Hi Team, I'm hoping someone can help with this one. I recently installed avira and had it run a scan and delete whatever it needed to delete but now I'm stuck with two pop ups stating Winscommrssrv.dll and startupchecklibrary.dll could not be found every time I start my pc. I'd love some better recommendations for keeping my pc safe!
I have utorrent web installed which I'm sure is dangerous and would love some suggestions there too.~
Other than that I haven't noticed anything besides my logitech mouse options no longer work and the program won't load.
I'm sure there are other issues that I haven't yet realised.
Any help with this would be greatly appreciated!
Thanks!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Blake (administrator) on AERO (GIGABYTE AERO 15-SA) (07-02-2020 11:16:42)
Running from C:\Users\Blake\Desktop
Loaded Profiles: Blake (Available Profiles: Blake)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\ControlCenter\dtyWork.exe
() [File not signed] C:\Program Files\ControlCenter\FusionShortcut.exe
() [File not signed] C:\Program Files\ControlCenter\GMSG.exe
() [File not signed] C:\Program Files\ControlCenter\SMV4_Service.exe
() [File not signed] C:\Program Files\ControlCenter\WakeupGPU.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte) [File not signed] C:\Program Files\ControlCenter\OSD\OSDwindow.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23ffc36556ac4772\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23ffc36556ac4772\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9cf66dca144a853a\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9cf66dca144a853a\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel® Trust Services -> Intel® Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.106.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.18017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPS.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(TechPowerUp LLC -> uWebb Software) C:\Program Files (x86)\ThrottleStop_8.70.6\ThrottleStop.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [970528 2019-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [237928 2020-02-03] (IDSA Production signing key -> Intel)
HKLM-x32\...\RunOnce: [DriversUpdate] => C:\Program Files\ControlCenter\urgent.exe [13824 2019-12-18] () [File not signed]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\Run: [GoogleChromeAutoLaunch_2C7C08ACC7DE94D8A4468D1F14464A81] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\MountPoints2: {4a7cb6d9-2055-11ea-a516-380025299513} - "D:\OnePlus_setup.exe" /s
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\MountPoints2: {a5b986af-12eb-11ea-a512-b42e993c848f} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OSDwindow.lnk [2020-01-20]
ShortcutTarget: OSDwindow.lnk -> C:\Program Files\ControlCenter\OSD\OSDwindow.exe (Gigabyte) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0053f535-35cf-4a2c-8c01-ad6c0b8d2c3c} - no filepath
Task: {010E3C8E-CA1B-41EC-BECC-5BFA09A556D1} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION
Task: {023f8fc5-560f-4b27-86ad-e15074205e11} - no filepath
Task: {03810d9a-edde-4016-bbf4-9dc041858362} - no filepath
Task: {03a62130-3264-4dbe-86ea-3900e798f257} - no filepath
Task: {03bb9a34-5720-464a-9ad8-1873a32d09d7} - no filepath
Task: {048bca53-4f33-4c31-8ec6-583e69efe273} - no filepath
Task: {04DB50A3-698B-4EB6-8DEE-C4F5B1076F8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07a31f1c-3f31-423c-ac42-a6d946d4cb2b} - no filepath
Task: {092e1e60-4d55-4df0-8085-f49a043d8f14} - no filepath
Task: {0a8dbdab-c8a9-44fa-8a3b-8b2104cb1280} - no filepath
Task: {0abfaa3e-cf8d-4825-98cc-9cbcd5cd3ef6} - no filepath
Task: {0da3a7f4-79ac-4e35-b449-b0f784ee98a1} - no filepath
Task: {0ea5cb39-f50c-4c6e-9a23-b5308ec5d136} - no filepath
Task: {0f502ded-409b-40fb-8b4b-b20663aceb52} - no filepath
Task: {0FBD8DDE-621F-4879-B5F2-AAF81DBFE01B} - System32\Tasks\Opera scheduled Autoupdate 1580072772 => C:\Users\Blake\AppData\Local\Programs\Opera\launcher.exe [1350680 2020-01-22] (Opera Software AS -> Opera Software)
Task: {105b5978-204a-4aac-9228-a3302ed1e99f} - no filepath
Task: {1100B899-DA6C-4AC9-95A3-EAEAF9A59541} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {140fa4fc-6c05-43ad-af93-cd2c0f53af3a} - no filepath
Task: {15bca5ab-a577-4167-9c33-cb507e0fe2ad} - no filepath
Task: {15e41498-8442-4bce-b390-1af26370449d} - no filepath
Task: {168f06fe-899c-48a9-8505-c930b4d12ed4} - no filepath
Task: {18df6682-b544-418e-8ea0-2c0e8153493e} - no filepath
Task: {1a2ecd01-04e6-4906-801a-8450304329dc} - no filepath
Task: {1aecf9bb-1221-4711-bb2f-fcdc87ef5d75} - no filepath
Task: {1f7cd1cc-1c2d-42ad-9cd1-29b27fc280cf} - no filepath
Task: {1fe89311-0aa5-4e80-b21f-0836edcb4933} - no filepath
Task: {209993e2-eaf1-4ab4-8e91-fe70a2712c60} - no filepath
Task: {217b01d7-c78c-4717-b198-6503cb7c9056} - no filepath
Task: {21c2fac0-733a-4376-b4a1-f000adf11d17} - no filepath
Task: {225415c2-8dd0-4901-be55-1d43f69e87cc} - no filepath
Task: {22855e2b-2bed-43ff-aa20-ddc64112ce0c} - no filepath
Task: {24e3b9ac-1725-4d54-aea0-0080a050cc1e} - no filepath
Task: {26b8525b-d40f-4c2c-a361-ae00c80c72b7} - no filepath
Task: {2816E18D-BD90-45F8-8CA6-9704C943EE89} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {28441b83-c6de-4f25-9ce0-cf4741af339f} - no filepath
Task: {28495ea5-843a-4f11-a381-0b30cb904161} - no filepath
Task: {289c2a66-e51c-4198-ab61-2709ec90ac18} - no filepath
Task: {2a5d99bd-99b6-4995-803e-62d80c77c380} - no filepath
Task: {2b727883-ad27-4a53-8669-9a2088d5007d} - no filepath
Task: {2bf30225-131f-4fa0-b7c5-564769cbd289} - no filepath
Task: {2ccb3e60-6554-4b2e-91ce-71088a383b52} - no filepath
Task: {2e713d22-5e9c-4974-ac11-4089cc6fc8b2} - no filepath
Task: {2e762d3c-5564-4fd5-adc1-720f2d9e5c96} - no filepath
Task: {3117f33b-7065-4784-a4a8-845121ae285b} - no filepath
Task: {318e37f6-7448-4a33-8684-be0016fbc905} - no filepath
Task: {3204629a-a3ec-47cb-9c30-5ed856a69f3f} - no filepath
Task: {32411e0c-cfdb-411b-b8ef-1a7a95f9cf01} - no filepath
Task: {3296c05b-018d-4fdb-b6e1-f60431825317} - no filepath
Task: {337137ef-e9a4-45e5-bd71-d468d6a0cfc5} - no filepath
Task: {35e13c27-5f6a-4ab5-9771-516ce0a00007} - no filepath
Task: {375affed-e27e-4c26-bc5b-40a43711775c} - no filepath
Task: {38f52304-fec1-42e4-85b2-7202cc74a72d} - no filepath
Task: {39E9FBBA-9434-4BA6-AABD-94FCDF0AF473} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3c6f6f17-4713-4958-b4f3-770ebd04bb45} - no filepath
Task: {3c9f3ad9-1986-4d7f-b5db-7633cb62dda7} - no filepath
Task: {3d7881ed-8762-4e2d-a120-c9dbd4ce0e00} - no filepath
Task: {3de328fc-6170-4697-a53d-c04583955f38} - no filepath
Task: {3e474194-289b-4e18-a6e8-7c4561a79ea5} - no filepath
Task: {3eceadb2-c9db-458e-86ae-a8d02d217758} - no filepath
Task: {417f29c7-2ad4-415a-8b12-3616af709823} - no filepath
Task: {417FB218-3880-4539-8575-9F9C36E3D06A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42963FC0-1243-47A7-8E47-FFF6ED2BFF08} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {44c0104d-2d1a-4da9-9bed-a10cd0208c76} - no filepath
Task: {46418d79-b675-4cc5-b4dc-1400bb494cb3} - no filepath
Task: {47c05a7a-f02e-4d9a-9928-412c36a1b17b} - no filepath
Task: {480D2C85-5009-44B2-A421-EE8987822CE2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4ac9505b-f553-4ee9-86ec-a1ed889ab31e} - no filepath
Task: {4ae50839-6cc6-4e57-891a-0a245447e2a9} - no filepath
Task: {4c34b039-c900-4ea7-8439-585f07cebc8d} - no filepath
Task: {4d5e7413-229b-4e5f-8925-0d21481d8702} - no filepath
Task: {4df94ac9-33fd-4ad4-a064-e25438ea2d51} - no filepath
Task: {4e3f7f0f-8d76-43f1-838e-4598b3775b76} - no filepath
Task: {4e4319a2-0f35-47f8-9f2e-8291d463bdc8} - no filepath
Task: {4EA24FD3-98F5-4749-B715-1CBB723FFF9A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4f3f5770-cf27-4e7d-911a-5c19caeb3472} - no filepath
Task: {51d52c22-92f4-4396-b9af-ebfa54489d0c} - no filepath
Task: {51e2ae56-c5ac-45bd-8de8-1b322df3725f} - no filepath
Task: {53306939-B1D2-41DD-8339-AF6336F512DC} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1074928 2019-10-10] (A-Volute -> Nahimic)
Task: {534E18BF-7086-4363-B6EE-F00660EE7E2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {549fa560-c7f1-4068-826a-0a9da0a11d5c} - no filepath
Task: {575f170e-010e-41fd-93ab-de8da5f22c21} - no filepath
Task: {5827ca89-b051-4498-b651-8af19faf76ac} - no filepath
Task: {5937a9c9-1c19-4eea-91b6-ce63d3d19b20} - no filepath
Task: {59de6f35-9b00-4a92-9476-faa70c80f4f9} - no filepath
Task: {5aab1fe8-5f57-4090-8b2a-5c717c48c805} - no filepath
Task: {5b692521-8d05-4bef-9d9e-f333b7285bea} - no filepath
Task: {5d6512de-eb8c-4a41-a01b-d0c45d1c0fea} - no filepath
Task: {5dddca98-5e22-4bb7-9991-c51b0a99afa9} - no filepath
Task: {5e454192-71bf-4981-adfc-4c22f414beb0} - no filepath
Task: {5eb54eed-4847-49cf-9384-5406055dc49b} - no filepath
Task: {5f33280e-6ee5-4c3c-9e81-4f6aea6c85ca} - no filepath
Task: {5f8a9b4a-313d-4713-95a4-74007a68310b} - no filepath
Task: {5faa05bf-6960-4369-891d-7d3cad064c64} - no filepath
Task: {602904a3-6fba-4aa8-9a79-5d454d7ba2dd} - no filepath
Task: {60a986b1-e8a8-4bff-961a-50860da02322} - no filepath
Task: {614a7be5-1a89-454e-9113-9387ae533730} - no filepath
Task: {61939A24-3E5D-4E23-9D99-39BEB738BBCD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61b07605-64f4-49be-86a1-b9006aa0ba3f} - no filepath
Task: {62864dbf-5dad-4911-b164-dbe96735a331} - no filepath
Task: {639829d4-8633-4334-8497-b898ae8f52b7} - no filepath
Task: {63b586ac-edb1-4d1a-896e-36aa16c68e69} - no filepath
Task: {63e9f1a0-e42d-4f1c-9388-ef4eea1404b6} - no filepath
Task: {64e3d676-3f95-4ab6-b3c5-0f81d525a25e} - no filepath
Task: {66ab15b0-025e-4a10-9468-00325cf6ec3c} - no filepath
Task: {66cf39f6-4937-4924-8bfd-7b520a656abe} - no filepath
Task: {67f2b98b-4cce-49dd-bba5-f5277cb6ff6f} - no filepath
Task: {6a7b9c74-8b09-45e6-81f4-bad719d582c1} - no filepath
Task: {6a857081-6d51-4171-a799-22563f0383b3} - no filepath
Task: {6E49295A-C2E9-4865-82EC-53412127E952} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-02] (Google Inc -> Google LLC)
Task: {6f99d279-5046-462e-8ae1-66b9985a029b} - no filepath
Task: {6fd144b4-d55c-4e44-9963-29ee06bb68ee} - no filepath
Task: {6fd813c2-4e9f-49e2-915a-7699d1ae2d9a} - no filepath
Task: {6ff1e2e4-313f-463f-9bab-5733807c79fb} - no filepath
Task: {7073610a-6a04-4a73-913e-1ec5daf779a9} - no filepath
Task: {71ca8d16-d3b7-46f9-b90f-88a81420aba5} - no filepath
Task: {71cb8a06-9602-4251-9a98-f440f6afed50} - no filepath
Task: {728C066A-43B4-48B2-89DA-935A73561EB1} - System32\Tasks\Throttlestop => C:\Program Files (x86)\ThrottleStop_8.70.6\ThrottleStop.exe [509608 2019-08-09] (TechPowerUp LLC -> uWebb Software)
Task: {72af4593-b903-4305-b182-4dfe1f393a33} - no filepath
Task: {73ce103d-bf7a-4941-9b54-2de0bd4701f7} - no filepath
Task: {755bc01a-6892-4700-8418-0b60ca70deb5} - no filepath
Task: {756d60b2-5f2e-4d4d-bbab-255d2f2de285} - no filepath
Task: {7581B746-6D67-48A6-A0BD-AD1998BC6CF6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {762a3bc9-20e1-4a2f-9ab1-fdef94efa81f} - no filepath
Task: {7649f420-c3e8-4a62-b2c8-46f012ee59de} - no filepath
Task: {76655048-1b13-460a-adba-e97653d27fe9} - no filepath
Task: {76c510ff-4ae7-4cc7-9230-729d4805302c} - no filepath
Task: {772f4df2-119f-4dd3-9afe-2db53da2aa1e} - no filepath
Task: {77645c7d-b4d5-41f6-9bec-720979875d70} - no filepath
Task: {791abb7f-d785-453c-bfb8-209d67a9a0ba} - no filepath
Task: {79e858d3-8fa8-4fec-bfe9-a778d466a986} - no filepath
Task: {7a9216cc-d52c-46b6-bb65-abd901260c72} - no filepath
Task: {7a9db49f-c4c1-43e3-83d6-a10094e02a7d} - no filepath
Task: {7b4716df-9d9b-4e0b-89d8-39d36b742f22} - no filepath
Task: {7c1c87a3-c334-442d-a5b4-896e491cc1d0} - no filepath
Task: {7e1d0bbd-ba3e-4250-b36d-76a1be4cb9b3} - no filepath
Task: {7eb4313b-f2df-4e2a-824b-6aad8d825866} - no filepath
Task: {7f27ca4f-c58a-494a-91f2-50f6272dd690} - no filepath
Task: {8089c756-87f6-464c-88b1-665e90b4a491} - no filepath
Task: {8263D33E-289F-4386-B8CE-386298202C3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {833CE2CF-C52E-4B0F-A59F-E50A3C0120B4} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {83607fe2-3dc4-4539-b885-b9875ac2bcc6} - no filepath
Task: {842FC6B4-F7D3-460A-9AA4-2A93246F2936} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {899c6dd1-192f-4746-9bc1-be18ee1a2eea} - no filepath
Task: {8b408d36-eeef-4bb9-aea3-a6c3e461c72a} - no filepath
Task: {8b7acc14-5973-41a6-9cce-43dd3a589841} - no filepath
Task: {8c3a70e7-8eb4-430f-b9c1-923347cb0a04} - no filepath
Task: {8df6e01d-de47-4010-8858-df775fcef887} - no filepath
Task: {8df77c24-d866-4609-8920-938eb935755a} - no filepath
Task: {8E2FE1EF-B61A-4C35-B3D3-880BBBDDF27A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {907cab78-9cc9-425b-9ee8-4749eb2770ca} - no filepath
Task: {9136432e-f177-4796-8c84-7d1471052454} - no filepath
Task: {9178BC71-7277-4904-81AD-D90FC6785245} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {922a96e7-1a34-4f9c-98ea-59e2fabe2abf} - no filepath
Task: {958629d0-dad4-40d4-9449-c59bfd147032} - no filepath
Task: {95b3fddd-fd10-4c8e-b13f-25024b9e24b1} - no filepath
Task: {95fa9a02-dbe0-4bb8-a045-6169f9b29c44} - no filepath
Task: {97c9b048-39c6-4760-bcfa-ec90e7a621b4} - no filepath
Task: {981DA7E3-4AC3-4371-836F-4D5E67530322} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {9bf1bf30-a461-44c5-a05e-3f8dd37809c0} - no filepath
Task: {9caba5df-4dbd-42f8-9159-60e8c4a8186d} - no filepath
Task: {9cf4a904-ce72-4a8d-b75f-dedd4e7182e2} - no filepath
Task: {a0f7c6e4-9369-4dba-870d-4417b34562a5} - no filepath
Task: {a1104458-b3bb-40fe-9f17-200b0eb26a9d} - no filepath
Task: {a1e78862-699f-4838-b641-ab453552404f} - no filepath
Task: {a26c489c-5733-4f6b-94d2-e232df328768} - no filepath
Task: {a51eb0c1-efa4-4668-98b5-9c72683879b5} - no filepath
Task: {A6B0464F-6097-40F0-8582-CB03972997AD} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {a77bf2c2-533e-430d-bf2b-d9ed8d0b0443} - no filepath
Task: {a8995770-eb07-4fbb-a583-72eaba0f0cb9} - no filepath
Task: {a8c4eabb-bb4c-42fd-8b5b-93b18a833770} - no filepath
Task: {aeebe8ce-3927-427b-8d07-5a70c9f3ab0a} - no filepath
Task: {AF3ACB6F-EDCA-4F5C-B344-542EE5051020} - System32\Tasks\NahimicTask32 => C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe [804592 2019-10-10] (A-Volute -> Nahimic)
Task: {b02985ca-c65c-4904-9f98-0c45308627cf} - no filepath
Task: {B08B387D-3EF8-4063-AC99-0FF776459AA1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {b09b905c-a7be-4da9-bbab-ccc882301e75} - no filepath
Task: {b18a7226-16aa-4241-81ee-80be90c33f6f} - no filepath
Task: {b1ea9549-4a82-41f7-ab77-05ffe6fd2436} - no filepath
Task: {B1FA19CB-4661-49B8-88FE-FDF7E5E165D6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {b2ceb612-8f85-4b61-b0f3-f59bd603b5c0} - no filepath
Task: {b5df9170-b00a-457d-88a8-67304770f01c} - no filepath
Task: {b764b129-a684-4ec6-a2ce-d03f7618b869} - no filepath
Task: {b76f35de-bfb9-4fb8-8a19-a35c3ede1f89} - no filepath
Task: {b7dc4fc4-6038-4dcd-9f9b-8070017917ba} - no filepath
Task: {b8459f66-1ec4-40eb-ad9a-6237391b5612} - no filepath
Task: {b91e056d-6671-4ecc-8f5b-3062bc87c15d} - no filepath
Task: {ba367336-22b8-4284-81d8-cd9f23a654f5} - no filepath
Task: {ba3ebe45-0e4e-48aa-80fa-135c3be8ccf3} - no filepath
Task: {bb63fbc6-b916-41a7-87cb-f8b8ead8795b} - no filepath
Task: {beff28a8-facd-4179-b0ee-18ed382dc322} - no filepath
Task: {bfb72dd2-8716-4f08-87af-ea57f46bfbc3} - no filepath
Task: {C10110DB-F695-4342-B2FD-4E36CA1DB60E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {c1b8698a-3bfc-4be8-a29e-f8c7c35bced4} - no filepath
Task: {c25bd2fd-9e53-4a4d-b495-3f143d776e5b} - no filepath
Task: {c496f2d1-3f00-4539-9ae5-35e76f70301b} - no filepath
Task: {c4ee34c5-f004-4d49-915b-ae8818e7415f} - no filepath
Task: {C99D6084-6E01-4610-AC81-E31DCA37668A} - System32\Tasks\NahimicTask64 => C:\Windows\system32\.\NahimicSvc64.exe [1074928 2019-10-10] (A-Volute -> Nahimic)
Task: {cb6d68f6-1ae9-49dc-bc87-1171cf017c6e} - no filepath
Task: {cc4dd0bf-61eb-470b-be20-afdc5738ba87} - no filepath
Task: {ccfd8194-2389-49b2-b4e4-0b8b8e0f510e} - no filepath
Task: {cee3a2a8-3614-4922-a278-87d044f48e77} - no filepath
Task: {cfe7e67a-edd1-4d4c-8be0-8ed8b881b4ef} - no filepath
Task: {d00fdb3a-731e-41fe-9ce1-9d92005cb562} - no filepath
Task: {d0be6971-3ad2-4893-868d-c1e7ee35f95b} - no filepath
Task: {d2999eae-9b08-4d48-a43f-cae7c6a9601f} - no filepath
Task: {d320c07b-94b1-46f0-bf03-574d740f3789} - no filepath
Task: {d32848d0-efe4-4cda-bc36-8d950c6d847c} - no filepath
Task: {d44e8e1a-1292-4c27-939c-6848246a39e4} - no filepath
Task: {d56cd985-4ef8-4d88-b00b-92d0e444cc67} - no filepath
Task: {d6a7f8ba-e0d6-48e3-bf16-b4eb42137ca8} - no filepath
Task: {d6d9db5b-d5ae-4689-a9dd-5c809fc499ee} - no filepath
Task: {d72599f3-17c7-4431-9308-d101dc702fa4} - no filepath
Task: {d7557cbc-d61e-480a-8923-eeee6f499ca2} - no filepath
Task: {D7612D35-973B-421F-B1CF-79D6BAD94B0A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {d77368a3-a59c-48ac-bd62-64c9e51640f3} - no filepath
Task: {dbcb84fd-12d1-48b2-893a-ffbacf2bc140} - no filepath
Task: {dbdb2e3a-4744-42e0-9b3f-3aac85837307} - no filepath
Task: {dbf96dff-8b7e-41c0-bdaa-9b80b0f43e7c} - no filepath
Task: {dc78ef4c-dc83-42fd-921f-d296f027b87f} - no filepath
Task: {de0dd591-b67f-46c8-b003-0096e105218e} - no filepath
Task: {df346f62-6fd5-42f4-bbec-c15d853ec309} - no filepath
Task: {dfc448b5-dc13-4230-a213-d3c7bf5b840c} - no filepath
Task: {E0C9AE5B-9049-473E-8D11-1F981D9F5072} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-02] (Google Inc -> Google LLC)
Task: {e15f4884-f549-46bd-86cf-9f7c808b84b6} - no filepath
Task: {e166666f-8565-44cb-8f11-32ba73ba5154} - no filepath
Task: {e1a1a195-8c18-4ac0-8609-34cd3a97443d} - no filepath
Task: {e2106ed2-d3f4-45c0-9749-d4addaf42e55} - no filepath
Task: {e237ea80-c980-4695-acda-3929e14a8614} - no filepath
Task: {e2b6895e-eb43-4b80-8e4d-b914a45c6d2b} - no filepath
Task: {e3e8394d-e5dc-4d61-9bcd-90fe1324e31f} - no filepath
Task: {e40c7b97-8d5d-4ff3-a020-a5399f6b9d61} - no filepath
Task: {e4aca81c-fd78-4b49-b3b2-123d9dad79f7} - no filepath
Task: {e51ef970-a89b-4f24-9f47-e04c911ad15b} - no filepath
Task: {e62f7122-0f6c-424b-af66-e0b5f34faeb1} - no filepath
Task: {e6e6a578-474b-4616-ac96-905e5f35ea43} - no filepath
Task: {e85be2e7-096a-498b-920c-73b9819922d0} - no filepath
Task: {E8940194-AB38-4E4C-9F56-FA948667426D} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [804592 2019-10-10] (A-Volute -> Nahimic)
Task: {e9167e55-3b5b-4c2e-bdba-6a3739bcfd32} - no filepath
Task: {ea7d696b-bfbe-4469-acbc-939c85a3716b} - no filepath
Task: {ebad51cd-6299-493a-8948-9bd1df022e48} - no filepath
Task: {ec9c40df-1a3e-4697-abf9-08d47a7a83ec} - no filepath
Task: {ee82c6e8-7be4-4468-a7cb-860701869ab0} - no filepath
Task: {F19E6922-5BAF-4DC3-9F05-9D0488925040} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {f1e9b1e5-b6b8-42c3-8332-0e516eefe050} - no filepath
Task: {f2e77395-734c-4638-a10c-eaaa146c7fac} - no filepath
Task: {f3a49e7f-e5c0-4844-a6ee-846f8af1bdd3} - no filepath
Task: {f3b7aa32-8549-4de9-9a75-2ee8fb7090de} - no filepath
Task: {f46e1d76-bd1c-46bd-9482-eef88f4683f8} - no filepath
Task: {f4dce344-099d-4922-9fdb-01403b6b1106} - no filepath
Task: {F520F4EE-349D-4855-A418-22FC9857B321} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {f71769fa-0c45-4b11-adbd-9f96fcd312ec} - no filepath
Task: {f784829e-7f79-48c3-8ba0-a384a20ef505} - no filepath
Task: {f86b9c14-335c-48cc-a82c-f6c573f95185} - no filepath
Task: {f8c291b2-079d-47b6-91f0-c446c4e73b65} - no filepath
Task: {f8d1c205-7f5d-4429-8c5b-3df608ab7ed1} - no filepath
Task: {f9467ce2-1a0b-4c90-b41b-1f0ee7f9bb78} - no filepath
Task: {fe5cdfb0-2792-43f1-9996-04c054eaa11f} - no filepath
Task: {fead4489-c302-4a93-9857-8417c74290db} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{0ba31594-bd45-468c-8c4e-8ef864cf7074}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{4e2a1afd-a9d2-42b9-a92b-1aa317c700d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{561c7fe8-5ccd-4eb0-bdc2-e39d09d7bd62}: [DhcpNameServer] 192.168.43.72
Tcpip\..\Interfaces\{da1d448c-c0b5-4636-9c55-38815d018bdd}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1852536608-4100961931-219591902-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Blake\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-08-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default [2020-02-07]
CHR Notifications: Default -> hxxps://dashboard.tawk.to; hxxps://tvshop.co.nz; hxxps://www.realitytitbit.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Slides) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-02]
CHR Extension: (Entanglement Web App) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2019-08-02]
CHR Extension: (Docs) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-02]
CHR Extension: (Google Drive) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-02]
CHR Extension: (ColorZilla) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2019-08-02]
CHR Extension: (YouTube) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-02]
CHR Extension: (Honey) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-02-01]
CHR Extension: (Image Downloader) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2019-12-23]
CHR Extension: (MozBar) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2019-11-02]
CHR Extension: (Facebook Pixel Helper) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2019-09-26]
CHR Extension: (Sheets) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-02]
CHR Extension: (Authy) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2019-08-02]
CHR Extension: (Chrome Capture) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggaabchcecdbomdcnbahdfddfikjmphe [2020-01-21]
CHR Extension: (Google Docs Offline) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2020-01-12]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2020-01-30]
CHR Extension: (WhatFont) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-08-02]
CHR Extension: (rikaikun) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2019-09-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-02-01]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2019-08-02]
CHR Extension: (Asana) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnpeclbnipcdacdkhejifenadikeghk [2019-09-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-05]
CHR Extension: (Import reviews from Aliexpress and Amazon) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpflmbgdjcmcakiafemoiicigmlgcph [2020-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Buffer) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Blake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKU\S-1-5-21-1852536608-4100961931-219591902-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
Opera:
=======
OPR Extension: (Avira Browser Safety) - C:\Users\Blake\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-01-27]
OPR Extension: (Avira Password Manager) - C:\Users\Blake\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-01-27]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Blake\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-01-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel® Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-08-02] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-02-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38760 2020-02-03] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [149352 2020-02-03] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ELANFPService; C:\Windows\System32\ELANFPService.exe [188864 2019-05-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2859592 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [530424 2019-08-09] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe [872200 2019-06-02] (Intel® Trust Services -> Intel® Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\TPMProvisioningService.exe [800016 2019-06-02] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe [647568 2019-06-02] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Analytics Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1731592 2019-10-10] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2649608 2019-10-10] (Rivet Networks LLC -> Rivet Networks)
R3 Killer Wifi Optimization Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73720 2019-10-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 KillerSmartphoneSleepService; C:\Windows\System32\drivers\RivetNetworks\Killer\KSPSService.exe [73720 2019-10-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 LMS; C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe [552848 2019-06-02] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1742072 2019-10-10] (A-Volute -> Nahimic)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-08-05] (Even Balance, Inc. -> )
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [970528 2019-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SMV4_Service; C:\Program Files\ControlCenter\SMV4_Service.exe [19968 2019-12-04] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73728 2019-10-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73944 2019-10-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [207784 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [136040 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e2kw10x64; C:\Windows\System32\drivers\e2kw10x64.sys [1168168 2019-07-08] (Realtek Semiconductor Corp. -> Realtek )
R3 ETDMiniPTP; C:\Windows\System32\drivers\ETDMiniPTP.sys [27800 2019-05-06] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [33432 2019-05-06] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S0 IaNVMe; C:\Windows\System32\drivers\IaNVMe.sys [150088 2019-07-01] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [72776 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [13843960 2019-08-09] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [179336 2019-10-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9214968 2019-10-31] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\nvlddmkm.sys [22734536 2019-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-10-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [460408 2019-05-16] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\ThrottleStop_8.70.6\WinRing0x64.sys [14544 2019-08-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2019-08-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 11:16 - 2020-02-07 11:17 - 000054869 _____ C:\Users\Blake\Desktop\FRST.txt
2020-02-07 11:15 - 2020-02-07 11:16 - 000000000 ____D C:\FRST
2020-02-07 11:14 - 2020-02-07 11:14 - 002279424 _____ (Farbar) C:\Users\Blake\Desktop\FRST64.exe
2020-02-07 10:50 - 2020-02-07 10:50 - 000000000 ____D C:\Users\Blake\AppData\Local\AviraSpeedup
2020-02-05 13:28 - 2020-02-05 13:28 - 000241249 _____ C:\Users\Blake\Downloads\statement.pdf
2020-02-05 11:33 - 2020-02-05 11:33 - 000019802 _____ C:\Users\Blake\Downloads\Noode-Social-DR-Dec-1-2019-Dec-31-2019.xlsx
2020-02-05 11:33 - 2020-02-05 11:32 - 000020681 ____T C:\Users\Blake\Downloads\Noode-Social-DR-Jan-1-2020-Jan-31-2020.xlsx
2020-02-05 11:08 - 2020-02-05 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-05 02:20 - 2020-02-05 02:20 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-02-05 02:20 - 2020-02-05 02:20 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-02-05 02:20 - 2020-02-05 02:20 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-02-05 02:20 - 2020-02-05 02:20 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-02-04 13:39 - 2020-02-04 13:39 - 000000000 ____D C:\Users\Blake\Downloads\Anthony James - Font Bundle 3
2020-02-04 12:38 - 2020-02-04 12:38 - 003341556 _____ C:\Windows\Minidump\020420-17281-01.dmp
2020-02-04 08:05 - 2020-02-04 08:05 - 000001293 _____ C:\Users\Blake\Downloads\Attack On Your 1&1 IONOS Mailbox
[email protected]_ Important Information.eml
2020-02-03 21:00 - 2020-02-03 21:00 - 000161748 _____ C:\Users\Blake\Downloads\image-asset.jpeg
2020-02-03 20:29 - 2020-02-03 20:20 - 006743467 ___RT C:\Users\Blake\Downloads\Anthony James - Font Bundle 3.zip
2020-02-03 20:29 - 2020-02-03 20:17 - 000169288 ___RT C:\Users\Blake\Downloads\Kingston Font Medium.ttf
2020-02-03 20:29 - 2020-02-03 20:17 - 000117336 ___RT C:\Users\Blake\Downloads\SF Kingston Medium.otf
2020-02-03 20:20 - 2020-02-03 20:20 - 006743467 ___RT C:\Users\Blake\Downloads\Anthony James - Font Bundle 3[7919].zip
2020-02-03 15:07 - 2020-02-03 15:07 - 000089235 _____ C:\Users\Blake\Downloads\Creative Market Receipt (#103295534).pdf
2020-02-03 14:50 - 2020-02-03 14:50 - 000000000 ____D C:\Users\Blake\Downloads\Font-Bundle-25-in-1
2020-02-03 14:49 - 2020-02-03 14:49 - 006370647 _____ C:\Users\Blake\Downloads\Font-Bundle-25-in-1.zip
2020-01-31 22:04 - 2020-01-31 22:04 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Order of the Phoenix (2007) [1080p]
2020-01-30 14:19 - 2020-01-30 14:19 - 003269556 _____ C:\Windows\Minidump\013020-23125-01.dmp
2020-01-28 13:31 - 2020-01-28 13:31 - 000000000 ____D C:\Users\Blake\Downloads\SOUN Sections Ready 1.0.0
2020-01-28 13:08 - 2020-01-28 13:10 - 710995943 _____ C:\Users\Blake\Downloads\themeforest-gSJ9d1iZ-ella-responsive-shopify-template.zip
2020-01-27 12:17 - 2020-01-27 12:17 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-27 10:07 - 2020-01-27 10:07 - 000000000 ____D C:\Users\Blake\AppData\Local\Avira
2020-01-27 10:06 - 2020-01-27 10:06 - 000004140 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1580072772
2020-01-27 10:06 - 2020-01-27 10:06 - 000001411 _____ C:\Users\Blake\Desktop\Opera Browser.lnk
2020-01-27 10:06 - 2020-01-27 10:06 - 000001411 _____ C:\Users\Blake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2020-01-27 10:06 - 2020-01-27 10:06 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2020-01-27 10:06 - 2020-01-27 10:06 - 000000000 ____D C:\Users\Blake\AppData\Roaming\Opera Software
2020-01-27 10:06 - 2020-01-27 10:06 - 000000000 ____D C:\Users\Blake\AppData\Local\Opera Software
2020-01-27 10:05 - 2020-01-27 10:05 - 000003374 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-01-27 10:05 - 2020-01-27 10:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-01-27 10:05 - 2019-12-02 10:26 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2020-01-27 10:05 - 2019-09-19 11:07 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2020-01-27 10:05 - 2019-06-07 16:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2020-01-27 10:05 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2020-01-27 10:05 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2020-01-27 10:05 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2020-01-27 10:05 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avelam.sys
2020-01-27 10:03 - 2020-02-07 11:00 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-27 10:03 - 2020-02-07 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-27 10:03 - 2020-02-07 10:57 - 000000000 ____D C:\ProgramData\Avira
2020-01-27 10:03 - 2020-01-27 10:03 - 006177704 _____ (Avira Operations GmbH & Co. KG) C:\Users\Blake\Downloads\avira_en_fass0_1134704541-1580072581__ws.exe
2020-01-27 10:03 - 2020-01-27 10:03 - 000001261 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-27 10:03 - 2020-01-27 10:03 - 000001261 _____ C:\ProgramData\Desktop\Avira.lnk
2020-01-26 20:09 - 2020-01-26 20:09 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Deathly Hallows Part 1 (2010) [1080p]
2020-01-26 19:46 - 2020-01-26 19:46 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Prisoner of Azkaban (2004) 1080p.BRrip.scOrp.sujaidr (pimprg)
2020-01-26 19:29 - 2020-01-26 21:08 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Deathly Hallows Part 2 (2011) [1080p] [3D] [HSBS]
2020-01-26 19:25 - 2020-01-26 19:26 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Half Blood Prince (2009) [1080p]
2020-01-26 19:23 - 2020-01-26 19:24 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Goblet of Fire (2005) [1080p]
2020-01-26 19:21 - 2020-01-26 19:45 - 004519477 ____H C:\Users\Blake\Downloads\.8d172817f4b39a12b07f64dfa2f3544b89772635.parts
2020-01-26 19:21 - 2020-01-26 19:21 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Chamber of Secrets (2002) [1080p]
2020-01-26 19:20 - 2020-01-26 19:20 - 000000000 ____D C:\Users\Blake\Downloads\Harry Potter and the Sorcerers Stone (2001) [1080p]
2020-01-24 12:07 - 2020-01-24 12:07 - 006725981 _____ C:\Users\Blake\Downloads\2020-01-22 18-09-03.webm
2020-01-23 13:49 - 2020-01-23 13:49 - 000242263 _____ C:\Users\Blake\Downloads\Healthy-Natural-Life-Expo-Letter.pdf
2020-01-23 12:18 - 2020-02-04 12:38 - 1508819354 _____ C:\Windows\MEMORY.DMP
2020-01-23 12:18 - 2020-01-23 12:18 - 000600132 _____ C:\Windows\Minidump\012320-19437-01.dmp
2020-01-22 17:54 - 2020-01-22 21:52 - 000000000 ____D C:\Users\Blake\AppData\Roaming\obs-studio
2020-01-22 17:51 - 2020-01-22 17:51 - 000001012 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-01-22 17:51 - 2020-01-22 17:51 - 000001012 _____ C:\ProgramData\Desktop\OBS Studio.lnk
2020-01-22 17:51 - 2020-01-22 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-22 17:51 - 2020-01-22 17:51 - 000000000 ____D C:\Program Files\obs-studio
2020-01-22 17:49 - 2020-01-22 17:49 - 074969224 _____ (obsproject.com) C:\Users\Blake\Downloads\OBS-Studio-24.0.3-Full-Installer-x64.exe
2020-01-21 16:10 - 2020-01-21 16:10 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2020-01-21 16:10 - 2020-01-21 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-01-21 16:10 - 2020-01-21 16:10 - 000000000 ____D C:\ProgramData\Documents\NativeFus_Log
2020-01-21 16:10 - 2019-12-17 23:50 - 000166760 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2020-01-21 16:10 - 2019-12-17 23:50 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2020-01-21 16:09 - 2020-01-21 16:10 - 000000000 ____D C:\Users\Blake\AppData\Roaming\Samsung
2020-01-21 16:09 - 2020-01-21 16:10 - 000000000 ____D C:\Program Files (x86)\Samsung
2020-01-21 16:09 - 2020-01-21 16:09 - 000000000 ____D C:\ProgramData\Samsung
2020-01-21 16:09 - 2016-12-09 09:04 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2020-01-21 16:08 - 2020-01-21 16:08 - 040486560 _____ (Samsung Electronics) C:\Users\Blake\Downloads\SmartSwitch.exe
2020-01-20 22:10 - 2020-01-20 22:10 - 000001704 _____ C:\Users\Public\Desktop\ControlCenter.lnk
2020-01-20 22:10 - 2020-01-20 22:10 - 000001704 _____ C:\ProgramData\Desktop\ControlCenter.lnk
2020-01-20 22:09 - 2020-01-27 21:03 - 000000000 ____D C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-ai_gaming_professional-19.12.11.03
2020-01-20 22:09 - 2020-01-20 22:10 - 000000000 ____D C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-controlcenter-19.12.18.02
2020-01-20 22:08 - 2020-01-20 22:08 - 162246818 _____ C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-controlcenter-19.12.18.02.zip
2020-01-20 22:08 - 2020-01-20 22:08 - 020350112 _____ C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-ai_gaming_professional-19.12.11.03.zip
2020-01-20 22:08 - 2020-01-20 22:08 - 000000000 ____D C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-thunderbolt
2020-01-20 22:08 - 2020-01-20 22:08 - 000000000 ____D C:\Users\Blake\Downloads\nb-bios-aero15oled-va-win10-64bit-fb08-fd08-ec-f007
2020-01-20 22:07 - 2020-01-20 22:07 - 012016538 _____ C:\Users\Blake\Downloads\nb-bios-aero15oled-va-win10-64bit-fb08-fd08-ec-f007.zip
2020-01-20 22:07 - 2020-01-20 22:07 - 001552727 _____ C:\Users\Blake\Downloads\nb-driver-64bit-win10-dchu-thunderbolt.zip
2020-01-20 21:54 - 2020-01-20 21:56 - 376293680 _____ (Intel) C:\Users\Blake\Downloads\igfx_win10_100.7584.exe
2020-01-20 21:53 - 2020-01-20 21:53 - 000000000 ____D C:\Users\Blake\Downloads\Intel Driver and Support Assistant
2020-01-20 19:41 - 2020-01-20 19:41 - 000136837 _____ C:\Users\Blake\Downloads\YDDPXG_1.pdf
2020-01-19 17:17 - 2020-01-19 17:17 - 000004730 _____ C:\Users\Blake\Downloads\muzli-colors.svg
2020-01-19 16:59 - 2020-01-19 16:59 - 000007906 _____ C:\Users\Blake\Downloads\undraw_heatmap_uyye.svg
2020-01-19 16:58 - 2020-01-19 16:58 - 000017758 _____ C:\Users\Blake\Downloads\undraw_drag_5i9w.svg
2020-01-19 16:58 - 2020-01-19 16:58 - 000009292 _____ C:\Users\Blake\Downloads\undraw_detailed_analysis_xn7y.svg
2020-01-19 16:58 - 2020-01-19 16:58 - 000006351 _____ C:\Users\Blake\Downloads\undraw_photo_session_clqr.svg
2020-01-19 16:57 - 2020-01-19 16:57 - 000003968 _____ C:\Users\Blake\Downloads\undraw_fill_forms_yltj.svg
2020-01-19 16:56 - 2020-01-19 16:56 - 000012078 _____ C:\Users\Blake\Downloads\undraw_dev_focus_b9xo.svg
2020-01-19 16:56 - 2020-01-19 16:56 - 000008490 _____ C:\Users\Blake\Downloads\undraw_two_factor_authentication_namy.svg
2020-01-19 16:56 - 2020-01-19 16:56 - 000006371 _____ C:\Users\Blake\Downloads\undraw_online_media_62jb.svg
2020-01-19 16:55 - 2020-01-19 16:55 - 000008556 _____ C:\Users\Blake\Downloads\undraw_content_structure_79gj.svg
2020-01-19 16:55 - 2020-01-19 16:55 - 000007230 _____ C:\Users\Blake\Downloads\undraw_annotation_7das.svg
2020-01-19 16:55 - 2020-01-19 16:55 - 000006889 _____ C:\Users\Blake\Downloads\undraw_personal_finance_tqcd.svg
2020-01-19 16:54 - 2020-01-19 16:54 - 000011453 _____ C:\Users\Blake\Downloads\undraw_unDraw_1000_gty8.svg
2020-01-19 16:54 - 2020-01-19 16:54 - 000005963 _____ C:\Users\Blake\Downloads\undraw_online_ad_mg4t.svg
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Users\Blake\Downloads\Star Wars Episode VIII The Last Jedi 2017 BluRay 1080p AAC x264-MTeamPAD[EtHD]
2020-01-17 09:37 - 2020-01-17 09:37 - 036181610 _____ C:\Users\Blake\Downloads\09.01.19_BARE_package designs.pdf
2020-01-17 09:33 - 2020-01-17 09:33 - 000134676 _____ C:\Users\Blake\Downloads\9FGWZQ_1.pdf
2020-01-17 09:18 - 2020-01-17 09:18 - 000460594 _____ C:\Users\Blake\Downloads\Customer Statements (2).pdf
2020-01-17 08:25 - 2020-01-17 08:25 - 000005270 _____ C:\Users\Blake\Downloads\purchase_export_golden-pea-protein-16_2020-01-16_1925.csv
2020-01-15 10:31 - 2020-01-15 10:31 - 000000024 _____ C:\Windows\system32\WinUpdates105.dat
2020-01-15 10:31 - 2019-12-11 15:46 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2020-01-14 16:29 - 2020-01-14 16:34 - 000000000 ____D C:\Users\Blake\Downloads\Jojo.Rabbit.2019.DVDScr.XVID.AC3.HQ.Hive-CM8[TGx]
2020-01-13 11:51 - 2020-01-13 11:51 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-10 09:19 - 2020-01-10 09:19 - 000007736 _____ C:\Users\Blake\Downloads\lottieflow-background-13-332d77-easey.json
2020-01-10 09:16 - 2020-01-10 09:16 - 000019234 _____ C:\Users\Blake\Downloads\lottieflow-bakground-11-332d77-easey.json
2020-01-10 09:15 - 2020-01-10 09:15 - 000030938 _____ C:\Users\Blake\Downloads\lottieflow-menu-nav-11-21-332d77-easey.json
2020-01-09 10:31 - 2020-01-09 10:31 - 000004917 _____ C:\Users\Blake\Downloads\purchase_export_golden-pea-protein-16_2020-01-08_2131.csv
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 11:17 - 2019-03-19 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-07 11:06 - 2019-08-02 22:23 - 000842860 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-07 11:06 - 2019-03-19 17:50 - 000000000 ____D C:\Windows\INF
2020-02-07 11:02 - 2019-08-02 22:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-07 11:01 - 2020-01-05 16:56 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2020-02-07 11:01 - 2019-12-23 07:56 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2020-02-07 11:01 - 2019-12-03 20:27 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2020-02-07 11:01 - 2019-12-03 20:27 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2020-02-07 11:00 - 2019-08-02 22:50 - 000000000 __SHD C:\Users\Blake\IntelGraphicsProfiles
2020-02-07 11:00 - 2019-08-02 22:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-07 10:59 - 2019-08-02 22:47 - 000018813 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-02-07 10:59 - 2019-08-02 22:47 - 000017429 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-02-07 10:59 - 2019-08-02 22:47 - 000009568 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-02-07 10:59 - 2019-03-19 17:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2020-02-07 10:59 - 2019-03-19 17:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-02-07 10:58 - 2019-10-18 14:57 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-02-07 10:58 - 2019-08-02 22:56 - 000000000 ____D C:\ProgramData\Package Cache
2020-02-07 10:58 - 2019-08-02 22:56 - 000000000 ____D C:\Program Files (x86)\Intel
2020-02-07 10:52 - 2019-10-17 11:56 - 000000000 ____D C:\Users\Blake\AppData\LocalLow\Temp
2020-02-07 10:52 - 2019-08-06 17:22 - 000000000 ____D C:\Program Files\Guild Wars 2
2020-02-07 10:52 - 2019-08-03 18:15 - 000000000 ____D C:\Windows\Panther
2020-02-07 10:49 - 2019-12-29 12:39 - 000000000 ___RD C:\Users\Blake\Google Drive (
[email protected])
2020-02-07 10:49 - 2019-09-05 17:25 - 000000000 ___RD C:\Users\Blake\Google Drive
2020-02-07 10:48 - 2019-10-24 16:16 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-02-07 10:42 - 2019-08-02 22:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-07 10:41 - 2019-08-02 22:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-02-06 23:07 - 2019-03-19 17:52 - 000000000 ____D C:\Windows\ServiceState
2020-02-05 15:44 - 2019-08-02 22:44 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 15:44 - 2019-08-02 22:44 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-05 13:50 - 2019-08-03 10:58 - 000000000 ____D C:\Users\Blake\AppData\Local\CrashDumps
2020-02-05 11:08 - 2019-08-02 23:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-04 22:51 - 2019-08-02 22:20 - 000000000 ____D C:\Users\Blake
2020-02-04 14:41 - 2019-03-19 17:52 - 000000000 ____D C:\Windows\system32\NDF
2020-02-04 12:38 - 2019-08-02 22:17 - 000000000 ____D C:\Windows\minidump
2020-02-04 12:23 - 2019-08-08 00:04 - 000025132 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-02-03 13:47 - 2019-11-28 01:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-02-03 13:47 - 2019-11-28 01:08 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-02-01 11:02 - 2019-08-09 22:26 - 000000000 ____D C:\Users\Blake\AppData\Roaming\uTorrent Web
2020-02-01 10:28 - 2019-09-23 11:23 - 000000000 ____D C:\Users\Blake\AppData\Local\BitTorrentHelper
2020-01-30 16:58 - 2019-08-15 13:48 - 000000000 ____D C:\Users\Blake\AppData\Local\ElevatedDiagnostics
2020-01-30 14:19 - 2019-08-02 23:10 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-30 14:19 - 2019-08-02 23:10 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-29 08:10 - 2019-08-02 23:10 - 000003998 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-29 08:10 - 2019-08-02 23:10 - 000003766 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-28 13:30 - 2019-12-13 13:50 - 001194575 _____ C:\Users\Blake\Downloads\ella-3.0.0-sections-ready.zip
2020-01-27 21:04 - 2019-08-02 22:55 - 000000000 ____D C:\Program Files\ControlCenter
2020-01-27 10:28 - 2019-08-02 22:15 - 000295384 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-27 10:05 - 2019-03-19 17:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-01-27 10:04 - 2019-09-27 09:47 - 000000000 ____D C:\Users\Blake\AppData\Roaming\Mozilla
2020-01-26 10:45 - 2019-09-05 17:23 - 000002033 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000002033 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000002031 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000002031 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000002021 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000002021 _____ C:\ProgramData\Desktop\Google Docs.lnk
2020-01-26 10:45 - 2019-09-05 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-01-25 14:49 - 2019-09-04 13:17 - 000000000 ____D C:\Users\Blake\AppData\Roaming\Spotify
2020-01-25 14:49 - 2019-09-04 13:17 - 000000000 ____D C:\Users\Blake\AppData\Local\Spotify
2020-01-25 14:47 - 2019-08-02 22:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-01-23 12:18 - 2019-03-19 17:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-01-22 18:32 - 2019-08-02 23:48 - 000000000 ____D C:\Users\Blake\AppData\Local\D3DSCache
2020-01-22 18:08 - 2019-08-07 16:23 - 000000000 ____D C:\Users\Blake\AppData\Roaming\vlc
2020-01-21 16:09 - 2019-08-02 22:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-20 22:00 - 2019-08-02 22:50 - 000000000 ____D C:\ProgramData\Intel
2020-01-20 21:36 - 2019-10-01 10:06 - 000000515 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2020-01-20 19:13 - 2019-08-02 23:39 - 000000000 ___RD C:\Users\Blake\Dropbox (Noode Nutrition)
2020-01-19 15:56 - 2019-08-02 22:23 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1852536608-4100961931-219591902-1001
2020-01-19 15:56 - 2019-08-02 22:23 - 000000000 ___RD C:\Users\Blake\OneDrive
2020-01-19 15:56 - 2019-08-02 22:20 - 000002397 _____ C:\Users\Blake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-16 23:23 - 2019-08-02 22:21 - 000000000 ____D C:\Users\Blake\AppData\Local\ConnectedDevicesPlatform
2020-01-14 22:15 - 2019-11-19 18:00 - 000001913 _____ C:\Users\Blake\Desktop\uTorrent Web.lnk
2020-01-14 22:15 - 2019-08-09 22:26 - 000001899 _____ C:\Users\Blake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-01-14 22:13 - 2019-10-17 10:50 - 000000765 _____ C:\Windows\system32\InstallUtil.InstallLog
2020-01-13 11:51 - 2019-03-19 17:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-12 21:13 - 2019-03-19 17:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-12 21:13 - 2019-03-19 17:52 - 000000000 ____D C:\Windows\AppReadiness
2020-01-11 12:23 - 2019-12-20 10:12 - 000018771 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-10 09:50 - 2019-12-18 23:24 - 000011287 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-09 23:20 - 2019-08-31 06:36 - 000019110 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-08 18:56 - 2019-08-29 02:50 - 000019806 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-08 08:11 - 2019-08-27 00:10 - 000011265 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
==================== Files in the root of some directories ========
2019-11-28 04:14 - 2019-11-28 04:14 - 000000000 _____ () C:\Users\Blake\AppData\Local\oobelibMkey.log
2019-11-26 08:25 - 2019-12-03 21:07 - 000000600 _____ () C:\Users\Blake\AppData\Local\PUTTY.RND
2019-08-10 10:32 - 2019-08-10 10:32 - 000007608 _____ () C:\Users\Blake\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Blake (07-02-2020 11:17:56)
Running from C:\Users\Blake\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-08-02 09:17:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1852536608-4100961931-219591902-500 - Administrator - Disabled)
Blake (S-1-5-21-1852536608-4100961931-219591902-1001 - Administrator - Enabled) => C:\Users\Blake
DefaultAccount (S-1-5-21-1852536608-4100961931-219591902-503 - Limited - Disabled)
Guest (S-1-5-21-1852536608-4100961931-219591902-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1852536608-4100961931-219591902-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{825F60D9-2633-4D52-B2B0-5DA143433BBC}) (Version: 3.48.8668.1933 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.10 - Kakao Games Europe B.V.)
Control Center 19.12.18.02 (HKLM\...\Control Center) (Version: 19.12.18.02 - GIGABYTE)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{7285F1A0-97E2-4870-AE66-D844A14DDB27}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FileZilla Client 3.46.0 (HKLM-x32\...\FileZilla Client) (Version: 3.46.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Grammarly (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\GrammarlyForWindows) (Version: 1.5.57 - Grammarly)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel Driver && Support Assistant (HKLM-x32\...\{192E8D15-4497-476D-A2DC-728658EFDF5D}) (Version: 20.1.5.6 - Intel) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel® Corporation)
Intel® Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1923.12.0.1278 - Intel Corporation)
Intel® NVME Miniport and Filter Device Management (HKLM\...\{d4adb5bf-1030-4537-9954-799459207933}) (Version: 4.3.0.1006 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7063 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000040-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.40.0.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{db2b22b1-e3a5-41f6-8761-26638d7a7003}) (Version: 20.1.5.6 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Killer Performance Driver Suite UWD (HKLM\...\{BBD4E156-C8D8-4A91-BF54-64A43D2CBD72}) (Version: 2.1.1362 - Rivet Networks)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.0.863 - Logitech)
Microsoft OneDrive (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.1 - Mozilla)
Mozilla Thunderbird 68.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 68.1.1 (x86 en-US)) (Version: 68.1.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 440.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 440.97 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
OpenOffice 4.1.6 (HKLM-x32\...\{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 66.0.3515.44 (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\Opera 66.0.3515.44) (Version: 66.0.3515.44 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Print Agent 2 (HKLM-x32\...\{7acc2814-888c-4993-8d33-15e94b77f19f}_is1) (Version: 15.11.1091 - GSS)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31248 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8773.1 - Realtek Semiconductor Corp.)
RSI Launcher 1.2.1 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.2.1 - Cloud Imperium Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19114.7 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19114.7 - Samsung Electronics Co., Ltd.)
Spotify (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\Spotify) (Version: 1.1.24.91.g4ca6d5eb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.53.115.1020 - Electronic Arts Inc.)
uTorrent Web (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\ZoomUMX) (Version: 4.4 - Zoom Video Communications, Inc.)
Packages:
=========
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-09-09] (Instagram)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-02] (INTEL CORP)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.1.3160.0_x64__rh07ty8m5nkag [2019-11-30] (Rivet Networks LLC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm [2019-12-26] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-01] (NVIDIA Corp.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-08-09] (Plex)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.5.191.0_x64__dt26b99r8h8gj [2019-10-19] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1852536608-4100961931-219591902-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-1852536608-4100961931-219591902-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox (Personal)] => C:\Users\Blake\Dropbox (Personal) [2019-08-02 23:39]
CustomCLSID: HKU\S-1-5-21-1852536608-4100961931-219591902-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox (Noode Nutrition)] => C:\Users\Blake\Dropbox (Noode Nutrition) [2019-08-02 23:39]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-09-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvgbi.inf_amd64_86dc46fb19d8cd14\nvshext.dll [2019-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Blake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Authy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
==================== Loaded Modules (Whitelisted) =============
2017-11-14 15:47 - 2019-08-09 15:30 - 000065536 _____ (OpenLibSys.org) [File not signed] C:\Program Files (x86)\ThrottleStop_8.70.6\WinRing0.dll
2020-01-27 10:06 - 2020-01-27 10:06 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\4424cbf65ca0c15982f57a4917db6ad1\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Blake\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Blake\Downloads\NVP_Caramel.jpg:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Blake\Downloads\NVP_Chocolate.jpg:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Blake\Downloads\NVP_Vanilla.jpg:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Blake\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 17:49 - 2019-03-19 17:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Blake\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\720733.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AorusFusion"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Seagull Drivers V3"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1852536608-4100961931-219591902-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A6D286A1-489C-420E-A53F-AD4BAA9AD051}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1A65158B-C329-4987-A02D-2646B38ED5E5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E3623FC3-A0C0-4446-B19E-D58CD4DD2AE5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{7FDF45D6-8B96-4F1F-9F20-020CD90F7A36}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8758DD6F-E570-4C9D-8E5B-A676D9961EA7}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{76E2B4FC-8A19-45E4-9FFA-B4C7096F322A}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{31BFB80F-8B95-41CC-B6EE-64C3E91BDBC5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{233D8673-81B5-43DA-A63F-1790B134201A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C7AC7222-49B0-45F5-8C32-6B5B10B73D87}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0F99B0C9-C7FB-464D-97D1-051A778F0D83}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{8FD926B3-3EB5-4CDF-BF62-6D9DA0B9999C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{DEE25779-E731-4417-B197-8231CD19628C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{A3583E86-7903-4AF3-B316-0B5FEF9ACE0F}C:\users\blake\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\blake\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{26CB3CC0-02B2-4E83-A37B-48ADA307A81B}C:\users\blake\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\blake\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [{56C6DD29-2414-4067-9B42-1624FCF8387B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA108CD8-364F-44EA-9D7D-6639F29E8C6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5FA2DB36-E995-4DFC-A8D0-C0CFB5A5DE67}C:\users\blake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\blake\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0CB6D0EC-17E2-4C1C-BBD9-3FF1A667A43D}C:\users\blake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\blake\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C776D1FE-B35D-4998-8F4D-475ACB26F978}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{13218E9E-AEF0-4BB6-A9F8-D13FB5CC7B66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{566D904A-5D9E-46A6-B3C2-60EA7E1FE427}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D6BB71E0-BA3C-4E5C-A472-77F11F00CFD7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FF74E4A5-C395-4A6A-999C-F59A7D2FDBB4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C0022213-CA09-42B3-94FE-BE43B362D835}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{9A86F87C-1F6E-4482-988D-FA79FA30DCE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{D0339C05-94EC-45EA-A5B8-62986900AAE0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6055C8A9-8EB0-40F2-8562-EC3458801CAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{0DC541A9-EB82-4C05-8FAE-9565B57D47A3}C:\users\blake\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\blake\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{D87AB467-C12B-46F8-A591-5430C94C4587}C:\users\blake\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\blake\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{847E86CB-D37F-4CE0-92BD-44D3A2B777C8}C:\program files (x86)\steam\steamapps\common\aoc apocalypse open beta\windowsclient\apoc\binaries\win64\apocclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aoc apocalypse open beta\windowsclient\apoc\binaries\win64\apocclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{0B71875F-5300-49B2-8E2E-785829BE2182}C:\program files (x86)\steam\steamapps\common\aoc apocalypse open beta\windowsclient\apoc\binaries\win64\apocclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aoc apocalypse open beta\windowsclient\apoc\binaries\win64\apocclient-win64-shipping.exe No File
FirewallRules: [{2150C538-5C5B-406E-A9C4-192E77E32920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{95EA5AED-D6C1-4E6C-A08C-87A1CBDC0583}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{A5CAD35C-9DFC-4305-9EB9-239607F85051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{9CE2F4CC-5648-4929-86A3-11609B2FB01D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [TCP Query User{AD194BEC-E980-4D61-8D16-DF42FB2349ED}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{F28CA62C-04F7-47E1-8A65-E30CDF33AB0C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{DEF874F0-7F16-4BEA-A4A0-AC0E19D14FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD319CD0-597A-43EC-9AEC-F1640497F40F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{544FFAC4-B86C-4E5D-8760-1ADEDBBAFAE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EDD63AF-3283-417F-9F4F-F19782F34AE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{423291BD-3AE4-4E9F-B853-C2010684F6D8}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{01FB727D-C4C7-4CB7-8E40-A580F2EB877E}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [{28E7B0C9-1538-4A62-83F2-9DCE1406E63B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{1778359B-3A0C-4BD0-8719-C300194245CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [TCP Query User{74E2A800-5892-4A95-8C14-1533ED296537}C:\users\blake\downloads\old stuff\diablo ii\game.exe] => (Allow) C:\users\blake\downloads\old stuff\diablo ii\game.exe No File
FirewallRules: [UDP Query User{E3505608-F067-4731-8F50-C0FEF6EC6692}C:\users\blake\downloads\old stuff\diablo ii\game.exe] => (Allow) C:\users\blake\downloads\old stuff\diablo ii\game.exe No File
FirewallRules: [{A8DA2488-42CC-47B3-ACDE-203B5193DE35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{A7256F97-C2CE-422F-97BA-0386405A2F42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{11F39425-CA84-41D0-B686-83B226566960}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{8E68E967-6439-4745-8747-8FC57DB1AF59}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{747EBFE5-82A7-471C-B994-D1233E8D8D7E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{425481CB-7AE0-46DA-8B6E-6EBA02C8CBCC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{76985B90-E376-4F12-A351-C75EE0074ED6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
==================== Restore Points =========================
20-01-2020 21:37:03 Intel® Extreme Tuning Utility
25-01-2020 14:47:15 Intel® Extreme Tuning Utility
27-01-2020 12:17:13 Avira System Speedup Optimization
05-02-2020 14:56:49 Scheduled Checkpoint
07-02-2020 10:57:13 Removed Avira Software Updater
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/07/2020 11:01:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ControlCenter.exe, version: 19.12.4.1, time stamp: 0x5df9951f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff85a7a8645
Faulting process id: 0x314c
Faulting application start time: 0x01d5dd38ebae8562
Faulting application path: C:\Program Files\ControlCenter\ControlCenter.exe
Faulting module path: unknown
Report Id: 4c3a1ba2-7f93-4151-87ef-c8bb45862042
Faulting package full name:
Faulting package-relative application ID:
Error: (02/07/2020 11:01:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ControlCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Intel.Overclocking.SDK.Tuning.TuningLibrary.ProposeChange(System.Collections.Generic.List`1<Intel.Overclocking.SDK.Tuning.ClientTuningProposal>, System.Collections.Generic.List`1<Intel.Overclocking.SDK.Tuning.ClientTuningProposalResult> ByRef, Boolean ByRef)
at Intel.Overclocking.SDK.Tuning.TuningLibrary.Tune(System.Collections.Generic.List`1<Intel.Overclocking.SDK.Tuning.ClientTuningProposal>, Boolean ByRef)
at Intel.Overclocking.SDK.Tuning.TuningLibrary.Tune(UInt32, System.Decimal, Boolean)
at CPUOC.OCobj.ApplyCpu(System.String ByRef)
at SmartDashboard.Dashboard.cpuprocess(Int32 ByRef)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (02/07/2020 11:00:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2
Faulting module name: OriginWebHelperService.exe, version: 10.5.56.33908, time stamp: 0x5dd474e2
Exception code: 0xc0000005
Fault offset: 0x00098210
Faulting process id: 0x1570
Faulting application start time: 0x01d5dd38d30235d4
Faulting application path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Faulting module path: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Report Id: 42d4e463-f42e-4b29-83ca-a70018e8c87e
Faulting package full name:
Faulting package-relative application ID:
Error: (02/07/2020 10:59:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/07/2020 10:59:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/07/2020 10:59:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/07/2020 10:59:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/07/2020 10:59:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
System errors:
=============
Error: (02/07/2020 11:18:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/07/2020 11:18:29 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/07/2020 11:16:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/07/2020 11:16:29 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/07/2020 11:14:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/07/2020 11:14:29 AM) (Source: DCOM) (EventID: 10010) (User: AERO)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (02/07/2020 11:12:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (02/07/2020 11:12:29 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2019-12-29 12:11:48.326
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {538C1E58-9C7D-4119-B873-BBAB81697FE2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-27 09:02:13.634
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {87E6A387-6481-4486-A980-C74F06954B46}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-16 12:16:26.126
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {54FBFCA7-FBFC-4E53-AE9E-CBB6C99807C2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-14 14:14:03.154
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5DAB7AE3-7B39-4CEA-979C-75B6BEA4D77A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-14 13:09:07.721
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1B03815D-76D8-48DB-9E1B-F471016328D5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-01-13 11:50:59.985
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2019-12-08 16:17:40.320
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.3480.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-12-01 11:31:57.631
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.3106.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80070422
Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
CodeIntegrity:
===================================
Date: 2020-02-06 18:55:00.382
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.370
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.364
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.286
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.278
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-06 18:55:00.273
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume4\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FB05 07/01/2019
Motherboard: GIGABYTE AERO 15-SA
Processor: Intel® Core i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 16207.35 MB
Available physical RAM: 8639.9 MB
Total Virtual: 23375.35 MB
Available Virtual: 13525.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:71.02 GB) NTFS
\\?\Volume{b025677f-da88-495c-a5cd-60cbbc9e4ea9}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{7b333c6b-23a1-46ad-a31f-eebc68906b3b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 47025B40)
Partition: GPT.
==================== End of Addition.txt =======================
Thanks in advance!