Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

There was a problem starting StartupCheckLibrary.dll and winscomrssrv.


  • Please log in to reply

#1
Spicy Beef Patty

Spicy Beef Patty

    New Member

  • Member
  • Pip
  • 1 posts

I just installed Windows 11 (from windows 10) and every time I restart my PC I get these two RunDLL error messages. I've attached the logs below. I really appreciate your help.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by Jamie (administrator) on NZXT (28-11-2021 21:11:49)
Running from C:\Users\Jamie\Desktop
Loaded Profiles: Jamie
Platform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_171a8092a51ff342\Display.NvContainer\NVDisplay.Container.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-11-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-12] (Adobe Inc. -> )
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-08-12] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680776 2021-08-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Run: [Discord] => C:\Users\Jamie\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk [2020-05-13]
ShortcutTarget: iSyncr.lnk -> C:\Windows\Installer\{08527E94-6A5C-442F-A804-23F86C4463F6}\_82F5CB3C77F030F4E8ECDC.exe () [File not signed]
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-01-06]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {022DC1CC-B783-4DB4-95D1-8FFB768F4807} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {140630CA-71FA-44C1-A3A3-05EBD5041148} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {184C51C7-BE88-4F9F-BEAF-369D0EADD8F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-06] (Google Inc -> Google LLC)
Task: {1FA5348E-199F-4F52-89B8-3C2F9E2F07DA} - System32\Tasks\G2MUpdateTask-S-1-5-21-2406969850-3933362538-2351075806-1002 => C:\Users\Jamie\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {2DD64CAD-CA56-4A52-A2A6-016CED03D9F1} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2406969850-3933362538-2351075806-500 => C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {364E21CF-59EA-4B42-8BD8-719087233164} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {4999257F-C327-4E89-A70E-31F245DB5DBD} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe -o pool.supportxmr.com:80 -u 882cATBK88FMXFcfkV834JHatxbTxUpyBVbp4cvVqR6ojKPhASUPc4M2ZyYXqjFKABDEzZERmxzhsXuz4btNkygo39ELM2C -p x (No File) <==== ATTENTION
Task: {598E2329-7D7A-4491-B551-CBAA875694D8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B813BC6-7DC5-44C4-8623-543564C0EC5F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6144E0D2-D4E3-4D17-B5F0-1F26C30A4684} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {679F6B80-6B25-4BF3-A77B-0510C66EF616} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {71DAB60F-532B-49C0-A987-C2ACD4E48765} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {7E9FF1D9-E5A8-42EE-A12D-9A85BF365FF7} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe /startup (No File) <==== ATTENTION
Task: {8188ADEA-B95B-489F-BEF0-86DD9D9C3D33} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {87632DEE-93AD-4741-B68C-1594E275C80E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {891FC51C-437A-48E1-A4FC-7B0CAA27ED5B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90CDAEE8-DF55-4E80-BD4F-0D2B1DE7CB82} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [423152 2021-08-12] (Adobe Inc. -> Adobe Inc.)
Task: {9831D66E-51D4-473B-9C30-7857AB35E37D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9EEB6623-5FF9-4A5A-86AD-C58926FB56D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A174DF81-AEB9-441B-AC78-6F4BE1C3017D} - System32\Tasks\G2MUploadTask-S-1-5-21-2406969850-3933362538-2351075806-1002 => C:\Users\Jamie\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {AA8B87AB-27EE-42FE-A896-6D3AA7770148} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3A98870-D43C-4832-ACB2-D830C3B03516} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
Task: {C3765800-6C55-42B3-92B5-1C5DDDEB8B23} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C43E830B-DA14-4FF3-90F1-93483759F65E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D17F2D4D-B4DD-4C36-9D3C-8774A0B11CA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2BD70B0-5EAB-45FF-B8EE-49B6B1EB46E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9AAC6AA-8441-44D1-AF82-83AF2A07AE2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-06] (Google Inc -> Google LLC)
Task: {E051E1E2-D09E-44CE-A558-A800421DEAC5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E82E3540-C304-48DD-AEC1-497FF9CFDD3D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAD1B4AB-8781-4035-A693-5E9E518F2D02} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {ED1BE3EC-35D9-42A3-981E-9883E195E8F0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4217072-0DDE-4E5D-8E23-E383726CE2B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2406969850-3933362538-2351075806-1002.job => C:\Users\Jamie\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2406969850-3933362538-2351075806-1002.job => C:\Users\Jamie\AppData\Local\GoToMeeting\19932\g2mupload.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{004b9c50-fd91-459b-89da-bd737b2f8603}: [DhcpNameServer] 192.168.2.1 207.164.234.129
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jamie\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-28]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-08-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-08-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: questrade.com/QuestradeIQEdgeDetector -> C:\Program Files (x86)\Questrade IQ Edge\npQuestradeIQEdgeDetector.dll [2021-04-22] (Questrade Inc) [File not signed]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default [2021-11-28]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://messages.google.com; hxxps://my.questrade.com; hxxps://voice.google.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://avg.nation.com/avgtbavg/search/home?cid={253797B6-6E87-4A81-A074-1247DA46EDAE}&mid=4a4aad6c054c47d39f78d16ae8022ea8-7eb2efa37adb8cab54340e9b7d16d36ccd9a109a&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-29 11:26:00&v=17.0.1.12&pid=nation&sg=0&sap=hp&cmpid=0913b","hxxp://ca.search.yahoo.com/?fr=w3i&type=W3i_SP,203,0_0,StartPage,20140416,18925,0,82,0","hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5ECA&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5ECA&apn_dbr=cr_34.0.1847.116&apn_uid=F351C71F-0DE9-4321-91FE-512424F270FD&itbv=12.10.6.48&doi=2014-04-17&psv=","hxxp://mysearch.avg.com?cid={EC653A16-171E-4694-827B-31176B5BB065}&mid=4a4aad6c054c47d39f78d16ae8022ea8-7eb2efa37adb8cab54340e9b7d16d36ccd9a109a&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-23 11:51:37&v=3.0.0.2&pid=wtu&sg=&sap=hp"
CHR NewTab: Default ->  Active:"chrome-extension://kcphhkbdlfggickaoeiahdcfhagfbajl/data/tab/tab.html"
CHR Extension: (Google Translate) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-06]
CHR Extension: (Entanglement Web App) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2019-12-06]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2020-03-09]
CHR Extension: (Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-06]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-06]
CHR Extension: (Honey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-11-19]
CHR Extension: (Timer) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2019-12-06]
CHR Extension: (Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-06]
CHR Extension: (The QR Code Generator) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2019-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-15]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2020-04-01]
CHR Extension: (Google Keep - Notes and Lists) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-11-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-12-11]
CHR Extension: (Dark New Tab) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcphhkbdlfggickaoeiahdcfhagfbajl [2021-11-04]
CHR Extension: (Anti Adblock Detector) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjhdffcfinhkdfbbhjlfoadcdfgihmlp [2021-02-12]
CHR Extension: (Google Maps) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2019-12-06]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2021-09-28]
CHR Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2021-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-08-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [537608 2020-11-03] (NZXT, Inc. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe [72536 2021-11-04] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2021-11-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557656 2021-11-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476184 2021-11-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-22] (Rockstar Games, Inc. -> Rockstar Games)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10157608 2021-11-03] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_171a8092a51ff342\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_171a8092a51ff342\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-28] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [18448 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [812208 2020-10-30] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2020-10-30] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [581912 2020-11-15] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2020-04-17] (Vincent Burel -> Windows ® Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8227000 2021-11-03] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-28] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-11-28 21:11 - 2021-11-28 21:12 - 000028252 _____ C:\Users\Jamie\Desktop\FRST.txt
2021-11-28 21:11 - 2021-11-28 21:11 - 002311680 _____ (Farbar) C:\Users\Jamie\Desktop\FRST64.exe
2021-11-28 21:05 - 2021-11-28 21:05 - 000000000 ____D C:\Users\Jamie\Downloads\Autoruns
2021-11-28 20:53 - 2021-11-28 21:12 - 000000000 ____D C:\FRST
2021-11-28 20:24 - 2021-11-28 20:24 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-28 20:24 - 2021-11-28 20:24 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-28 20:24 - 2021-11-28 20:24 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-28 20:24 - 2021-11-28 20:24 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-28 20:22 - 2021-11-28 20:22 - 000000000 ___HD C:\$WinREAgent
2021-11-28 17:38 - 2021-11-28 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-11-28 17:38 - 2021-11-28 17:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-11-28 17:37 - 2021-06-28 00:38 - 006446616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-11-28 17:37 - 2021-03-25 00:43 - 045160768 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-11-28 17:36 - 2021-11-28 21:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-28 17:36 - 2021-11-28 20:35 - 000848788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-28 17:36 - 2021-11-28 17:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-11-28 17:36 - 2021-11-28 17:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-11-28 17:36 - 2021-11-28 17:36 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-11-28 17:36 - 2021-11-28 17:36 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-28 17:36 - 2021-11-28 17:36 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-28 17:36 - 2021-11-28 17:36 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-11-28 17:36 - 2021-11-28 17:36 - 000003242 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2406969850-3933362538-2351075806-1002
2021-11-28 17:36 - 2021-11-28 17:36 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b496d37cbf6c
2021-11-28 17:36 - 2021-11-28 17:36 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-28 17:36 - 2021-11-28 17:36 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000003146 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2406969850-3933362538-2351075806-1002
2021-11-28 17:36 - 2021-11-28 17:36 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-28 17:36 - 2021-11-28 17:36 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2406969850-3933362538-2351075806-500
2021-11-28 17:36 - 2021-11-28 17:36 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-11-28 17:36 - 2021-11-28 17:36 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-11-28 17:36 - 2021-11-28 17:36 - 000002310 _____ C:\WINDOWS\system32\Tasks\Adobe Uninstaller
2021-11-28 17:36 - 2021-11-28 17:36 - 000000020 ___SH C:\Users\Jamie\ntuser.ini
2021-11-28 17:33 - 2021-11-28 20:29 - 000470256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-28 17:33 - 2021-11-28 17:36 - 000000000 ____D C:\Windows.old
2021-11-28 17:33 - 2021-11-28 17:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-28 17:27 - 2021-11-28 17:33 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-11-28 17:26 - 2021-11-28 17:36 - 000000000 ____D C:\Users\Jamie
2021-11-28 17:26 - 2021-06-05 07:04 - 000001281 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-11-28 17:26 - 2021-06-05 07:04 - 000000407 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-11-28 17:25 - 2021-11-28 17:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-11-28 17:23 - 2021-11-28 20:28 - 000000000 ____D C:\WINDOWS\system32\en-CA
2021-11-28 17:20 - 2021-11-28 17:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-11-28 17:20 - 2021-11-28 17:20 - 000000000 ____D C:\Program Files\MSBuild
2021-11-28 17:20 - 2021-11-28 17:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-11-28 17:20 - 2021-11-28 17:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-11-28 17:16 - 2021-11-28 17:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-11-28 17:06 - 2021-11-28 17:36 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-28 17:05 - 2021-11-28 17:06 - 000000036 _____ C:\WINDOWS\progress.ini
2021-11-28 17:01 - 2021-11-28 17:36 - 000000000 ___HD C:\$GetCurrent
2021-11-28 17:01 - 2021-11-28 17:04 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2021-11-28 15:10 - 2021-11-28 15:10 - 000001349 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-28 15:10 - 2021-11-28 15:10 - 000000000 ____D C:\Users\Jamie\AppData\Local\PCHealthCheck
2021-11-28 03:31 - 2021-11-28 03:31 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Team Soda
2021-11-27 21:09 - 2021-11-27 21:09 - 003583998 _____ C:\Users\Jamie\Downloads\CELPIP+Writing+Practice.pdf
2021-11-27 13:55 - 2021-11-27 13:55 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Le triangle à l'harmonica
2021-11-27 00:58 - 2021-11-27 01:04 - 000000000 ____D C:\Users\Jamie\Downloads\Note 9 DCIM Backup
2021-11-26 16:54 - 2021-11-26 16:54 - 000000000 ____D C:\Users\Jamie\AppData\Local\Annapurna Interactive
2021-11-26 14:33 - 2021-11-26 16:11 - 000000000 ____D C:\Users\Jamie\AppData\Local\PVZCache
2021-11-26 14:33 - 2021-11-26 14:43 - 000000000 ____D C:\Users\Jamie\Documents\PVZ Battle for Neighborville
2021-11-26 14:33 - 2021-11-26 14:33 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\EasyAntiCheat
2021-11-25 01:58 - 2021-11-25 01:58 - 000000000 ____D C:\Users\Jamie\Documents\Horizon Zero Dawn
2021-11-24 20:08 - 2021-11-24 20:09 - 000000000 ____D C:\Users\Jamie\AppData\Local\PAYDAY 2
2021-11-24 20:08 - 2021-11-24 20:08 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2021-11-24 00:40 - 2021-11-24 00:40 - 000007564 _____ C:\Users\Jamie\AppData\Roaming\59a413be-381a-4b91-8b5d-dbdc6d46f223.tmp
2021-11-23 23:22 - 2021-11-23 23:22 - 001768775 _____ C:\Users\Jamie\Downloads\Bijhan Suleman 2020 Resume (1).pdf
2021-11-22 22:05 - 2021-11-22 22:05 - 000000000 ____D C:\Users\Jamie\AppData\Local\Icarus
2021-11-22 00:50 - 2021-11-26 15:35 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-11-22 00:50 - 2021-11-26 14:32 - 000000000 ____D C:\Program Files (x86)\Origin
2021-11-22 00:50 - 2021-11-22 00:50 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Zoink Games
2021-11-22 00:49 - 2021-11-26 16:28 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Origin
2021-11-22 00:49 - 2021-11-26 16:28 - 000000000 ____D C:\ProgramData\Origin
2021-11-22 00:49 - 2021-11-26 15:35 - 000000000 ____D C:\Users\Jamie\AppData\Local\Origin
2021-11-21 01:00 - 2021-11-21 01:00 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Konfa Games
2021-11-18 12:21 - 2021-11-18 12:21 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Overwolf
2021-11-16 21:37 - 2021-11-16 21:37 - 000000000 ____D C:\Users\Jamie\AppData\Local\HaloInfinite
2021-11-16 21:10 - 2021-11-28 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
2021-11-16 15:34 - 2021-11-09 17:27 - 000125568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-11-16 15:34 - 2021-11-09 17:27 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-11-16 15:34 - 2021-11-09 17:27 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-16 15:31 - 2021-11-10 21:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-16 15:31 - 2021-11-10 21:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-16 15:31 - 2021-11-10 21:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-16 15:31 - 2021-11-10 21:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-16 15:31 - 2021-11-10 21:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-11-16 15:31 - 2021-11-10 21:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-11-16 15:31 - 2021-11-10 21:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-11-16 15:31 - 2021-11-10 21:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-11-16 15:31 - 2021-11-10 21:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-11-16 15:31 - 2021-11-10 21:30 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-11-16 15:31 - 2021-11-10 21:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-11-16 15:31 - 2021-11-09 17:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb
2021-11-08 23:42 - 2021-11-28 17:33 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
2021-11-08 23:41 - 2021-11-08 23:42 - 000000000 ____D C:\Program Files (x86)\LittleFighter
2021-11-05 01:37 - 2021-11-05 01:37 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Baked Games
2021-11-05 01:17 - 2021-11-05 01:17 - 000000000 ____D C:\Users\Jamie\Documents\Phoenix Network
2021-11-05 01:16 - 2021-11-05 01:16 - 000000000 ____D C:\Users\Jamie\AppData\Local\Phoenix_Network
2021-11-05 01:16 - 2021-11-05 01:16 - 000000000 ____D C:\ProgramData\Caphyon
2021-11-05 01:15 - 2021-11-05 01:16 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Phoenix Network
2021-11-04 18:14 - 2021-11-04 18:14 - 000000000 ____D C:\Users\Jamie\AppData\Local\AvenColony
2021-11-04 09:18 - 2021-11-04 09:18 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-11-04 09:18 - 2021-11-04 09:18 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-11-04 09:18 - 2021-11-04 09:18 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-11-04 09:18 - 2021-11-04 09:18 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-11-04 09:18 - 2021-11-04 09:18 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-11-04 09:18 - 2021-11-04 09:18 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-11-04 09:18 - 2021-11-04 09:18 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-11-04 09:17 - 2021-11-04 09:17 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-04 09:17 - 2021-11-04 09:17 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-11-04 09:17 - 2021-11-04 09:17 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-04 09:17 - 2021-11-04 09:17 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-04 09:17 - 2021-11-04 09:17 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-04 09:17 - 2021-11-04 09:17 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-11-04 09:17 - 2021-11-04 09:17 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-11-04 09:17 - 2021-11-04 09:17 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-11-04 09:17 - 2021-11-04 09:17 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-11-04 09:16 - 2021-11-04 09:16 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-04 09:16 - 2021-11-04 09:16 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-04 09:16 - 2021-11-04 09:16 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2021-11-03 22:37 - 2021-11-03 22:37 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Ludeon Studios
2021-11-03 19:34 - 2021-11-28 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-11-03 19:34 - 2021-11-03 19:34 - 000000000 ____D C:\Program Files\HWiNFO64
2021-11-01 19:29 - 2021-11-01 19:29 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Daniel Mullins Games
2021-10-29 17:03 - 2021-10-29 17:03 - 000000000 ____D C:\Users\Jamie\AppData\Local\TaskManClient
2021-10-29 17:03 - 2021-10-29 17:03 - 000000000 ____D C:\Users\Jamie\AppData\Local\Back4Blood
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-11-28 21:12 - 2020-10-24 20:14 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-11-28 21:11 - 2021-06-05 07:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-28 21:11 - 2019-12-06 15:11 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-28 21:11 - 2019-11-13 09:18 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-28 21:10 - 2019-12-06 15:28 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Discord
2021-11-28 21:09 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-11-28 21:09 - 2020-11-06 18:40 - 000012288 ___SH C:\DumpStack.log.tmp
2021-11-28 21:09 - 2019-12-06 15:28 - 000000000 ____D C:\Users\Jamie\AppData\Local\Discord
2021-11-28 21:08 - 2021-06-05 07:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-28 21:08 - 2021-01-06 17:08 - 000000000 ____D C:\Users\Jamie\Documents\ShareX
2021-11-28 21:06 - 2021-06-05 07:09 - 000000000 ____D C:\WINDOWS\INF
2021-11-28 20:49 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-28 20:41 - 2021-06-05 07:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-28 20:28 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-28 20:28 - 2021-06-05 07:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-28 20:20 - 2020-09-30 22:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-28 20:19 - 2019-12-06 15:14 - 000000000 ____D C:\Users\Jamie\AppData\Local\D3DSCache
2021-11-28 20:14 - 2019-12-06 17:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-28 20:13 - 2019-12-06 17:27 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-28 19:39 - 2019-11-13 09:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-28 18:06 - 2019-12-06 16:55 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-28 17:54 - 2021-06-05 07:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-28 17:54 - 2019-12-06 14:52 - 000000000 ____D C:\Users\Jamie\AppData\Local\Packages
2021-11-28 17:53 - 2021-06-05 07:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-11-28 17:53 - 2019-11-13 09:16 - 000000000 ____D C:\ProgramData\Packages
2021-11-28 17:36 - 2021-06-05 07:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-11-28 17:36 - 2021-06-05 07:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-28 17:36 - 2020-04-06 18:27 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-11-28 17:36 - 2019-12-06 15:12 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-28 17:36 - 2019-11-13 09:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-11-28 17:35 - 2021-06-05 07:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-11-28 17:34 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\appcompat
2021-11-28 17:34 - 2020-06-16 12:51 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-28 17:34 - 2019-11-13 09:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-11-28 17:33 - 2021-08-11 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Questrade IQ Edge
2021-11-28 17:33 - 2021-08-03 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing HEIC Converter
2021-11-28 17:33 - 2021-06-08 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-11-28 17:33 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-11-28 17:33 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\spool
2021-11-28 17:33 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-28 17:33 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-28 17:33 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-28 17:33 - 2021-06-05 07:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-11-28 17:33 - 2021-05-28 00:09 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2021-11-28 17:33 - 2021-02-23 11:40 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-11-28 17:33 - 2021-01-23 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-11-28 17:33 - 2021-01-06 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2021-11-28 17:33 - 2020-09-24 10:36 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-28 17:33 - 2020-05-29 03:59 - 000000000 ____D C:\Program Files\UNP
2021-11-28 17:33 - 2020-05-22 16:36 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-11-28 17:33 - 2020-05-13 17:33 - 000000000 ____D C:\WINDOWS\system32\Samsung
2021-11-28 17:33 - 2020-05-13 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRT Studio
2021-11-28 17:33 - 2020-04-21 18:56 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2021-11-28 17:33 - 2020-03-30 03:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2021-11-28 17:33 - 2020-03-30 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2021-11-28 17:33 - 2020-02-29 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizTree
2021-11-28 17:33 - 2020-02-24 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2021-11-28 17:33 - 2020-01-02 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2021-11-28 17:33 - 2019-12-30 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-11-28 17:33 - 2019-12-09 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-11-28 17:33 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-11-28 17:33 - 2019-12-06 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-11-28 17:33 - 2019-12-06 15:47 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-11-28 17:33 - 2019-12-06 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-11-28 17:33 - 2019-12-06 15:36 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-11-28 17:33 - 2019-12-06 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-11-28 17:33 - 2019-12-06 15:28 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-11-28 17:33 - 2019-12-06 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-11-28 17:33 - 2019-12-06 15:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2021-11-28 17:33 - 2019-11-13 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-11-28 17:33 - 2019-11-13 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-11-28 17:33 - 2019-11-13 09:16 - 000000000 ____D C:\Program Files\Intel
2021-11-28 17:33 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-11-28 17:33 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-11-28 17:30 - 2021-06-05 07:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-11-28 17:30 - 2021-06-05 07:10 - 000000000 ____D C:\ProgramData\USOPrivate
2021-11-28 17:27 - 2021-07-08 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-28 17:27 - 2020-11-01 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-11-28 17:27 - 2019-11-13 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2021-11-28 17:26 - 2021-09-15 11:48 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-28 17:25 - 2021-06-05 07:14 - 000000000 ____D C:\WINDOWS\Setup
2021-11-28 17:24 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\OCR
2021-11-28 17:22 - 2021-06-05 08:17 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-11-28 17:22 - 2021-06-05 08:17 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-11-28 17:22 - 2021-06-05 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-11-28 17:22 - 2021-06-05 08:09 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\IME
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\Program Files\Common Files\System
2021-11-28 17:22 - 2021-06-05 07:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-11-28 16:42 - 2021-06-11 18:58 - 000000048 _____ C:\WINDOWS\system32\perfdish001.dat
2021-11-28 15:13 - 2019-12-06 15:47 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\WhatsApp
2021-11-28 15:09 - 2019-12-06 15:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-28 02:37 - 2019-12-06 15:48 - 000000000 ____D C:\ProgramData\Riot Games
2021-11-28 02:36 - 2020-03-30 03:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\HearthstoneDeckTracker
2021-11-28 02:36 - 2019-12-06 15:27 - 000000000 ____D C:\Users\Jamie\AppData\Local\Battle.net
2021-11-27 23:34 - 2020-08-27 22:54 - 000000000 ____D C:\Users\Jamie\Downloads\complete
2021-11-27 23:33 - 2020-08-27 22:54 - 000000000 ____D C:\Users\Jamie\Downloads\downloading
2021-11-27 21:01 - 2019-12-06 15:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-26 14:41 - 2020-04-02 12:37 - 000000644 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2406969850-3933362538-2351075806-1002.job
2021-11-26 14:41 - 2020-04-02 12:37 - 000000548 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2406969850-3933362538-2351075806-1002.job
2021-11-26 14:40 - 2020-03-30 21:32 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Blitz
2021-11-26 14:18 - 2021-01-29 11:28 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Webull
2021-11-25 14:17 - 2019-12-11 13:17 - 000000000 ____D C:\Users\Jamie\Documents\Career
2021-11-24 19:07 - 2019-12-09 23:24 - 000000000 ____D C:\Users\Jamie\Documents\Movies
2021-11-24 19:03 - 2021-06-08 21:50 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\obs-studio
2021-11-24 19:01 - 2020-02-29 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2021-11-24 19:01 - 2020-02-29 23:49 - 000000000 ____D C:\Program Files\txgameassistant
2021-11-24 19:01 - 2020-02-29 23:06 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Tencent
2021-11-24 18:58 - 2020-05-22 16:25 - 000000000 ____D C:\Program Files\Epic Games
2021-11-24 00:40 - 2021-06-05 23:36 - 000000032 _____ C:\Users\Jamie\AppData\Roaming\.machineId
2021-11-23 01:13 - 2019-12-06 16:02 - 000000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2021-11-23 00:48 - 2021-05-28 00:25 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Resilio Sync
2021-11-22 23:33 - 2021-05-28 00:09 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\MusicBee
2021-11-22 03:50 - 2020-04-06 18:12 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\audacity
2021-11-21 23:57 - 2020-03-30 02:49 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2021-11-20 13:15 - 2019-12-06 15:47 - 000000000 ____D C:\Users\Jamie\AppData\Local\WhatsApp
2021-11-19 21:56 - 2019-12-06 15:28 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2021-11-19 18:40 - 2020-04-29 02:42 - 000000000 ____D C:\Users\Jamie\AppData\Local\HearthstoneDeckTracker
2021-11-19 18:39 - 2019-12-06 15:28 - 000000000 ____D C:\Users\Jamie\AppData\Local\SquirrelTemp
2021-11-19 01:43 - 2021-02-23 11:39 - 000000000 ____D C:\Users\Jamie\AppData\Local\Overwolf
2021-11-18 12:25 - 2021-02-23 11:40 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-11-16 15:36 - 2019-12-06 14:52 - 000000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA
2021-11-15 14:08 - 2019-12-06 15:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-11-13 22:02 - 2019-12-30 16:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-10 21:15 - 2020-04-02 12:37 - 000000000 ____D C:\Users\Jamie\AppData\Local\GoToMeeting
2021-11-08 23:43 - 2019-12-06 14:52 - 000000000 ____D C:\Users\Jamie\AppData\Local\VirtualStore
2021-11-06 00:23 - 2020-10-24 19:38 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-11-04 19:24 - 2021-05-26 17:27 - 000000000 ____D C:\Users\Jamie\AppData\Local\Epic Games
2021-11-04 19:24 - 2020-05-22 16:22 - 000000000 ____D C:\ProgramData\Epic
2021-11-04 19:24 - 2020-05-22 16:22 - 000000000 ____D C:\Program Files (x86)\Epic Games
2021-11-04 18:38 - 2021-09-15 11:45 - 000000000 ____D C:\Users\Jamie\AppData\Local\T2GP Launcher
2021-11-04 18:14 - 2020-03-01 19:17 - 000000000 ____D C:\Users\Jamie\AppData\Local\UnrealEngine
2021-11-04 17:48 - 2021-09-15 11:45 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\T2GP Launcher
2021-11-04 09:26 - 2021-06-05 08:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-11-04 09:26 - 2021-06-05 08:17 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-11-04 09:26 - 2021-06-05 07:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-11-01 19:25 - 2020-02-29 23:31 - 000000000 ____D C:\Program Files\WizTree
2021-10-31 09:13 - 2020-05-22 16:36 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-10-31 09:12 - 2020-05-22 16:35 - 000000000 ____D C:\Program Files\Rockstar Games
2021-10-29 21:36 - 2020-02-29 23:29 - 000000000 ____D C:\Users\Jamie\Documents\My games
2021-10-29 20:43 - 2021-09-23 10:23 - 000000000 ____D C:\Program Files (x86)\Diablo II Resurrected
 
==================== Files in the root of some directories ========
 
2021-06-05 23:36 - 2021-11-24 00:40 - 000000032 _____ () C:\Users\Jamie\AppData\Roaming\.machineId
2021-11-24 00:40 - 2021-11-24 00:40 - 000007564 _____ () C:\Users\Jamie\AppData\Roaming\59a413be-381a-4b91-8b5d-dbdc6d46f223.tmp
2020-04-25 16:04 - 2020-04-25 16:22 - 000034840 _____ () C:\Users\Jamie\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-04-17 17:02 - 2020-04-25 15:07 - 000004692 _____ () C:\Users\Jamie\AppData\Roaming\VoiceMeeterDefault.xml
2019-12-06 15:49 - 2019-12-06 15:49 - 000000410 _____ () C:\Users\Jamie\AppData\Local\oobelibMkey.log
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by Jamie (28-11-2021 21:14:50)
Running from C:\Users\Jamie\Desktop
Microsoft Windows 11 Home Version 21H2 22000.348 (X64) (2021-11-28 22:36:50)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-2406969850-3933362538-2351075806-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2406969850-3933362538-2351075806-503 - Limited - Disabled)
Guest (S-1-5-21-2406969850-3933362538-2351075806-501 - Limited - Disabled)
Jamie (S-1-5-21-2406969850-3933362538-2351075806-1002 - Administrator - Enabled) => C:\Users\Jamie
WDAGUtilityAccount (S-1-5-21-2406969850-3933362538-2351075806-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Inc.)
ASRRGBLED v2.0.23 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 2.0.23 - ASRock Inc.)
ASUS DRAM_LIB (HKLM\...\{2F0D3D1A-1B75-4DFC-8C0E-C55C4EAB67F8}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
ASUS DRAM_LIB (HKLM-x32\...\{6bd55e2a-f475-4183-b862-1dd70c1ce699}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.16.6 - Blitz, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{B9B27527-C019-411B-9813-3FC8724C88DA}) (Version: 96.0.4664.39 - Google LLC)
CurseForge (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.186.1.6 - Overwolf app)
DaVinci Resolve (HKLM\...\{8C54A0AC-2F64-4E3B-8758-FE7C55B5BAD4}) (Version: 17.3.10005 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{1488D9B9-38D3-4EEC-B97A-D2E82F7BE993}) (Version: 1.6.1.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\DiscordPTB) (Version: 0.0.56 - Discord Inc.)
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\HearthstoneDeckTracker) (Version: 1.16.9 - HearthSim)
HWiNFO64 Version 7.14 (HKLM\...\HWiNFO64_is1) (Version: 7.14 - Martin Malik - REALiX)
iMazing HEIC Converter 1.0.10.0 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.10.0 - DigiDNA)
Intel® Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
iSyncr (HKLM-x32\...\{08527E94-6A5C-442F-A804-23F86C4463F6}) (Version: 5.1.7 - JRT Studio)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Little Fighter (HKLM-x32\...\Little Fighter) (Version:  - )
Logitech Options (HKLM\...\LogiOptions) (Version: 8.0.863 - Logitech)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MusicBee 3.4.7805 (HKLM-x32\...\MusicBee) (Version: 3.4.7805 - Steven Mayall)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NWMM - New World MiniMap (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Overwolf_mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm) (Version: 0.1.6 - Overwolf app)
NZXT CAM 4.15.0 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.15.0 - NZXT, Inc.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.107.49426 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.184.0.35 - Overwolf Ltd.)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project)
Questrade IQ Edge (HKLM-x32\...\{B50F973A-8BEC-4A5D-AFEE-E4AEDAA150BD}_is1) (Version: 6.4.4.258 - Questrade Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.)
REDlauncher (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Resilio Sync (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Resilio Sync) (Version: 2.7.2 - Resilio, Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.50.548 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.6.1 - ShareX Team)
Signal 5.0.0 (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.0.0 - Open Whisper Systems)
SoulseekQt version 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VALORANT (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Webull 3.35.26 (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\{f1624362-b64a-5d5e-bc25-df56b404fd2f}) (Version: 3.35.26 - Webull)
WhatsApp (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\WhatsApp) (Version: 2.2144.11 - WhatsApp)
Windows 11 Installation Assistant (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation)
WizTree v4.03 (HKLM\...\WizTree_is1) (Version: 4.03 - Antibody Software)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version:  - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\ZoomUMX) (Version: 5.3.0 (52670.0921) - Zoom Video Communications, Inc.)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_126.2.222.0_x64__v10z8vjag6ke6 [2021-04-09] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-27] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-15] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-03-16] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-28] (NVIDIA Corp.)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.11.0_neutral__egxr34yet59cg [2021-03-11] (Paddy Xu) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{581FFA00-FC33-0002-0702-95003A5CDE89}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Resilio Sync\ShellExtensionPath64_55F.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{581FFA01-FC33-0002-0702-95003A5CDE89}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Resilio Sync\ShellExtensionPath64_55F.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jamie\AppData\Local\GoToMeeting\16786\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-12] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.2Done] -> {581FFA04-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.2RO] -> {581FFA03-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.2RW] -> {581FFA02-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.2Done] -> {581FFA04-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.2RO] -> {581FFA03-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.2RW] -> {581FFA02-FC33-0002-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll [2021-05-28] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-12] (Adobe Inc. -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_171a8092a51ff342\nvshext.dll [2021-11-10] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-12] (Adobe Inc. -> )
ContextMenuHandlers1_S-1-5-21-2406969850-3933362538-2351075806-1002: [Resilio Sync 2.7.2] -> {581FFA00-FC33-0002-0702-95003A5CDE89} => C:\Users\Jamie\AppData\Roaming\Resilio Sync\ShellExtensionPath64_55F.dll [2021-05-28] () [File not signed]
ContextMenuHandlers4_S-1-5-21-2406969850-3933362538-2351075806-1002: [Resilio Sync 2.7.2] -> {581FFA00-FC33-0002-0702-95003A5CDE89} => C:\Users\Jamie\AppData\Roaming\Resilio Sync\ShellExtensionPath64_55F.dll [2021-05-28] () [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - Notes and Lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Jamie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2021-05-28 00:25 - 2021-05-28 00:25 - 002584064 _____ () [File not signed] C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_55F.dll
2021-05-28 00:25 - 2021-05-28 00:25 - 003047424 _____ () [File not signed] C:\Users\Jamie\AppData\Roaming\Resilio Sync\ShellExtensionPath64_55F.dll
2019-12-09 23:23 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-10-29 14:25 - 2018-10-29 14:25 - 000372736 _____ (Intel® Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2021-11-28 17:53 - 2021-11-28 17:53 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2021-11-22 00:50 - 2021-11-22 00:50 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-11-22 00:50 - 2021-11-22 00:50 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-11-22 00:50 - 2021-11-22 00:50 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-11-26 14:32 - 2021-11-22 00:50 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-2406969850-3933362538-2351075806-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\Pictures\Wallpapers\the_faunt-wallpaper-3440x1440.jpg
DNS Servers: 192.168.2.1 - 207.164.234.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "iSyncr.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-2406969850-3933362538-2351075806-1002\...\StartupApproved\Run: => "CCXProcess"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{6BD1D37F-10F0-4657-A24D-25389B423E6B}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe => No File
FirewallRules: [{1FEEFEB8-E1F9-4AC5-B7AB-BEEB375FA679}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Snake Force\Snake Force.exe () [File not signed]
FirewallRules: [{4D610721-78FE-4A42-96FB-B0A9D6682239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Snake Force\Snake Force.exe () [File not signed]
FirewallRules: [{73A263C8-CD01-4D12-AD3F-30E44D3C8105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe () [File not signed]
FirewallRules: [{4B2B847F-E86E-4A7F-9DA8-A729E89647E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe () [File not signed]
FirewallRules: [{C1D42D78-41E7-44DC-B83B-A0795DD8E601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{6775D279-B8B5-434E-BB4A-63F290AB6786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [UDP Query User{3DE602D3-E257-4F05-B7F9-2EAE681E668A}C:\program files (x86)\steam\steamapps\common\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pvz battle for neighborville\pvzbattleforneighborville.exe => No File
FirewallRules: [TCP Query User{773B0AA8-061F-4120-8251-2C9DF3D0333F}C:\program files (x86)\steam\steamapps\common\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pvz battle for neighborville\pvzbattleforneighborville.exe => No File
FirewallRules: [UDP Query User{2BD857F7-9203-4F6A-BFF1-7385622AE313}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{81D459B9-FD7D-4150-919A-9D2AF26694EC}C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{99A06ECC-332A-43E7-A240-270023B16130}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EB467B6-8538-4544-8E0E-1A27EDADF7D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{1CF8AFF4-DE07-4B4B-A4E9-699E67C9CD5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{678D4E23-A485-43A7-BAD8-FC16627CE61E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{657F4A4B-E906-4FB8-A27C-1E8E62668342}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{3FCBFA89-0605-4A60-AA0D-3F18C4467AB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{4C0F66A0-F900-46CF-B00A-CC023AA38B40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{C85D7497-237A-4650-9E4B-774A98E0C656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{242540A7-36DB-4389-9AE1-8483C0C89C60}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{2B99CC7F-88EA-4540-B30D-3D3EBD721841}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CFA31427-07EC-4224-A05C-4C452AEA2673}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8D5DC212-B466-4BBB-AC80-E0C2D04CF4C8}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{17987F84-4DE2-4A61-8C0C-F67742F7E5BD}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E67D223A-32CB-4400-B3D2-22DAC4012D79}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{8501BE91-C9DB-4AAA-923E-D6E644881FC3}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{0959F163-718C-43E5-B045-C606B3596894}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{F231CF19-93DF-454D-A562-9CE6B6B7F0DE}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{8F024252-930A-423B-BBAC-DBE21172A053}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{A2DC3942-28D4-4F0A-AAB0-F8FDA0CD98E1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{ECB73DBE-FD84-46DE-9F53-7F267F543E7C}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{F6C9FC87-CD90-4C9B-A89B-4B00D3024D87}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe => No File
FirewallRules: [UDP Query User{981CC9F5-5FDB-41F4-90F2-DB411A47BCA3}C:\program files (x86)\phoenix network\phoenix launcher\cefsharp.browsersubprocess.exe] => (Allow) C:\program files (x86)\phoenix network\phoenix launcher\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{B3403B86-5CCD-418D-A7C5-47C5BD92A57B}C:\program files (x86)\phoenix network\phoenix launcher\cefsharp.browsersubprocess.exe] => (Allow) C:\program files (x86)\phoenix network\phoenix launcher\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{267095E8-5A17-42A3-80B5-0E5FAC612AB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inscryption Demo\Inscryption.exe () [File not signed]
FirewallRules: [{D74D1FCF-7CF5-463B-985E-CF0E604A8116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inscryption Demo\Inscryption.exe () [File not signed]
FirewallRules: [{0BE3E357-51BB-48C6-BAB7-F97898E7B22E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6345A4CC-FF75-4B50-97F4-BCB1484A7542}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [TCP Query User{DE42B228-3893-4801-922D-52A6DE325BAB}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [UDP Query User{23E55F8F-5B49-4CB0-B668-AC2AEAC1F9DF}C:\program files (x86)\call of duty vanguard beta\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard beta\vanguard.exe => No File
FirewallRules: [TCP Query User{B016B487-35F5-4FDF-8FB8-ACF6CE4B3688}C:\program files (x86)\call of duty vanguard beta\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard beta\vanguard.exe => No File
FirewallRules: [UDP Query User{FAC445EB-0D42-4B1D-B1B1-F9CD3C09213D}C:\program files (x86)\steam\steamapps\common\age of empires iv beta\reliccardinal.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires iv beta\reliccardinal.exe => No File
FirewallRules: [TCP Query User{A9CE2BC7-63A2-4F4A-BCD6-FAC5DA334D7E}C:\program files (x86)\steam\steamapps\common\age of empires iv beta\reliccardinal.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires iv beta\reliccardinal.exe => No File
FirewallRules: [UDP Query User{0F24A804-1BA3-4529-AC44-C02B7ADB24E6}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{BCC645FE-4A52-4672-A9F2-8A1A50EA4E6F}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{CD33CAAF-CCCA-4B4A-9AF0-086065E83095}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{AFAE7F83-17DF-40A8-9D55-DE18273AD523}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{85F06B7F-8EFD-4444-94AB-158B910D9077}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{92C51B21-6737-4CCE-B68F-17DA48DFD0FB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A7D21F0D-198E-4C5C-916A-657787E8FD58}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{72741125-314F-4907-8802-E2ADC6039300}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{44C84F3D-32FF-4E50-A101-6DE43BEC04F0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{ADA9A1C9-51E0-4AA9-9D9D-9C4C440B877A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F08E5374-E0CA-4E6A-89DD-DF12F18110E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{3B2D4DFF-A9CF-4274-954D-F81447DA9367}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1017F710-F4EB-4103-AE6F-C17EFFFD4A5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{551FDC60-68F9-4FA9-AE7B-17D530373FB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88A062AC-A459-4D95-AB76-B1F857D55D79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7CAFFB48-A57E-4BD2-85F1-AFD1B0214A98}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{AEB17F5B-86DA-421A-B003-C8579F1AA221}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7E22161D-3B11-4C8A-873F-734307F8EDA2}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{B72A93FE-3068-40D1-9739-45D0475880D7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{124AB721-C98E-4C22-8E6A-4E3D36997321}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{9748CE3C-9429-4BF2-B96A-F6B549E04286}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6C4F216C-9A20-44F8-AC89-A40ECD48DCF5}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8C04ED02-F566-4CAA-B3B4-C51631A0BC8B}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{CE833EFC-4A29-4323-A166-BCAE06C118B2}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{6B9A3F49-7959-4142-929D-2C87A4697938}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{117E2F63-7DC5-4764-83EA-4833660AB5FF}] => (Allow) C:\Users\Jamie\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.)
FirewallRules: [{5B877BD6-5232-43FC-9D89-18185007D20A}] => (Allow) C:\Users\Jamie\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.)
FirewallRules: [{D1A7B537-0140-47D3-B5A4-EB196AB9C87E}] => (Allow) C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall) [File not signed]
FirewallRules: [{BB1BB7F9-45B1-4473-A5A6-0ACDE76BAEB9}] => (Allow) C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall) [File not signed]
FirewallRules: [{2CD9CB43-65DC-4A21-866E-A86CC1586D7E}] => (Allow) C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall) [File not signed]
FirewallRules: [{16178C72-CAE5-49AC-89A9-51A6D2845360}] => (Allow) C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall) [File not signed]
FirewallRules: [{D6849AB9-CBE6-407C-B056-676D25728D00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{FD5ACE2A-C6CE-4C17-94AE-C9FF546FB513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{6DAAF462-4E37-4596-9B9C-8ADA9DFF8692}C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4ACFAFC2-A897-4356-9F07-0AF261ACB23F}C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe => No File
FirewallRules: [UDP Query User{319B2D4B-421A-41B0-8E4D-1702394C8AB6}C:\program files\epic games\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files\epic games\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe => No File
FirewallRules: [TCP Query User{285CDA61-58DE-4958-A682-AE93AB9B9CEA}C:\program files\epic games\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files\epic games\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe => No File
FirewallRules: [{5652B144-57D0-49FC-B668-5AB578CEDE21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD8B0A78-9630-4181-817F-DAC66D99FD64}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83A43F9C-35D8-4A28-9195-CDC9942B37F8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DC99F7B3-2A62-44F9-A2C6-E90249E2D6EB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B760656E-D350-4606-9789-E661FB358D3E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{45D84887-362D-4428-AD06-07800D3C0A85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{33F08A81-F936-43CA-A757-945DAB0E5C48}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84504AFE-7DA6-4863-ADA3-6FA7D2D8295C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F216AAFD-7F07-4599-A899-5F95390FF434}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8F15623C-3624-48C5-A5A3-D1B522F1EB75}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{FCA0EFD4-4DAE-4C15-85FC-617DE889DEFD}C:\program files (x86)\steam\steamapps\common\outriders demo\madness\binaries\win64\outriders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outriders demo\madness\binaries\win64\outriders-win64-shipping.exe => No File
FirewallRules: [TCP Query User{030F8D05-586B-4C8B-A820-F16E5E292E64}C:\program files (x86)\steam\steamapps\common\outriders demo\madness\binaries\win64\outriders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outriders demo\madness\binaries\win64\outriders-win64-shipping.exe => No File
FirewallRules: [{6B83478D-5D9E-47C0-8AA6-6E5F238B8F48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 7\The Jackbox Party Pack 7.exe () [File not signed]
FirewallRules: [{870C48D8-A327-4DE9-B676-79605F174EBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 7\The Jackbox Party Pack 7.exe () [File not signed]
FirewallRules: [{B324976A-6E97-46AB-8045-6165E7DBA2B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{856B3FF4-1B16-4170-BAEC-DF49DC038AB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{95D9080C-6D2F-4E51-A1B1-1D2CBB015AF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x86\Hades.exe () [File not signed]
FirewallRules: [{0FD0F824-DB34-496D-99B1-91F5A00372CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x86\Hades.exe () [File not signed]
FirewallRules: [{9D04A52F-B1A4-47EA-AAF2-ABDC68F326F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x64Vk\Hades.exe () [File not signed]
FirewallRules: [{00BCF277-1B97-426C-B676-4441B834E58A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x64Vk\Hades.exe () [File not signed]
FirewallRules: [{575733E0-C6FA-4E94-AD66-CCDEBE8E78C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x64\Hades.exe () [File not signed]
FirewallRules: [{F9132D37-1E5F-48FE-B93D-381DD833FB2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hades\x64\Hades.exe () [File not signed]
FirewallRules: [UDP Query User{9563417B-D7C4-4A8A-B98E-1458A6237F20}C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{87DC800F-FBDF-44F1-85DB-84C94F408FEB}C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [{1866CE86-2197-4D5B-B372-2C334263C85E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{6E2E57F1-E39C-4469-B2AA-0A7190830AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{FD444046-693D-46EC-9948-0EF806B2C8A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{A24522F5-04C3-4E3B-8C9E-D6570DBE2708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{65DD2879-D2D3-4E7A-932F-F0014CC83A20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => No File
FirewallRules: [{92DACCEA-FAC0-42FB-B6BC-DB2EAB943628}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => No File
FirewallRules: [UDP Query User{4A735AB6-12B1-4DC8-828B-F2C73E79B3A3}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{1AF3C15E-56DB-4530-BFFA-FE9401080214}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{EDBE5EE7-0F61-427A-9AE4-6F1F15BC5799}] => (Allow) LPort=32682
FirewallRules: [{1F9A747B-6561-43D2-A104-0FC5E8415C7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6E5A5E5-FE31-4064-9E4A-55EDCBD901EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FCC7015D-9915-4C01-B20B-D4475DA2CE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7AA105F9-4F13-4AEE-ABE0-CBF3D7F2E3B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5F68A55-954B-47F6-AF88-501D2D1BE194}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D26DE425-0FF4-428E-9812-8B4E54491185}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{79C600A0-5D70-48D8-AA36-54D2A8B19FD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{C94952BC-8A78-4C08-BE3C-D1EB3F56EBDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{5CB8D09B-1B6D-4E50-8C37-9B804FE64E91}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{CB7FF59C-8972-495B-970B-17FD0E774A79}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{449BAE3A-DBDE-4A55-BB90-1785D16C1A33}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{E4873D75-648F-4CB1-9516-267BAE03B251}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{DE08714E-D17A-492F-A1C1-36E8D7670D94}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6283A7E8-68BB-4C57-AB3F-746AE9D7A2D0}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{F9CEB9B4-45F3-4B08-92E4-38C3BA8C0142}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{F6640B35-4399-41C9-A214-95C2AFCBE5FC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{97243ED3-2E8A-45D0-8CF4-4B974C4E807C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{16F5CE29-E8A1-422F-B49B-47C8D4F85700}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{92604E10-DE17-4CCD-988D-5D1CFCE7A527}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{25DA4756-1F13-41CD-BCE2-ACFABFDDFA33}] => (Allow) C:\Users\Jamie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C6CBC476-077C-4DC6-B8BD-CE1F2B0DF541}] => (Allow) C:\Users\Jamie\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{3534B18E-9733-44A0-A5EC-A0FC426FE2AE}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{0BC120DC-E4F7-44AC-AAB3-A22779575605}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8A1BC08A-E7E8-4307-8FB7-2E344F352EDB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{7B014C40-C53A-4637-AFFE-4119A6CAD02B}C:\program files (x86)\steam\steamapps\common\watchers\watchers\binaries\win64\watchers-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\watchers\watchers\binaries\win64\watchers-win64-shipping.exe => No File
FirewallRules: [UDP Query User{F493CB70-4D3F-4B1E-A334-A38F67AF66B0}C:\program files (x86)\steam\steamapps\common\watchers\watchers\binaries\win64\watchers-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\watchers\watchers\binaries\win64\watchers-win64-shipping.exe => No File
FirewallRules: [{6B745B84-3F0E-4CB9-BEAC-E072FEFBBF97}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7A8A078C-C898-4872-B5CD-CD017C915C2A}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7A4F2806-8754-4FB2-BBA3-E1F70B86FE0C}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F2091072-A83E-4860-9D31-55700DE8C6DF}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F467DB5D-A8C6-4547-9EAC-62FAD4066E74}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A0EA1151-EEF1-4031-9A5D-E3910C6C0942}] => (Allow) C:\Users\Jamie\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{34E78B97-4DFE-4A49-A3DA-ABEB92DB1918}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{C871B47A-3159-4CC0-B3DC-73A1676C2EFA}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{5FE31577-1E92-4C06-B4D9-3AC0B9F166F8}C:\users\jamie\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\jamie\appdata\local\blitz\current\blitz.exe => No File
FirewallRules: [UDP Query User{9D7B0FE2-4DB2-4F1A-BC9B-CB6BAB924EA8}C:\users\jamie\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\jamie\appdata\local\blitz\current\blitz.exe => No File
FirewallRules: [TCP Query User{5C03A519-06FB-40D5-BFBF-6B292BE3F640}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{2F56A03C-5FA5-4A86-8B38-974F97D6D94B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{A443EB48-091A-4B04-804D-6D3CC50B8679}C:\users\jamie\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\jamie\appdata\local\programs\blitz\blitz.exe (Blitz, Inc.) [File not signed]
FirewallRules: [UDP Query User{8ECEF02A-6A2D-4D13-BE1E-3F6B13553A1E}C:\users\jamie\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\jamie\appdata\local\programs\blitz\blitz.exe (Blitz, Inc.) [File not signed]
FirewallRules: [{01DDDF7F-DD40-4FCF-9835-C0432CB1D5E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{DF8D5378-77B9-4F52-8A10-990039856BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [TCP Query User{3F15A33F-30D7-4DAF-B1F0-5429BAF7D49D}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [UDP Query User{EC58DFF5-333F-4B14-903A-014EF9F0E2B1}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [{120F2E8D-C287-4B33-BEC0-45BF598CFD55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 5\The Jackbox Party Pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{00C728E5-17DA-486F-9FA0-D457EBC93E81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 5\The Jackbox Party Pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{AD6E4450-7572-4966-823A-7D3E417C26CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{CC0274DB-0574-4F52-860E-EF510B45BA1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{5AC49D23-A148-4855-BEC0-821276A49A0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 4\The Jackbox Party Pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{9E996C2B-3CF1-4090-8C61-C036BA8670F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 4\The Jackbox Party Pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{3FD1E91B-5527-4EA1-B133-97188B49DCCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\The Jackbox Party Pack.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{75CB917A-5D4D-4A03-9D84-BD19A1D79C5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\The Jackbox Party Pack.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{3FEB144C-235F-48BF-95D2-2A1A20A25707}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{9590899A-15AD-4328-9783-BA28A01FD3CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{1A5E3CE0-2268-4280-834F-08EC3DA6843A}C:\program files (x86)\jrt studio\isyncr\isyncr.exe] => (Allow) C:\program files (x86)\jrt studio\isyncr\isyncr.exe (JRT Studio LLC) [File not signed]
FirewallRules: [UDP Query User{537F045F-2B67-469B-B021-B998CE48C96A}C:\program files (x86)\jrt studio\isyncr\isyncr.exe] => (Allow) C:\program files (x86)\jrt studio\isyncr\isyncr.exe (JRT Studio LLC) [File not signed]
FirewallRules: [{1C915E65-9CE1-447D-BA23-BF5688BE7F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{6960C2BF-9D05-49B2-A0A2-469A0863FC9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [TCP Query User{1804A4D6-F205-48CA-AC5B-80351CFFD654}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{BE93BE02-832B-4023-BF68-6D529ACFB76C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{A7F1F826-0272-4A23-91F2-8A253C24E017}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{0A940351-B57E-405E-9AE5-22171D793670}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D57C4366-ACB7-4671-8ED6-6EAF59F438C1}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3AAF107A-19CA-47A5-AA2B-15521044EB52}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{53A81686-FEF1-4C7B-9A45-97CD5FFDAF76}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{252B8350-C6DD-4B58-AA3B-F901BE05B2D9}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{055CAEDC-7A8D-46EE-A66D-98791BCF417A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2183F7DE-10F7-465F-85D1-4394E5267600}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
28-11-2021 20:14:29 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
Name: Focusrite Control
Description: Focusrite Control
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/28/2021 08:28:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (11/28/2021 08:14:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "Lsa" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
 
Error: (11/28/2021 08:14:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: NT AUTHORITY)
Description: The attempt to locate the Open procedure "OpenLsaPerformanceData" in DLL "C:\Windows\System32\Secur32.dll" for the "Lsa" service failed with Win32 error code 127. Performance data for this service will not be available.
 
 
System errors:
=============
Error: (11/28/2021 05:34:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (11/28/2021 05:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (11/28/2021 05:34:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NVIDIA LocalSystem Container service terminated with the following error: 
A generic command executable returned a result that indicates failure.
 
 
Windows Defender:
================
Date: 2021-11-28 21:12:33
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/CoinMiner!MSR
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450; file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Jamie\Desktop\FRST64.exe
Security intelligence Version: AV: 1.353.1762.0, AS: 1.353.1762.0, NIS: 1.353.1762.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4 ਍
 
Date: 2021-11-28 21:12:33
Description: 
N/A
 
Date: 2021-11-28 17:38:33
Description: 
N/A
 
Date: 2021-11-28 17:38:17
Description: 
N/A
 
Date: 2021-11-28 17:38:17
Description: 
N/A

==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P4.00 03/13/2019
Motherboard: ASRock B365 Phantom Gaming 4
Processor: Intel® Core™ i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 34%
Total physical RAM: 16310.31 MB
Available physical RAM: 10674.42 MB
Total Virtual: 21942.31 MB
Available Virtual: 14267.23 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:952.62 GB) (Free:153.83 GB) NTFS
 
\\?\Volume{7437fdd1-c5a7-4a75-a166-172f3e3e00de}\ () (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{b848e464-4f68-41c1-be68-a7a26296bb93}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{74379ba5-c00a-4051-aa72-112a77cc2f8f}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,041 posts
  • MVP

We had a rash of those errors several years ago.  Some Windows Upgrade took out the files but forgot to remove the tasks.  Following fixlist will remove the tasks so that you no longer get the errors.  It will also clean up a lot of deadwood (things that reference files which are no longer there) and then check your system files for problems.  Will take about 25 minutes on an average machine so be patient.  It will want to reboot when done:

 

Download the attached fixlist.txt to the same location as FRST64

Attached File  fixlist.txt   23.46KB   1 downloads

Run FRST64 (remember to pause your antivirus and right click FRST64 and Run As Admin) and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 

 

 


  • 0






Similar Topics

2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP