA3-9B40-40E1-AF88-0A54FC1DC51B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7C45D328-6490-44E1-8259-2CE5B0FC9FA4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {7ED529C5-C94A-47C1-A507-365C4A8C78EC} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
Task: {8268FFD9-B463-4A45-BD5F-B41282E3B394} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057968 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {88DC14A8-F17F-4219-9212-2798D6DD6621} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {8FC17D0C-3357-46BA-99B6-BC5BDF2C314C} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
Task: {9C0D679D-275C-4B75-89E5-A6B1793D4735} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9F352E14-D3B6-42AC-BE8D-B3540F960D8D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [791608 2021-03-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {A379CD86-97D1-4872-A72D-E159D9576847} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A531727F-F3AF-4A46-9526-9A3DEF3EA95A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {A69530BA-E2EF-4F3A-917F-294EE8E6CDFC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {BA79ABC6-A276-417B-8362-BFBEEA285A68} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BE5E2853-9187-4935-AF03-07B0D5F0355A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFE1BD95-9E98-4112-8B1C-40241A4A5BD0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D34CBCDA-155B-4FBF-B7A8-1EC05F1E0C7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-12] (Google Inc -> Google LLC)
Task: {D9D5598C-F55C-4F13-9A93-A9ABF2138AE6} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
Task: {DC78A763-A886-4589-8877-A48D6804E759} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Task: {DC852786-AC6F-4063-A6CD-2C6D7B8D8ACE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE37BF7D-01EA-4FC9-8B83-519079098858} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
Task: {DFDAC58A-C830-4EAB-9F1D-6397EE4AE3AC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E17C39E1-E87D-412A-8A38-D9A2B42344CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145800 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E56E822B-BB34-4498-8BCB-C80A823FAFA8} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4135016 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E787BEB6-E7A8-45D7-82F0-9F61D5B7AA8F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {EEE2E828-8300-4E8D-9924-2EF0A02A1F7E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F146D5AB-BCD2-4973-A435-71A77C1F99A1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F25F6891-A079-40E0-AE02-2A08065ABD9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3a39c5c0-da9e-45e9-8df0-c5310aa6465e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{540fa8f6-ec4a-46b6-984e-4a30d317ca02}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a446aacd-1841-4079-a733-1f7a4fb7addb}: [DhcpNameServer] 10.0.0.241
Tcpip\..\Interfaces\{e5d31458-dbe3-41f5-962d-70b5a0b3cf1a}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Profile: C:\Users\Miz\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-24]
 
FireFox:
========
FF DefaultProfile: vyuynj64.default
FF ProfilePath: C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\vyuynj64.default [2021-03-27]
FF DownloadDir: C:\Users\Miz\Desktop
FF Extension: (uBlock Origin) - C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\vyuynj64.default\Extensions\[email protected] [2021-03-26]
FF Extension: (FlashGot) - C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\vyuynj64.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-03-16] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-11-23] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] [2020-11-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default [2021-03-27]
CHR DownloadDir: C:\Users\Miz\Desktop
CHR Notifications: Default -> hxxps://voice.google.com; hxxps://www.facebook.com; hxxps://www.letgo.com; hxxps://www.reddit.com
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Slides) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-12]
CHR Extension: (Docs) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-12]
CHR Extension: (Google Drive) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-12]
CHR Extension: (Honey) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-03-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (uBlock Origin) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-20]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-03-19]
CHR Extension: (Sheets) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-12]
CHR Extension: (AudioPick) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhcppdamigjkficnjnhmnljljhagaha [2019-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-12-12]
CHR Extension: (Grammarly for Chrome) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-24]
CHR Extension: (Image Search Options) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2020-02-17]
CHR Extension: (Video DownloadHelper) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-04]
CHR Extension: (Google Mail Checker) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-12-12]
CHR Extension: (Tiësto) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2019-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2019-12-12]
CHR Extension: (Gmail) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-04]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 amm_LSService; C:\Program Files (x86)\Actual Multiple Monitors\LogonScreenService.exe [609536 2020-10-11] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe [442416 2020-09-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2020-11-19] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2021-03-27] (ASUSTeK Computer Inc. -> )
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [833600 2021-03-27] (ASUSTeK Computer Inc. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-02-06] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-05-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-01-15] (FUTUREMARK INC -> Futuremark)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-03-18] (NVIDIA Corporation -> NVIDIA)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10545056 2021-03-24] (Logitech Inc -> Logitech, Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-18] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-18] (Microsoft Windows -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [361032 2019-08-27] (Parsec Cloud, Inc. -> Parsec)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1425904 2020-10-28] (Plex, Inc. -> Plex, Inc.)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [492032 2019-11-08] (PreSonus) [File not signed]
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [2068392 2021-02-23] (Private Internet Access, Inc. -> )
S3 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4447520 2021-02-23] (Private Internet Access, Inc. -> )
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5463128 2021-01-18] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43920 2020-12-16] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-24] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-21] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio.sys [364896 2019-09-27] (PreSonus Audio Electronics, Inc -> )
R3 paeusbaudioks; C:\WINDOWS\System32\drivers\paeusbaudioks.sys [62816 2019-09-27] (PreSonus Audio Electronics, Inc -> )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39944 2020-01-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2019-04-02] (TunnelBear, Inc. -> The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen -> Tobias Erichsen)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-27 21:46 - 2021-03-27 21:47 - 000044286 _____ C:\Users\Miz\Desktop\FRST.txt
2021-03-27 21:46 - 2021-03-27 21:46 - 000000000 ____D C:\FRST
2021-03-27 21:45 - 2021-03-27 21:45 - 002300928 _____ (Farbar) C:\Users\Miz\Desktop\FRST64.exe
2021-03-27 21:43 - 2021-03-27 21:43 - 000061440 _____ ( ) C:\Users\Miz\Desktop\VEW.exe
2021-03-27 16:25 - 2021-03-27 18:17 - 000000000 ____D C:\Users\Miz\Desktop\drive-download-20210327T202351Z-001
2021-03-27 04:27 - 2021-03-27 18:25 - 000003120 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2021-03-27 02:27 - 2021-03-27 18:58 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-03-27 02:27 - 2021-03-27 02:27 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-03-27 02:26 - 2021-03-27 02:26 - 000000000 ____D C:\Users\Miz\Desktop\MSIAfterburnerSetup
2021-03-27 02:25 - 2021-03-27 02:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-27 00:59 - 2021-03-27 00:59 - 005826196 _____ C:\WINDOWS\Minidump\032721-11203-01.dmp
2021-03-27 00:54 - 2021-03-27 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-03-26 23:09 - 2021-03-26 23:11 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-03-26 23:09 - 2021-03-17 04:33 - 001148904 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-03-26 23:07 - 2021-03-26 23:07 - 000000000 ____D C:\Users\Miz\Desktop\Install_Win10_10047_03192021
2021-03-26 20:20 - 2021-03-26 20:23 - 000000000 ____D C:\Users\Miz\Desktop\fulleventlogview-x64
2021-03-26 20:15 - 2021-03-26 20:15 - 000000000 ____D C:\Users\Miz\AppData\Roaming\PreSonus
2021-03-26 20:12 - 2021-03-26 20:12 - 005832855 _____ (UserBenchmark.com) C:\Users\Miz\Desktop\UserBenchMark.exe
2021-03-26 20:11 - 2021-03-26 20:11 - 000041451 _____ C:\Users\Miz\Desktop\dwm.exe.txt
2021-03-26 20:04 - 2021-03-26 20:04 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Miz\Desktop\procexp.exe
2021-03-26 20:04 - 2021-03-26 20:04 - 000036200 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-03-25 23:54 - 2021-03-25 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADATA
2021-03-25 23:54 - 2021-03-25 23:54 - 000000000 ____D C:\Program Files (x86)\ADATA
2021-03-25 23:41 - 2021-03-25 23:41 - 000000000 ____D C:\Users\Miz\Desktop\ADATA_SSDToolBoxSetup.4.0.1
2021-03-25 21:08 - 2021-03-25 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-03-25 21:08 - 2021-03-25 21:08 - 000000000 ____D C:\Program Files\Speccy
2021-03-25 21:07 - 2021-03-25 21:07 - 008234296 _____ (Piriform Software Ltd) C:\Users\Miz\Desktop\spsetup132.exe
2021-03-25 20:07 - 2021-03-25 20:07 - 000000000 ____D C:\Users\Miz\AppData\Roaming\NVIDIA
2021-03-25 19:06 - 2021-03-25 19:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-03-25 19:06 - 2021-03-25 19:06 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-25 19:06 - 2021-03-18 22:21 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-03-25 19:06 - 2021-03-18 17:56 - 005627760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-03-25 19:06 - 2021-03-18 17:56 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-03-25 19:06 - 2021-03-18 17:55 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-03-25 19:06 - 2021-03-18 17:55 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-03-25 19:06 - 2021-03-18 17:55 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-03-25 19:06 - 2021-03-18 17:55 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-03-25 19:06 - 2021-03-04 08:29 - 009524317 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-03-25 19:06 - 2020-10-07 13:34 - 001023216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-03-25 19:06 - 2020-10-07 13:34 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-03-25 19:06 - 2020-10-07 13:34 - 000673520 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-25 19:06 - 2020-10-07 13:34 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-25 19:06 - 2020-10-07 13:34 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-25 19:06 - 2020-10-07 13:34 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-25 19:06 - 2020-10-07 13:33 - 000589208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-03-25 19:06 - 2020-10-07 13:33 - 000445848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-03-25 19:06 - 2020-10-07 13:32 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-03-25 19:06 - 2020-10-07 13:29 - 005972824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-25 19:06 - 2020-10-07 13:11 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-25 19:05 - 2021-03-19 12:46 - 001855816 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-25 19:05 - 2021-03-19 12:46 - 001855816 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-25 19:05 - 2021-03-19 12:46 - 001452944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-25 19:05 - 2021-03-19 12:46 - 001436480 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-25 19:05 - 2021-03-19 12:46 - 001436480 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-25 19:05 - 2021-03-19 12:46 - 001192328 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-25 19:05 - 2021-03-19 12:46 - 001095504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-25 19:05 - 2021-03-19 12:46 - 001095504 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-25 19:05 - 2021-03-19 12:46 - 000949568 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-25 19:05 - 2021-03-19 12:46 - 000949568 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-25 19:05 - 2021-03-19 12:43 - 001731464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446207.dll
2021-03-25 19:05 - 2021-03-19 12:43 - 001490824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446207.dll
2021-03-25 19:05 - 2020-10-07 13:29 - 007001536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-25 19:03 - 2021-03-25 19:03 - 635637592 _____ (NVIDIA Corporation) C:\Users\Miz\Desktop\462.07-desktop-notebook-win10-64bit-international.hf.exe
2021-03-25 16:33 - 2021-03-25 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2021-03-25 16:33 - 2021-03-25 16:33 - 000000000 ____D C:\Program Files\WhoCrashed
2021-03-25 16:30 - 2021-03-25 16:30 - 010692312 _____ (Resplendence Software Projects Sp. ) C:\Users\Miz\Desktop\whocrashedSetup.exe
2021-03-25 15:59 - 2021-03-27 18:57 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-03-25 15:59 - 2021-03-25 15:59 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2021-03-25 15:58 - 2021-03-25 15:58 - 003086696 _____ C:\Users\Miz\Desktop\instspeedfan452_1.exe
2021-03-25 03:03 - 2021-03-25 03:03 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk
2021-03-24 22:19 - 2021-03-27 21:44 - 000019335 _____ C:\VEW.txt
2021-03-24 17:28 - 2021-03-24 13:34 - 000000000 ____D C:\Windows.old
2021-03-24 17:26 - 2021-03-24 17:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-24 17:25 - 2021-03-24 17:25 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-24 17:23 - 2021-03-24 17:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-24 17:23 - 2021-03-24 17:23 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-24 17:23 - 2021-03-24 17:23 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-24 17:23 - 2021-03-24 17:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-24 17:23 - 2021-03-24 17:23 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-24 17:23 - 2021-03-24 17:23 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-24 17:23 - 2021-03-24 17:23 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-24 17:23 - 2021-03-24 17:23 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-24 17:23 - 2021-03-24 17:23 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-24 17:23 - 2021-03-24 17:23 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-24 17:23 - 2021-03-24 17:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-24 17:23 - 2021-03-24 17:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-24 17:23 - 2021-03-24 17:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-24 17:23 - 2021-03-24 17:23 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-24 17:22 - 2021-03-24 17:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-24 17:22 - 2021-03-24 17:22 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-24 17:22 - 2021-03-24 17:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-24 17:22 - 2021-03-24 17:22 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-24 17:22 - 2021-03-24 17:22 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-24 17:22 - 2021-03-24 17:22 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-24 17:22 - 2021-03-24 17:22 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-24 17:22 - 2021-03-24 17:22 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-24 17:22 - 2021-03-24 17:22 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-24 17:22 - 2021-03-24 17:22 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-24 17:22 - 2021-03-24 17:22 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-24 17:22 - 2021-03-24 17:22 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-24 17:22 - 2021-03-24 17:22 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-24 17:22 - 2021-03-24 17:22 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-24 17:22 - 2021-03-24 17:22 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-24 17:22 - 2021-03-24 17:22 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-24 17:22 - 2021-03-24 17:22 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-24 17:22 - 2021-03-24 17:22 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-24 17:18 - 2021-03-24 17:18 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-24 17:18 - 2021-03-24 17:18 - 000000000 ____D C:\Program Files\MSBuild
2021-03-24 17:18 - 2021-03-24 17:18 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-24 17:18 - 2021-03-24 17:18 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-24 14:52 - 2021-03-27 00:59 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-24 14:52 - 2021-03-24 14:52 - 006104388 _____ C:\WINDOWS\Minidump\032421-18281-01.dmp
2021-03-24 13:38 - 2021-03-27 18:32 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-24 13:37 - 2021-03-24 13:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-24 13:35 - 2021-03-24 13:35 - 000000020 ___SH C:\Users\Miz\ntuser.ini
2021-03-24 13:34 - 2021-03-27 18:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-03-24 13:34 - 2021-03-25 19:06 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-25 19:06 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-24 13:34 - 2021-03-24 13:34 - 000003382 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-03-24 13:34 - 2021-03-24 13:34 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-24 13:34 - 2021-03-24 13:34 - 000003158 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-03-24 13:34 - 2021-03-24 13:34 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-24 13:34 - 2021-03-24 13:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-24 13:34 - 2021-03-24 13:34 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3466475401-2357420200-2576914407-1002
2021-03-24 13:34 - 2021-03-24 13:34 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3466475401-2357420200-2576914407-1001
2021-03-24 13:34 - 2021-03-24 13:34 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3466475401-2357420200-2576914407-500
2021-03-24 13:34 - 2021-03-24 13:34 - 000002644 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily
2021-03-24 13:34 - 2021-03-24 13:34 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-03-24 13:34 - 2021-03-24 13:34 - 000002504 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine
2021-03-24 13:34 - 2021-03-24 13:34 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-24 13:34 - 2021-03-24 13:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-03-24 13:33 - 2021-03-24 13:34 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-24 13:33 - 2021-03-24 13:34 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-24 13:29 - 2021-03-27 01:04 - 000000000 ____D C:\Users\Miz
2021-03-24 13:29 - 2019-12-07 05:10 - 000001105 _____ C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-24 12:47 - 2021-03-24 13:35 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-24 12:43 - 2021-03-24 12:46 - 000000000 ____D C:\ESD
2021-03-24 12:42 - 2021-03-24 12:42 - 000000000 ___HD C:\$Windows.~WS
2021-03-24 02:20 - 2021-03-24 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-03-24 02:20 - 2021-03-24 02:20 - 000000000 ____D C:\Program Files\LGHUB
2021-03-24 02:19 - 2021-03-24 02:19 - 000066896 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-03-24 02:19 - 2021-03-24 02:19 - 000037200 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-03-24 02:19 - 2021-03-24 02:19 - 000025928 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-03-23 13:07 - 2021-03-27 00:59 - 1518515624 _____ C:\WINDOWS\MEMORY.DMP
2021-03-23 04:23 - 2021-03-23 04:23 - 000000000 ____D C:\Program Files\dotnet
2021-03-22 19:55 - 2021-03-22 19:55 - 001328400 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-03-22 19:55 - 2021-03-22 19:55 - 001282560 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-03-22 19:55 - 2021-03-22 19:55 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-03-22 19:20 - 2021-03-22 19:21 - 000000000 ____D C:\Users\Miz\Desktop\Armoury_Crate_Uninstall_Tool
2021-03-22 19:10 - 2021-03-22 19:10 - 000000000 ____D C:\Users\Miz\Desktop\Lighting_Control_1.07.79_V2.2
2021-03-22 19:08 - 2021-03-27 18:45 - 000000000 ____D C:\Program Files\ASUS
2021-03-22 19:04 - 2021-03-22 19:04 - 000000000 ____D C:\Users\Miz\Desktop\ArmouryCrateInstallTool
2021-03-22 16:05 - 2021-03-24 13:33 - 000023660 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-03-22 05:44 - 2021-02-02 15:56 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsIO3.dll
2021-03-22 05:44 - 2021-02-02 15:56 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\WINDOWS\SysWOW64\AsIO3.dll
2021-03-22 05:44 - 2020-12-16 14:46 - 000043920 _____ C:\WINDOWS\system32\Drivers\AsIO3.sys
2021-03-21 22:40 - 2020-11-07 00:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-03-21 22:31 - 2021-03-24 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-03-21 22:31 - 2021-03-18 22:21 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-03-21 22:31 - 2021-03-18 22:21 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-03-21 22:31 - 2021-03-18 22:21 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-03-21 22:31 - 2021-03-18 22:21 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-03-21 22:31 - 2021-03-18 22:21 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-03-21 22:30 - 2021-02-23 21:50 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-03-21 22:30 - 2021-02-23 21:50 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-03-21 21:48 - 2021-03-21 21:48 - 000000000 ___HD C:\$SysReset
2021-03-21 15:54 - 2021-03-21 15:54 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-20 20:33 - 2021-03-27 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-20 19:37 - 2021-03-11 01:13 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-03-20 19:37 - 2021-03-11 01:13 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-03-20 19:37 - 2021-03-11 01:13 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-03-18 15:17 - 2021-03-18 15:17 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-17 15:31 - 2021-03-17 15:31 - 000000068 _____ C:\Users\Miz\AppData\Roaming\changzhi_leidian.data
2021-03-17 15:31 - 2021-03-17 15:31 - 000000000 ____D C:\Users\Miz\.Ld2VirtualBox
2021-03-17 15:31 - 2021-03-17 15:31 - 000000000 ____D C:\Users\Miz\.android
2021-03-17 15:30 - 2021-03-17 15:44 - 000000000 ____D C:\Users\Miz\AppData\Roaming\XuanZhi
2021-03-17 15:30 - 2021-03-17 15:44 - 000000000 ____D C:\Program Files\ldplayerbox
2021-03-17 15:30 - 2021-03-17 15:30 - 000000000 ____D C:\Users\Miz\Documents\XuanZhi
2021-03-17 15:30 - 2021-03-17 15:30 - 000000000 ____D C:\Users\Miz\AppData\Roaming\lddownloader
2021-03-17 15:30 - 2021-03-17 15:30 - 000000000 ____D C:\LDPlayer
2021-03-17 15:26 - 2021-03-17 15:35 - 000000000 ____D C:\Users\Miz\AppData\Roaming\ChangZhi2
2021-03-17 15:26 - 2021-03-17 15:26 - 000000000 ____D C:\XuanZhi
2021-03-16 00:02 - 2021-03-16 00:02 - 000000000 ___HD C:\$WinREAgent
2021-03-14 05:40 - 2021-03-14 05:40 - 044381674 _____ C:\Users\Miz\Desktop\X-Men 017 (2021) (Digital) (Zone-Empire).cbr
2021-03-14 05:40 - 2021-03-14 05:40 - 030451615 _____ C:\Users\Miz\Desktop\X-Men 018 (2021) (Digital) (Zone-Empire).cbr
2021-03-12 01:09 - 2021-03-12 01:09 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth19.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-03-12 01:09 - 2021-03-12 01:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-03-03 20:56 - 2021-03-20 16:08 - 000000000 ____D C:\Users\Miz\AppData\LocalLow\uTorrent
2021-03-03 02:13 - 2021-03-03 02:13 - 000000000 ____D C:\Users\Miz\dwhelper
2021-03-03 02:07 - 2021-03-03 02:07 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-27 21:47 - 2021-01-29 15:15 - 000000000 ____D C:\Users\Miz\AppData\Roaming\discordptb
2021-03-27 21:44 - 2019-12-12 16:47 - 000000000 ____D C:\Users\Miz\AppData\Local\Battle.net
2021-03-27 21:39 - 2021-01-29 15:02 - 000000000 ____D C:\Users\Miz\AppData\Roaming\discord
2021-03-27 21:36 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-27 21:34 - 2021-01-29 15:15 - 000000000 ____D C:\Users\Miz\AppData\Local\DiscordPTB
2021-03-27 21:18 - 2020-11-19 03:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-27 18:57 - 2019-12-12 15:58 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-27 18:56 - 2019-12-12 02:09 - 000000000 ____D C:\Users\Miz\AppData\Local\D3DSCache
2021-03-27 18:45 - 2019-12-12 01:50 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-03-27 18:45 - 2019-12-12 01:35 - 000000000 ____D C:\ProgramData\ASUS
2021-03-27 18:35 - 2020-08-09 03:55 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Blitz
2021-03-27 18:35 - 2020-04-19 02:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-27 18:34 - 2020-09-30 23:56 - 000000000 ____D C:\Users\Miz\AppData\Roaming\LGHUB
2021-03-27 18:34 - 2020-09-30 23:56 - 000000000 ____D C:\Users\Miz\AppData\Local\LGHUB
2021-03-27 18:34 - 2020-08-15 19:07 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Medal
2021-03-27 18:34 - 2020-01-08 00:04 - 000000000 ____D C:\Users\Miz\AppData\Local\Plex Media Server
2021-03-27 18:32 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-27 18:27 - 2019-12-12 19:22 - 000000000 ____D C:\Program Files\CCleaner
2021-03-27 18:25 - 2020-11-19 03:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-27 18:25 - 2019-12-12 19:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-03-27 18:25 - 2019-12-12 01:35 - 000872200 _____ C:\WINDOWS\system32\wpbbin.exe
2021-03-27 18:25 - 2019-12-12 01:35 - 000833600 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2021-03-27 18:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-27 18:25 - 2019-12-07 05:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-03-27 18:20 - 2019-12-12 01:52 - 000000000 ____D C:\Program Files\ENE
2021-03-27 18:20 - 2019-12-12 01:51 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-27 18:20 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-27 16:07 - 2020-09-12 03:26 - 000015370 _____ C:\CosairDram.txt
2021-03-27 15:59 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-27 15:37 - 2020-11-19 03:32 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-27 14:54 - 2019-12-13 15:47 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-03-27 03:45 - 2020-04-20 18:44 - 000000000 ____D C:\Users\Miz\AppData\Local\Firestorm_x64
2021-03-27 03:04 - 2020-04-20 02:33 - 000000000 ____D C:\Program Files\Firestorm-Releasex64
2021-03-27 02:26 - 2019-12-12 16:54 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-27 02:26 - 2019-12-12 16:52 - 000000000 ____D C:\Users\Miz\AppData\LocalLow\Mozilla
2021-03-27 01:03 - 2019-12-12 19:36 - 000000000 ____D C:\Users\Miz\AppData\Local\CrashDumps
2021-03-27 00:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-27 00:54 - 2019-12-12 01:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-27 00:04 - 2020-08-15 19:08 - 000000000 ____D C:\Users\Miz\Documents\Medal
2021-03-27 00:03 - 2020-03-21 19:15 - 000000000 ____D C:\Users\Miz\AppData\Local\Greenshot
2021-03-26 20:46 - 2020-04-08 18:35 - 000000132 _____ C:\Users\Miz\AppData\Roaming\Adobe PNG Format CS6 Prefs
2021-03-26 05:15 - 2019-12-13 15:28 - 000000000 ____D C:\Users\Miz\AppData\Roaming\vlc
2021-03-25 20:46 - 2020-04-19 02:21 - 000000000 ____D C:\Users\Miz\AppData\Local\NVIDIA
2021-03-25 20:07 - 2019-12-13 02:30 - 000000000 ____D C:\Users\Miz\AppData\Local\UnrealEngine
2021-03-25 19:30 - 2020-03-25 18:54 - 000000000 ____D C:\Program Files\Epic Games
2021-03-25 19:06 - 2020-04-19 02:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-03-25 19:06 - 2020-04-19 02:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-03-25 19:06 - 2020-04-19 02:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-03-25 19:06 - 2019-12-12 01:41 - 000000000 ____D C:\Users\Miz\AppData\Local\Packages
2021-03-25 17:50 - 2020-04-14 18:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-03-25 17:50 - 2019-12-12 17:45 - 000000000 ____D C:\Riot Games
2021-03-25 17:50 - 2019-12-12 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-03-25 16:33 - 2019-12-12 04:15 - 000000000 ____D C:\Users\Miz\AppData\Local\DBG
2021-03-25 15:53 - 2020-08-21 19:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-25 15:53 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-25 04:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-25 03:03 - 2020-02-19 22:42 - 000000000 ____D C:\Program Files\Private Internet Access
2021-03-25 00:58 - 2019-12-12 17:45 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-24 23:42 - 2020-01-03 20:38 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
2021-03-24 17:28 - 2021-02-08 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2021-03-24 17:28 - 2021-01-23 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2021-03-24 17:28 - 2021-01-16 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2021-03-24 17:28 - 2020-12-03 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-03-24 17:28 - 2020-12-01 21:54 - 000000000 ____D C:\WINDOWS\system32\Samsung
2021-03-24 17:28 - 2020-11-19 03:33 - 000000000 ____D C:\ProgramData\Packages
2021-03-24 17:28 - 2020-11-19 03:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-24 17:28 - 2020-11-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2021-03-24 17:28 - 2020-09-22 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\digiCamControl
2021-03-24 17:28 - 2020-09-20 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnScreen Control
2021-03-24 17:28 - 2020-08-22 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-03-24 17:28 - 2020-07-01 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2021-03-24 17:28 - 2020-06-21 07:48 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2021-03-24 17:28 - 2020-05-30 03:43 - 000000000 ____D C:\Program Files\UNP
2021-03-24 17:28 - 2020-05-18 04:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-03-24 17:28 - 2020-04-20 15:35 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-24 17:28 - 2020-04-20 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm-Releasex64
2021-03-24 17:28 - 2020-04-20 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radegast
2021-03-24 17:28 - 2020-04-19 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-03-24 17:28 - 2020-04-05 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2021-03-24 17:28 - 2020-03-21 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2021-03-24 17:28 - 2020-03-18 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reflector 3
2021-03-24 17:28 - 2020-03-17 01:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2021-03-24 17:28 - 2020-01-24 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-24 17:28 - 2020-01-03 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2021-03-24 17:28 - 2019-12-13 15:28 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-03-24 17:28 - 2019-12-12 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-03-24 17:28 - 2019-12-12 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-24 17:28 - 2019-12-12 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2021-03-24 17:28 - 2019-12-12 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exif Pilot
2021-03-24 17:28 - 2019-12-12 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2021-03-24 17:28 - 2019-12-12 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-24 17:28 - 2019-12-12 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
2021-03-24 17:28 - 2019-12-12 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2021-03-24 17:28 - 2019-12-12 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-03-24 17:28 - 2019-12-12 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-03-24 17:28 - 2019-12-12 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-24 17:28 - 2019-12-12 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2021-03-24 17:28 - 2019-12-12 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-03-24 17:28 - 2019-12-12 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-24 17:28 - 2019-12-12 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-03-24 17:28 - 2019-12-12 05:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-24 17:28 - 2019-12-07 05:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-24 17:28 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-24 17:28 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-24 17:28 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-24 17:26 - 2020-05-14 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-03-24 17:26 - 2019-12-12 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-03-24 17:25 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-24 17:25 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-24 17:25 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-24 17:25 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-24 17:22 - 2020-11-19 03:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-24 16:42 - 2020-04-20 15:35 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-03-24 13:51 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-24 13:38 - 2019-12-12 01:50 - 001164200 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsusDownloadAgent.exe
2021-03-24 13:38 - 2019-12-12 01:50 - 000366592 _____ C:\WINDOWS\system32\syncas.dll
2021-03-24 13:37 - 2019-12-12 01:41 - 000333224 _____ () C:\WINDOWS\system32\AsusDownLoadLicense.exe
2021-03-24 13:37 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-24 13:35 - 2019-12-12 01:41 - 000000000 ___RD C:\Users\Miz\3D Objects
2021-03-24 13:35 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-24 13:34 - 2020-11-19 03:32 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-24 13:34 - 2020-11-19 03:32 - 000003182 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-24 13:34 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-24 13:34 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-24 13:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-24 13:32 - 2019-12-07 05:14 - 000000000 __RSD C:\WINDOWS\Media
2021-03-24 13:30 - 2021-02-23 15:30 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-03-24 13:30 - 2021-01-05 00:46 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-24 13:30 - 2020-12-31 18:39 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-03-24 13:30 - 2020-08-24 19:19 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2021-03-24 13:30 - 2020-08-15 19:07 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal B.V
2021-03-24 13:30 - 2020-01-24 01:17 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-24 13:30 - 2019-12-25 16:40 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-03-24 13:30 - 2019-12-12 19:29 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec
2021-03-24 13:30 - 2019-12-12 19:29 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-03-24 13:30 - 2019-12-12 15:30 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-03-24 13:30 - 2019-12-12 01:54 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2021-03-24 13:30 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-24 13:29 - 2020-11-19 03:30 - 005112720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-24 13:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-23 19:02 - 2019-12-12 05:10 - 000000000 ____D C:\Users\Miz\Documents\School
2021-03-23 16:23 - 2020-09-08 21:07 - 000000000 ____D C:\Users\Miz\Desktop\ZeN33n -
2021-03-23 13:45 - 2019-12-12 17:08 - 000000000 ____D C:\Users\Miz\AppData\Roaming\DAEMON Tools Lite
2021-03-23 12:42 - 2019-12-12 15:39 - 000000000 ____D C:\Users\Miz\AppData\Roaming\Kodi
2021-03-22 18:38 - 2020-04-20 03:19 - 000000000 ____D C:\Temp
2021-03-22 18:19 - 2020-10-05 19:44 - 000000000 ____D C:\Users\Miz\AppData\Local\AcSdkInsLog
2021-03-22 18:10 - 2019-12-12 01:58 - 000000000 ____D C:\Users\Miz\AppData\Local\PlaceholderTileLogoFolder
2021-03-22 18:08 - 2020-09-05 22:53 - 000003941 _____ C:\ProgramData\AuraDlgSetProfile.xml
2021-03-22 17:30 - 2019-12-13 02:51 - 000000000 ____D C:\Users\Miz\AppData\Roaming\uTorrent
2021-03-22 16:06 - 2020-04-18 09:39 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-22 16:06 - 2020-04-18 09:39 - 000002276 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-22 15:06 - 2020-04-19 02:21 - 000000000 ____D C:\Users\Miz\AppData\Local\NVIDIA Corporation
2021-03-21 21:57 - 2019-12-12 01:41 - 000000000 ____D C:\Users\Miz\AppData\Local\ConnectedDevicesPlatform
2021-03-20 16:07 - 2019-12-13 02:50 - 000000000 ____D C:\Users\Miz\AppData\Local\BitTorrentHelper
2021-03-19 20:59 - 2020-05-18 04:23 - 000000000 ____D C:\Users\Miz\AppData\Roaming\obs-studio
2021-03-18 22:21 - 2020-12-12 03:11 - 000070896 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-03-18 22:21 - 2020-12-12 03:11 - 000059632 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-03-18 19:17 - 2019-12-12 16:47 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-03-16 04:58 - 2019-12-12 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-15 00:52 - 2019-12-12 01:42 - 000000000 ___RD C:\Users\Miz\OneDrive
2021-03-13 16:07 - 2020-04-18 21:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-03-13 16:07 - 2019-12-13 02:26 - 001682352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-03-13 16:07 - 2019-12-13 02:26 - 000216016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-03-13 16:07 - 2019-12-13 02:26 - 000169400 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-03-13 16:07 - 2019-12-13 02:26 - 000159184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-03-13 16:07 - 2019-12-13 02:26 - 000038320 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-03-10 00:57 - 2019-12-12 05:25 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 22:27 - 2021-01-23 13:37 - 000000000 ____D C:\ProgramData\Origin
2021-03-09 22:22 - 2019-12-12 16:46 - 000000000 ____D C:\Users\Miz\AppData\Local\Blizzard Entertainment
2021-03-06 20:53 - 2020-02-13 12:38 - 000000000 ____D C:\Users\Miz\Desktop\Sakimichan
2021-03-04 03:28 - 2019-12-25 00:23 - 000000000 ____D C:\Users\Miz\AppData\Local\ElevatedDiagnostics
2021-03-03 21:06 - 2020-06-20 18:02 - 000000000 ____D C:\Users\Miz\Desktop\Lexaiduer
2021-02-28 15:46 - 2019-12-12 16:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-28 15:46 - 2019-12-12 16:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-28 02:09 - 2019-12-12 16:54 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-25 15:04 - 2020-08-15 19:08 - 000000000 ____D C:\Users\Miz\AppData\Local\Ferox_Games_B.V
2021-02-25 15:03 - 2020-08-15 19:07 - 000000000 ____D C:\Users\Miz\AppData\Local\Medal
 
==================== Files in the root of some directories ========
 
2020-04-08 18:35 - 2021-03-26 20:46 - 000000132 _____ () C:\Users\Miz\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-10-06 17:43 - 2021-01-28 15:11 - 000000132 _____ () C:\Users\Miz\AppData\Roaming\Adobe Targa Format CS6 Prefs
2021-03-17 15:31 - 2021-03-17 15:31 - 000000068 _____ () C:\Users\Miz\AppData\Roaming\changzhi_leidian.data
2019-12-22 23:42 - 2020-03-18 15:10 - 000005120 _____ () C:\Users\Miz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-13 18:24 - 2019-12-13 18:24 - 000000000 _____ () C:\Users\Miz\AppData\Local\oobelibMkey.log
2020-04-18 21:59 - 2020-06-12 04:09 - 000007597 _____ () C:\Users\Miz\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#48
GhostLoad
Posted 27 March 2021 - 07:49 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2021
Ran by Miz (27-03-2021 21:47:56)
Running from C:\Users\Miz\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-03-24 17:34:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3466475401-2357420200-2576914407-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3466475401-2357420200-2576914407-503 - Limited - Disabled)
Guest (S-1-5-21-3466475401-2357420200-2576914407-501 - Limited - Disabled)
Miz (S-1-5-21-3466475401-2357420200-2576914407-1001 - Administrator - Enabled) => C:\Users\Miz
WDAGUtilityAccount (S-1-5-21-3466475401-2357420200-2576914407-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Actual Multiple Monitors 8.14.4 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.14.4 - Actual Tools)
ADATA SSD ToolBox version 4.0.1 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 4.0.1 - ADATA, Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Amazon Kindle) (Version: 1.30.0.59056 - Amazon)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.04.111 - Advanced Micro Devices, Inc.)
AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD)
AMD_Chipset_Drivers (HKLM-x32\...\{1774a753-7604-40a0-adbd-e3dc95bea5a8}) (Version: 2.04.04.111 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 7.0.7 (HKLM-x32\...\Any Video Converter) (Version: 7.0.7 - Anvsoft)
ASUS Framework Service (HKLM-x32\...\{0432b7d3-a0dd-4049-81e3-c052fdd269d5}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.39 - ASUSTeK Computer Inc.) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.79 - ASUSTeK Computer Inc.)
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.14 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.14 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{B5ABFF44-9702-4CA1-A7D8-DBA659709C49}) (Version: 1.7 - Blackmagic Design)
Blitz 1.13.142 (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.142 - Blitz, Inc.)
Bulk Rename Utility 3.3.1.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Chrome Remote Desktop Host (HKLM-x32\...\{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}) (Version: 89.0.4389.25 - Google LLC)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CrewLink 1.2.1 (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\f844a100-2ca0-51d4-8013-d11548b01669) (Version: 1.2.1 - Ottomated)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
digiCamControl (HKLM-x32\...\{19D12628-7654-4354-A305-9AB0B33A1677}) (Version: 2.1.2.0 - Duka Istvan)
digiCamControl (HKLM-x32\...\{2dd048a1-b9fb-4e4f-a8f3-1eceafce538c}) (Version: 2.1.2.0 - ) Hidden
digiCamControl Virtual Webcam version 1.1 (HKLM-x32\...\{15A8F34E-E2BD-471C-B883-F6D0DB239C09}_is1) (Version: 1.1 - Duka Istvan)
Discord (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\DiscordPTB) (Version: 0.0.56 - Discord Inc.)
ENE_QSI_Azeroth_HAL (HKLM-x32\...\{b598bfc8-2eb9-4a18-94ae-abe59777bfc8}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Exif Pilot 5.4 (HKLM-x32\...\Exif Pilot_is1) (Version: 5.4 - Two Pilots)
Firestorm-Releasex64 (HKLM\...\Firestorm-Releasex64) (Version: 6.4.13.63251 - The Phoenix Firestorm Project, Inc.)
Foxit PhantomPDF (HKLM-x32\...\{6591E0EE-2DC6-11EB-9DE8-54BF64A63C26}) (Version: 10.1.1.37576 - Foxit Software Inc.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{9ec5ce84-258f-4ab1-bed0-45c6b8812928}) (Version: 10.1.1.37576 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
Futuremark SystemInfo (HKLM-x32\...\{A93C08EF-FEB5-49B0-BA5C-2149018683B5}) (Version: 5.26.809.0 - Futuremark)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HWiNFO64 Version 6.24 (HKLM\...\HWiNFO64_is1) (Version: 6.24 - Martin Malik - REALiX)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Kast 2.11.1 (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.11.1 - Evasyst, Inc.)
Kast 2.5.1 (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\{d06bcc57-f338-548b-9321-2ecf1ddd47ff}) (Version: 2.5.1 - Evasyst, Inc.)
Kodi (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Kodi) (Version:  - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Lovense Remote version 1.4.4 (HKLM-x32\...\{6CF0FC77-8ADB-477D-8E3F-0943B7EA1154}}_is1) (Version: 1.4.4 - Hytto Ltd.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Medal (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Medal) (Version: 4.625.0 - Medal B.V.)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.5 - Autodesk, Inc.)
Microsoft .NET Framework 4.7.2 SDK (HKLM-x32\...\{F42C96C1-746B-442A-B58C-9F0FD5F3AB8A}) (Version: 4.7.03081 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13127.21348 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.4 (x64) (HKLM-x32\...\{ff817559-f11f-4faa-af52-26feb4b46fff}) (Version: 5.0.4.29817 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
MSI Afterburner 4.6.3 (HKLM-x32\...\Afterburner) (Version: 4.6.3 - MSI Co., LTD)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.07 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.96 - LG Electronics Inc)
Ori and the Will of the Wisps (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\Ori and the Will of the Wisps) (Version:  - HOODLUM)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Parsec (HKLM-x32\...\Parsec) (Version:  - Parsec Cloud Inc.)
PdaNet+ for Android 5.22 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Plex Media Server (HKLM-x32\...\{3FCB18D0-5BBE-4771-ADA9-DF28AA69D053}) (Version: 1.20.4517 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{dc541992-a29f-4d8e-8f5e-13b4998a4716}) (Version: 1.20.4.3517 - Plex, Inc.)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 2.7.0+06158 - Private Internet Access, Inc.)
Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
Radegast 2.32.137.0 (HKLM-x32\...\{7fedd727-0df2-4414-8c6c-03f3d653d63d}) (Version: 2.32.137.0 - Sjofn, LLC)
Radegast 2.32.137.0 (HKLM-x32\...\{96541091-3FAE-4190-9EAD-3BA6788864D3}) (Version: 2.32.137.0 - Sjofn, LLC) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.47.121.2021 - Realtek)
REDlauncher (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Reflector 3 (HKLM\...\{74A912BB-7432-404A-AB8F-619497E82155}) (Version: 3.1.1.0 - Squirrels)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.16.0 - ASUSTek COMPUTER INC.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{BCB26446-682E-447D-8FE1-D71E28C3F801}) (Version: 1.20.4517 - Plex, Inc.) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.24753 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen)
Universal Control (HKLM\...\Universal Control) (Version: 3.1.2.54970 - PreSonus Audio Electronics, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhoCrashed 6.70 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - Nordic Semiconductor ASA (libusbK) Nordic Semiconductor DFU  (11/17/2017 1.0.0.0) (HKLM\...\9E604C253CF23E22559521E18F5477442849274E) (Version: 11/17/2017 1.0.0.0 - Nordic Semiconductor ASA)
Windows Driver Package - Nordic Semiconductor ASA (usbser) Ports  (05/11/2018 1.0.1.0) (HKLM\...\8BE37708EC0B1921B47CD432537BB725532CEF79) (Version: 05/11/2018 1.0.1.0 - Nordic Semiconductor ASA)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-12-13] (Adobe Systems Incorporated)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-22] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-25] (NVIDIA Corp.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3466475401-2357420200-2576914407-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C8CF056F92C1} -> [Creative Cloud Files] => C:\Users\Miz\Creative Cloud Files [2019-12-13 15:48]
CustomCLSID: HKU\S-1-5-21-3466475401-2357420200-2576914407-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Miz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3466475401-2357420200-2576914407-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Miz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2020-11-17 03:01 - 2020-11-17 03:01 - 000629760 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\aac_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 000336384 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\ac3_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 000394752 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\ac3_encoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 000608256 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\dca_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 001559040 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\h264_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 000818688 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\hevc_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 001800704 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\libx264_encoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 000579072 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\mp3_decoder.dll
2020-11-17 03:01 - 2020-11-17 03:01 - 001268224 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Plex Media Server\Codecs\02cff92-3522-windows-x86\mpeg4_decoder.dll
2020-08-09 03:55 - 2021-03-25 05:55 - 000415232 _____ () [File not signed] \\?\C:\Users\Miz\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2021-03-18 15:18 - 2021-03-18 15:19 - 104869376 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\libcef.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\libegl.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\libglesv2.dll
2021-02-08 10:24 - 2021-02-08 10:24 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-02-08 10:24 - 2021-02-08 10:24 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-02-08 10:24 - 2021-02-08 10:24 - 000668160 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-02-08 10:24 - 2021-02-08 10:24 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-02-08 10:24 - 2021-02-08 10:24 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-11-08 12:49 - 2019-11-08 12:49 - 004904448 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\ipp.dll
2019-09-27 05:11 - 2019-09-27 05:11 - 018891264 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\SmaartFactory_x64.dll
2019-09-27 05:04 - 2019-09-27 05:04 - 001834496 _____ () [File not signed] C:\Program Files\PreSonus\Universal Control\vectorlib.dll
2021-02-25 15:03 - 2021-02-25 15:03 - 001332736 _____ () [File not signed] C:\Users\Miz\AppData\Local\Medal\recorder-3.370.0\x64\sqlcipher.dll
2020-08-09 03:55 - 2021-03-25 05:55 - 002662912 _____ () [File not signed] C:\Users\Miz\AppData\Local\Programs\Blitz\ffmpeg.dll
2020-08-09 03:55 - 2021-03-25 05:55 - 000367104 _____ () [File not signed] C:\Users\Miz\AppData\Local\Programs\Blitz\libegl.dll
2020-08-09 03:55 - 2021-03-25 05:55 - 006631936 _____ () [File not signed] C:\Users\Miz\AppData\Local\Programs\Blitz\libglesv2.dll
2019-12-12 17:08 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-02-25 15:03 - 2021-02-25 15:03 - 003190784 _____ (Medialooks Company) [File not signed] C:\Users\Miz\AppData\Local\Medal\recorder-3.370.0\DLLs\medialooks.device.windows.x64.dll
2019-11-08 12:59 - 2019-11-08 12:59 - 000059904 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\avdecc.dll
2019-11-08 12:52 - 2019-11-08 12:52 - 005623808 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclgui.dll
2019-11-08 12:54 - 2019-11-08 12:54 - 000696832 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclnet.dll
2019-11-08 12:53 - 2019-11-08 12:53 - 001127424 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsecurity.dll
2019-11-08 12:51 - 2019-11-08 12:51 - 001281024 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsystem.dll
2019-11-08 12:51 - 2019-11-08 12:51 - 000485376 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ccltext.dll
2019-11-08 12:50 - 2019-11-08 12:50 - 000013824 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclwinrt.dll
2019-11-08 12:59 - 2019-11-08 12:59 - 000352768 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\atomdevice.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 000484352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\audioboxdevice.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 000113664 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\faderportdevice.dll
2019-11-08 12:59 - 2019-11-08 12:59 - 000770560 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\firewiredevice.dll
2019-11-08 12:57 - 2019-11-08 12:57 - 002885632 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\quantumdevice.dll
2019-11-08 12:59 - 2019-11-08 12:59 - 000704000 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\slclassicusbdevice.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 002140160 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studio192device.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 000272384 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studiolive3device.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 000600576 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studioliveardevice.dll
2019-11-08 12:58 - 2019-11-08 12:58 - 001169920 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studiousbdevice.dll
2019-11-08 12:52 - 2019-11-08 12:52 - 000661504 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\asioservice.dll
2019-11-08 13:00 - 2019-11-08 13:00 - 023193600 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\studiolivepanel.dll
2019-11-08 12:59 - 2019-11-08 12:59 - 000637440 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\ucnetmonitor.dll
2019-11-08 12:54 - 2019-11-08 12:54 - 000596480 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\windowsmidi.dll
2019-11-08 12:54 - 2019-11-08 12:54 - 000228352 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ucnet.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\chrome_elf.dll
2021-01-23 13:39 - 2021-01-23 13:39 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-23 13:39 - 2021-01-23 13:39 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-01-23 13:39 - 2021-01-23 13:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-01-27 18:24 - 2021-01-23 13:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\audio\qtaudio_windows.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qgif.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qico.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qjpeg.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qmng.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qsvg.dll
2021-03-18 15:18 - 2021-03-18 15:18 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\imageformats\qtiff.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\platforms\qwindows.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Core.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Gui.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Multimedia.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Network.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Qml.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Quick.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Svg.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Widgets.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5WinExtras.dll
2021-03-18 15:19 - 2021-03-18 15:19 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12769\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-17] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\sharepoint.com -> hxxps://falconmaildaytonastate-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 00:49 - 2020-02-19 19:23 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miz\AppData\Roaming\Actual Tools\Actual Multiple Monitors\Wallpapers\Composed.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\StartupFolder: => "Discord.lnk"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\StartupFolder: => "Discord PTB.lnk"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "Actual Multiple Monitors"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_E9BC4C4237B2FA2743E1DDE06CD8BA4A"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3466475401-2357420200-2576914407-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{F2F449E7-43BB-4F45-BCA4-565907B78038}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{FDED1A3B-1F31-43BE-8190-B8A44908742C}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{C02137EB-450A-4EC8-96CB-ABB3580C1D30}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe () [File not signed]
FirewallRules: [UDP Query User{58D34AB7-F4F3-4E92-A067-C89383655D23}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{494A029C-3510-4049-82F8-1D8CC7A996D2}J:\program files\firestorm-releasex64\slvoice.exe] => (Allow) J:\program files\firestorm-releasex64\slvoice.exe (Mercer Road Corp -> )
FirewallRules: [UDP Query User{FD79A072-2F72-415E-8EF8-3940003D5DFA}J:\program files\firestorm-releasex64\slvoice.exe] => (Allow) J:\program files\firestorm-releasex64\slvoice.exe (Mercer Road Corp -> )
FirewallRules: [{0B1DE1A6-92CD-404D-9FAF-00E0B5506FAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C99EB7C4-0A5D-4306-BD7D-C9CFE2B94925}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1AD5C9F5-DDFA-42B1-A5CA-579BE5C8FF47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{73B0468D-2BD9-4686-A665-AD064AE0D1F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{2180D0D0-D226-4C35-B96E-055D00C7C49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{A5E16BCE-97CE-4FE4-9B3A-F42CBD2CC05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [TCP Query User{8795B581-1562-4D5E-BBEE-05B9E513AD77}J:\program files (x86)\steam\steam.exe] => (Allow) J:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C2B91093-C1B1-4F1A-82A2-CAC08ED70E67}J:\program files (x86)\steam\steam.exe] => (Allow) J:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{10575224-4E3D-4224-87AE-2668E3CAEA05}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{096FACFA-5C2E-4462-9007-1A05F8CA71FC}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{91A1B869-2F01-4B58-8C18-A120A14B59DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6178A2B-874E-4150-9087-84F9EF9B3417}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7ABB1958-1977-4BBC-8042-4FA2152DC22D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{42C7D2F1-80EF-439F-8B0B-9EA572230D87}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D482F5D9-334F-4EAF-A45C-D3F57FCC6E35}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{AC71F4DC-5F85-4026-BEE0-BF598B5EE9DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DBE1AB6-2725-4217-BC5B-FDD4D5BA02D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8954984D-CBF3-495C-808D-37C4240FF556}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{06AFA3B5-1296-4ECE-8878-D2BF27548B96}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DF2279D4-DBD9-4086-8EAA-F8903E35400B}] => (Allow) C:\Users\Miz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4D084B86-51BE-4F79-8D6A-7157F686CDEA}] => (Allow) C:\Users\Miz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C4170014-EC57-411D-A75C-F934C44DB31B}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus) [File not signed]
FirewallRules: [{A57E5031-5B20-4472-AD12-1D24EC824A16}] => (Allow) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe (PreSonus) [File not signed]
FirewallRules: [{9A39242A-4F70-44B4-9479-9E0DABB24F16}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{223AF093-5F19-4348-A568-D8DA2444BA0B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FF0312CA-9E54-430D-ADD2-F3D74FE7B874}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F33F2B27-8AF4-42D1-86D5-0A014D25DB05}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02112E13-B31D-42B8-8D12-46FEE84F0220}] => (Allow) C:\Program Files\Reflector 3\Reflector3.exe (Squirrels LLC -> Squirrels) [File not signed]
FirewallRules: [{1729583D-F010-446F-966E-633C17E4A064}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe () [File not signed]
FirewallRules: [{85E5931B-BD26-4D16-9CE7-8D41272DC7BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe () [File not signed]
FirewallRules: [{6EF69200-3003-4699-B0E7-297BEC9648F8}] => (Allow) C:\Users\Miz\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{ACAD084B-A644-490D-A3DC-68D420BA6C4C}] => (Allow) C:\Users\Miz\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BD7B2DFE-B4B9-4773-93FC-829AA2BCCAD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe () [File not signed]
FirewallRules: [{264069BA-5883-4C4A-9FD7-163298EEAC01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe () [File not signed]
FirewallRules: [{B5163F82-7832-45B9-A419-2C5E9EBC618E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Winter\ProjectWinter.exe () [File not signed]
FirewallRules: [{78633D11-B525-49A5-B96C-39C62AC242DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Winter\ProjectWinter.exe () [File not signed]
FirewallRules: [TCP Query User{E57C33B2-EB1F-47CE-92F7-C807F06AEED7}C:\users\miz\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\miz\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [UDP Query User{236B6E66-DE30-4B6F-AD12-70448B977EC1}C:\users\miz\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\miz\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [{C0498937-E345-4557-BFD9-3BD7E38C0D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [{ECA20CAA-A643-4375-954D-328F27637D90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [TCP Query User{10FA8BCE-1304-4AE6-BE49-FA1FF0801A9A}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{18A5CC08-22B1-4874-B456-5FE8F6048E36}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{B3645758-9C27-4201-8BF3-A43A95F11AC5}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{5B3F4C9D-90D0-484B-86C8-1A684656561B}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{B80E15D5-1F17-40EF-B717-181515F5B3DF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{C2E0CE8A-E168-47E9-A731-5BE9D87238B9}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{A80BB917-D4F1-4E4A-84FA-91EE809F6619}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spellsworn\Spellsworn.exe () [File not signed]
FirewallRules: [{C9E87433-9BDD-4B4E-9B81-1458D80013E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spellsworn\Spellsworn.exe () [File not signed]
FirewallRules: [TCP Query User{1B7C0B42-648A-438E-8A8B-602AC5B6760E}C:\program files (x86)\steam\steamapps\common\spellsworn\spellsworn\binaries\win64\spellsworn-win64-test.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spellsworn\spellsworn\binaries\win64\spellsworn-win64-test.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{A5D7D028-4E98-4B79-8F6C-3AE93AEE187C}C:\program files (x86)\steam\steamapps\common\spellsworn\spellsworn\binaries\win64\spellsworn-win64-test.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spellsworn\spellsworn\binaries\win64\spellsworn-win64-test.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{35048391-6C45-426C-A09D-402FDC453FD5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{723B24BF-D224-4D25-A555-D8A08481678A}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{108B048A-B6E1-4508-AA91-3AB4A91206AE}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe () [File not signed]
FirewallRules: [UDP Query User{5123DF4D-5205-4776-9327-A94D72C533EE}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe () [File not signed]
FirewallRules: [{63062340-84B1-48EB-B56A-08D20AD04889}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retrograde Arena\Retrograde Arena.exe () [File not signed]
FirewallRules: [{BCA320CB-4ADF-4DD8-9DAA-FDD2D8D26752}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retrograde Arena\Retrograde Arena.exe () [File not signed]
FirewallRules: [{42BB3283-B342-4BFF-A8A6-844BEFAF33AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{5945864C-7EE5-4A91-8819-E8C6FF4FEC4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{4088E3C0-7D02-41C0-80A0-2A3C720E3B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp. z o.o. -> SUPERHOT Sp. z o.o.)
FirewallRules: [{E9B8A5C9-BEE0-4B7F-A23E-8E74804294E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp. z o.o. -> SUPERHOT Sp. z o.o.)
FirewallRules: [TCP Query User{70E89CC7-50DF-4F3F-A36C-0278CBCB5702}C:\users\miz\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\miz\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{7065671D-FD3D-4643-815A-C191C5068E94}C:\users\miz\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\miz\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{57C73F17-2D08-4B22-9722-0DB65B4F77BD}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{CE230B7C-DAAC-4C65-B396-1755961E2C7F}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{03E5AEBB-7F15-4053-9541-6D670985C16F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{90ABE5BA-1542-45B1-AB50-A5898C14D1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [TCP Query User{43E8552C-32A6-4BA1-8DC9-580FC1DB091D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EF2ADCF7-CC73-4922-AB3A-7331BA24A6AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E66B4E10-F9B3-4293-BB5C-219774F3E4A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NieRAutomata\NieRAutomata.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{E5397676-A142-492F-BCBE-B1F98F1115FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NieRAutomata\NieRAutomata.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [TCP Query User{A55005EC-0FF5-4C9F-AFDD-34FFE2E896A0}C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe] => (Allow) C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{2F94CB03-E791-45E9-B8C6-30123D96D807}C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe] => (Allow) C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F956EA4D-7D44-42BB-BD28-DB1610CC6B33}] => (Block) C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{61DE93AD-8B2A-44BC-8BA6-A97B814423C1}] => (Block) C:\users\miz\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{43C05354-D8D0-41CE-800C-4DCEA16F70C2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{3A4AC287-F816-4B8A-B4F9-21C0C50B827C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{61807ECD-856B-4A31-861F-911856296C1F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{53EBE7B8-418B-47E7-A794-DF9DE7C81261}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{00DBB18A-9066-40D8-9C32-259551FE073A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{9B48B82A-E8BF-4CBD-B08D-2FF81D651544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{996B5F1B-52DB-49AB-A072-F0CF9231C8BE}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{BB1F2294-A05E-4D42-B40F-5DF6E9B93C27}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{30C404FF-DD20-44B0-8979-E60AE851DEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{8CE881C8-1861-47A0-BEA0-A7A1EBB47C78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{644FD5D0-8C51-4CD4-B08C-D0EF4F993C42}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{DF25BB07-9001-4669-9D34-1A5A5D94E64A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7A65E39E-616D-49F8-B697-6B577EB56D92}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{679C3FCE-CFDF-42E2-B048-8D4AC64612E8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{9C6D6E0E-23A8-47DB-961F-2651E8EFE178}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D741AE88-EBFA-492A-91B5-3DA6718701A6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{AD21B19D-0F04-4A63-9157-E69F2249CED5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{600458ED-F797-49B9-A6C5-13E96E6A801C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{AA50FBBE-5CA1-485B-83A9-A5D65B439E60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{3C3385DC-7797-48A3-866B-8586B47331FC}C:\users\miz\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\miz\appdata\local\programs\crewlink\crewlink.exe (Ottomated) [File not signed]
FirewallRules: [UDP Query User{FAF48A87-E917-45FD-854D-F1B104787DBA}C:\users\miz\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\miz\appdata\local\programs\crewlink\crewlink.exe (Ottomated) [File not signed]
FirewallRules: [TCP Query User{B37BD24B-17CB-494C-B0BD-F3A2CB1AC01D}C:\users\miz\appdata\local\lovense\remote\lovense_remote.exe] => (Allow) C:\users\miz\appdata\local\lovense\remote\lovense_remote.exe (Hytto Ltd.) [File not signed]
FirewallRules: [UDP Query User{6597B0BF-D063-47D9-A7DD-D1A28580C272}C:\users\miz\appdata\local\lovense\remote\lovense_remote.exe] => (Allow) C:\users\miz\appdata\local\lovense\remote\lovense_remote.exe (Hytto Ltd.) [File not signed]
FirewallRules: [{A4FEA3EB-282F-4F61-9730-18C235607330}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F8347482-606B-4F92-ACBC-BD3A166C8914}C:\users\miz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\miz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{83AE2CB2-3B62-4C68-8F53-E92919444AD7}C:\users\miz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\miz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1002DB2-EF26-46BA-A522-6D241230B5FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{116FB95F-20E8-428E-80F7-04092CEFA59F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D8D1B73-6148-4FC3-B282-D4D69F10206A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B702E034-ACF0-46CE-9A7F-762C77A57D76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76822A51-89FB-4B3F-8D34-EAC2EF6C058D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [{0FF023FB-18C9-4A05-9CF7-849FEC11D485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [{C7B3D7AD-E642-4FD8-9E7B-3796F8C9C273}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{DAECE08F-C9C4-4375-A5E6-E2642C6CDFD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe () [File not signed]
FirewallRules: [{486A643D-E340-444B-8377-366F6CC84D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe () [File not signed]
FirewallRules: [{379647E9-D043-4554-91EC-5F9619532764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Century Playtest\Century.exe () [File not signed]
FirewallRules: [{546122C5-169B-4AEE-9AFA-470CCAF80F0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Century Playtest\Century.exe () [File not signed]
FirewallRules: [TCP Query User{BC3DC222-E7ED-4F01-BE56-D0108E1CCA45}C:\program files (x86)\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{27779465-F774-4B3E-A47E-E0A199BD137F}C:\program files (x86)\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{1256092A-C809-4F31-B442-A7F602750A63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Veneficium\WitchsHunt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1773A605-356C-4FF0-B629-9209452C4F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Veneficium\WitchsHunt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3A9D6581-8FA1-4267-B42B-ECF5B58E0CB1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E6B0E095-D5EB-4E8A-91C5-CB30C7677659}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0627642C-D5D3-49D1-899F-41D1035AF230}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24A4F6B1-6AB0-4B50-9D70-0FBAAC64459C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADBDAE43-4F88-4396-9A98-4ABD398076F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0611A40A-D99F-4BF4-AE23-C0A1A1BEB041}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{76A03752-9456-4D79-BF3C-EAB52A37F65B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4F1ACF0-FB46-452A-89DB-B0458E879440}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C53A579A-8151-46B8-B924-3E55580D92DC}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{EAD9D9AF-A80C-414A-AA91-0BBE2C7A416C}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
24-03-2021 13:45:24 AURA Service
25-03-2021 15:53:23 Windows Modules Installer
27-03-2021 00:54:14 Installed AURA
27-03-2021 00:54:25 AURA Service
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/27/2021 06:41:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d
Exception code: 0xe0434352
Fault offset: 0x0012a8b2
Faulting process id: 0x3744
Faulting application start time: 0x01d7235a5e3b479b
Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 2ff2ea6e-aad2-4d43-8579-0f4cae5761b2
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/27/2021 06:41:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
Error: (03/27/2021 06:41:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d
Exception code: 0xe0434352
Fault offset: 0x0012a8b2
Faulting process id: 0x39e8
Faulting application start time: 0x01d7235a5d0abe61
Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: fb425283-9345-4787-9179-35d7f81957fc
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/27/2021 06:41:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
Error: (03/27/2021 06:41:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d
Exception code: 0xe0434352
Fault offset: 0x0012a8b2
Faulting process id: 0x47b0
Faulting application start time: 0x01d7235a4aa61913
Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 050f071f-cb2c-4bbf-aa2c-a987a87788d9
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/27/2021 06:41:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
Error: (03/27/2021 06:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d
Exception code: 0xe0434352
Fault offset: 0x0012a8b2
Faulting process id: 0x3030
Faulting application start time: 0x01d7235a4997d185
Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 9493afd6-4872-405e-9d2b-26f158042042
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/27/2021 06:41:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FrameworkServiceSetup.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithCreateProcess(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at InstallerWrap.Program.processRegistryKey(Microsoft.Win32.RegistryKey)
   at InstallerWrap.Program.searchRegistryAndUninstall(Boolean)
   at InstallerWrap.Program.Main(System.String[])
 
 
System errors:
=============
Error: (03/27/2021 06:16:40 AM) (Source: DCOM) (EventID: 10005) (User: MIZ-PC)
Description: DCOM got error "1053" attempting to start the service WpnUserService_1149a7 with arguments "Unavailable" in order to run the server:
{1FFE4FFD-25B1-40B1-A1EA-EF633353BB4E}
 
Error: (03/27/2021 06:16:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Push Notifications User Service_1149a7 service to connect.
 
Error: (03/27/2021 06:16:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications User Service_1149a7 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (03/27/2021 01:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightingService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/27/2021 12:59:12 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0xfffff80441afb320, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 4a4a93a2-cc02-4710-bc60-e72530ea6a27.
 
Error: (03/27/2021 12:59:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:42:52 AM on ‎3/‎27/‎2021 was unexpected.
 
Error: (03/27/2021 12:42:05 AM) (Source: DCOM) (EventID: 10010) (User: MIZ-PC)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
Error: (03/27/2021 12:31:24 AM) (Source: DCOM) (EventID: 10010) (User: MIZ-PC)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
 
Windows Defender:
================
Date: 2021-03-26 16:27:36
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-26 01:18:30
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-26 01:05:46
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-26 00:48:58
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1404 11/08/2019
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING X570-PLUS (WI-FI)
Processor: AMD Ryzen 7 3700X 8-Core Processor 
Percentage of memory in use: 32%
Total physical RAM: 32681.33 MB
Available physical RAM: 21934.77 MB
Total Virtual: 37545.33 MB
Available Virtual: 25568.54 MB
 
==================== Drives ================================
 
Drive c: (ADATA SX8200 M.2) (Fixed) (Total:953.24 GB) (Free:212.15 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (4TB Seagate BarraCuda) (Fixed) (Total:3725.9 GB) (Free:2353.22 GB) NTFS
Drive h: (DIABLO II) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32
Drive j: (1TB WD Caviar Black) (Fixed) (Total:930.46 GB) (Free:331.17 GB) NTFS
 
\\?\Volume{7b5ae255-ed40-4f8b-a40d-bc1bcd9157a1}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.06 GB) NTFS
\\?\Volume{570ea1e3-0000-0000-0000-00a4e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{570ea1e3-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{2bc80dfd-d772-422a-8a58-571a85b32b3a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 570EA1E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=520 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
 
==========================================================
Disk: 2 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
 
==================== End of Addition.txt =======================

  • 0

#49
RKinner
Posted 27 March 2021 - 08:15 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

I can see the install crashing:

 

Error: (03/27/2021 06:41:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FrameworkServiceSetup.exe, version: 1.0.2.0, time stamp: 0xa620dac4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d
Exception code: 0xe0434352
Fault offset: 0x0012a8b2
Faulting process id: 0x3744
Faulting application start time: 0x01d7235a5e3b479b
Faulting application path: C:\ProgramData\ASUS\ROGLiveServiceTemp\V2.0.2.3\FrameworkServiceSetup.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 2ff2ea6e-aad2-4d43-8579-0f4cae5761b2
Faulting package full name: 
Faulting package-relative application ID:

 

 

Doesn't look like my install but I suppose it could have removed the ROGLiveServiceTemp folder once it installed.  Where did you get the install file from?  I don't see the zip in your downloads but the unzipped file is on your desktop.  Are you sure you have the latest version?  Did you get it from https://dlcdnets.asu...nstallTool.zip?

 

This is what my ASUS folder looks like:

Arm.jpg

 

 


  • 0

#50
GhostLoad
Posted 27 March 2021 - 08:30 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Yep, that's where I got it from.

Qz1dKkX.png


Edited by GhostLoad, 27 March 2021 - 08:30 PM.

  • 0

#51
RKinner
Posted 27 March 2021 - 09:21 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Looks to me like you have an older version:

 

Mine shows:

 

ASUS Framework Service (HKLM-x32\...\{1f83836b-be39-4903-b63c-fb22a1303597}) (Version: 2.0.2.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.3 - ASUSTek COMPUTER INC.) Hidden
 

 

Yours shows:

 

ASUS Framework Service (HKLM-x32\...\{0432b7d3-a0dd-4049-81e3-c052fdd269d5}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.) Hidden
 
I would uninstall your ASUS Framework Service and download a new copy from

  • 0

#52
GhostLoad
Posted 27 March 2021 - 09:25 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Bh4KaAF.png


  • 0

#53
RKinner
Posted 27 March 2021 - 09:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

You can try (from an elevated Command prompt)

msiexec /x {0432b7d3-a0dd-4049-81e3-c052fdd269d5}

See if it has better luck.

 

Or perhaps REVO Uninstaller:

https://www.revounin...-free-download/

(Close the ad for the pro version)

You want the Free Download on the left.

 

If neither helps then start up FRSt and put {0432b7d3-a0dd-4049-81e3-c052fdd269d5} in its Search Box and hit Search Registry.  Post the single log you get and I can have FRST remove it.

 

Going to bed now.


  • 0

#54
GhostLoad
Posted 27 March 2021 - 10:13 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Uninstalling the framework with REVO (I already had REVO) seemed to let me install Armoury Crate fine.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP