This topic is locked
PC acting slow and not getting the performance of similar spec'd pc's thanks
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by ciara (administrator) on DESKTOP-KT5JT22 (MSI MS-7977) (14-08-2020 19:14:34)
Running from D:\Downloads
Loaded Profiles: ciara
Platform: Windows 10 Pro Version 2004 19041.329 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Amagicom AB -> Mullvad VPN AB) C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe
(BattlEye Innovations e.K. -> ) C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Discord Inc. -> Discord Inc.) C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe <7>
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> ) C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
(Epic Games Inc. -> BattlEye Innovations) C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping_BE.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(FACE IT LIMITED -> FACEIT Ltd.) C:\Users\ciara\AppData\Local\FACEITApp\app-1.24.1\FACEIT.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2005.5739.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(Red Giant LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe <5>
(SteelSeries ApS -> ) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\runStatsElevated.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SteelSeries ApS -> SteelSeries) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\SystemStatsOHM.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2020-06-10] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1136104 2020-08-02] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Discord] => C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32406416 2020-08-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2887160 2020-07-12] (Kristjan Skutta -> )
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [com.blitz.app] => C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe [90735248 2020-07-29] (Swift Media Entertainment, Inc. -> Blitz Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [FACEIT] => C:\Users\ciara\AppData\Local\FACEITApp\update.exe [2204608 2020-07-30] (FACE IT LIMITED -> )
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3143456 2020-08-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-08-08]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mailspring.lnk [2020-06-29]
ShortcutTarget: Mailspring.lnk -> C:\Users\ciara\AppData\Local\Mailspring\Update.exe (Foundry 376, LLC -> )
Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-08-01]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
GroupPolicy-Firefox: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {27DC39CE-0E05-4A55-967A-C9EF414C806A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {30449AC0-6800-4842-B276-B9EDBDFCD674} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38A147DD-FE1F-4BE8-A6DE-E6547124069F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3ADED984-91F6-4431-9624-6C270DD31F9E} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\WINDOWS\system32\winlogui.exe [750592 2020-07-07] (Microsoft Corporation) [File not signed]
Task: {3EC1AB5D-F7C4-407B-9796-8F8EDA876EDA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {44B1AED4-818F-4D93-9501-47FA09A24E66} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {686AE0E2-7436-43C5-BD2E-D9D5098949B2} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {81A195CE-B004-4FEF-BCE7-116E5C75D059} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84D4B109-5623-4273-BE11-148E211BB412} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3266006208-3946979777-4142415845-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-10] (Microsoft Windows -> )
Task: {86932916-3A91-4682-BA1A-19B4BDA5D826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8CC4F12C-7D02-43E3-AE3B-AA1EC127821F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98A080E1-E215-4127-9F93-112F96D0F0B6} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {A211F0FD-1D80-48BA-B092-544A21D91C27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5DAB316-A813-4047-AF81-44AE496BBB91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFBC50BE-737A-4D77-A9A3-9201299ADF25} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B298E9CC-C6C1-4E37-AA20-20C2E39C75F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C84EB787-39E3-4460-AF89-227A37A9FF43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C855E9E2-B5FD-4F92-93A8-84379F3B7E05} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D26E68B5-4BD8-4D5C-846F-B2B6C0B814D8} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2020-07-07] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {DBDDB15D-19DF-4E6B-86FE-402131640ECB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E073334B-C1DA-42DF-879D-BF50A324C28B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA79EC06-C567-42A1-AAE0-50164102B215} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {EA84A885-3EB2-458C-B491-CA4A8E401E5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7332E30-9A5B-4493-9C76-63B46D063A71} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\PrxerNsp.dll [87024 2018-08-15] (Initeks, OOO -> )
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 19 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [101872 2018-08-15] (Initeks, OOO -> )
Winsock: Catalog9-x64 01 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 02 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 03 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 04 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 19 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Tcpip\..\Interfaces\{439b2978-f3be-4db9-ac38-1b49c02bef79}: [DhcpNameServer] 10.9.0.1
Tcpip\..\Interfaces\{c4ccf9f0-a6c4-4007-b748-732581af7498}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-06-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-06-15] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: dme0aon1.default
FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\dme0aon1.default [2020-06-25]
FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release [2020-07-24]
FF user.js: detected! => C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release\user.js [2020-07-23]
FF NewTab: Mozilla\Firefox\Profiles\tidurm40.default-release -> about:blank
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-15] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR Profile: C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default [2020-08-14]
CHR Notifications: Default -> hxxps://fullsend.com; hxxps://mail.protonmail.com; hxxps://www.reddit.com
CHR Extension: (Slides) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-15]
CHR Extension: (Docs) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-15]
CHR Extension: (Google Drive) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-15]
CHR Extension: (YouTube) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-15]
CHR Extension: (uBlock Origin) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-07-25]
CHR Extension: (Sheets) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-15]
CHR Extension: (Google Docs Offline) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-08-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-06-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-15]
CHR Extension: (Gmail) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"BEDaisy" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\BEDaisy => \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys <==== ATTENTION (Rootkit!/Locked Service)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-06-11] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [6107840 2020-08-03] (Int3 Software AB -> Int3 Software AB)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [18888544 2020-07-27] (FACE IT LIMITED -> )
R2 MullvadVPN; C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe [8993064 2020-06-25] (Amagicom AB -> Mullvad VPN AB)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510648 2020-08-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3464000 2020-08-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [284760 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [6008904 2020-07-01] (Red Giant LLC -> Red Giant LLC)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-06] (Razer USA Ltd. -> Razer Inc.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-08-06] (SteelSeries ApS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9754048 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57368 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47232 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164840 2019-05-10] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 EQU8_HELPER_13; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_13.sys [38080 2020-08-03] (Int3 Software AB -> )
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [10184056 2020-07-28] (FACE IT LIMITED -> )
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\System32\drivers\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48936 2020-07-29] (SteelSeries ApS -> SteelSeries ApS)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tapmullvad0901; C:\WINDOWS\System32\drivers\tapmullvad0901.sys [39616 2020-02-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237840 2020-07-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247232 2020-07-11] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5395880 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-06-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-08-14 19:14 - 2020-08-14 19:14 - 000000000 ____D C:\FRST
2020-08-11 03:34 - 2020-08-11 03:34 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2020-08-11 03:34 - 2020-08-11 03:34 - 000001199 _____ C:\ProgramData\Desktop\Apex Legends.lnk
2020-08-11 03:34 - 2020-08-11 03:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2020-08-11 03:34 - 2020-08-11 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2020-08-11 03:17 - 2020-08-14 16:03 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-08-11 03:13 - 2020-08-14 19:15 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Origin
2020-08-11 03:13 - 2020-08-14 16:03 - 000000000 ____D C:\Users\ciara\AppData\Local\Origin
2020-08-11 03:13 - 2020-08-14 16:03 - 000000000 ____D C:\ProgramData\Origin
2020-08-11 03:13 - 2020-08-14 16:03 - 000000000 ____D C:\Program Files (x86)\Origin
2020-08-11 03:13 - 2020-08-11 03:35 - 000000000 ____D C:\ProgramData\Electronic Arts
2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.QtWebEngineProcess
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.Origin
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2020-08-11 02:42 - 2020-08-11 02:32 - 753234116 _____ C:\Users\ciara\Desktop\Render.mp4
2020-08-11 02:18 - 2020-08-11 02:19 - 000000000 ____D C:\Users\ciara\AppData\Roaming\ExitLag
2020-08-11 02:17 - 2020-08-11 02:18 - 000000000 ____D C:\Users\ciara\AppData\Local\ExitLag
2020-08-11 02:15 - 2020-08-11 02:24 - 000000000 ____D C:\Program Files (x86)\ExitLag
2020-08-11 02:15 - 2018-04-11 08:42 - 000048640 _____ (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME) C:\WINDOWS\system32\Drivers\ndextlag.sys
2020-08-07 21:07 - 2020-08-07 21:07 - 000001810 _____ C:\Users\ciara\Desktop\NordVPN.lnk
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\NordVPN
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordSec
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\Program Files\NordVPN
2020-08-07 21:07 - 2020-07-10 15:32 - 000038608 _____ (TEFINCOM S.A.) C:\WINDOWS\system32\Drivers\nordlwf.sys
2020-08-05 00:13 - 2020-08-05 00:13 - 000000000 ____D C:\Users\ciara\VirtualBox VMs
2020-08-04 22:51 - 2020-08-07 17:08 - 000000000 ____D C:\Users\ciara\.VirtualBox
2020-08-04 22:51 - 2020-08-07 16:40 - 000000000 ____D C:\ProgramData\VirtualBox
2020-08-04 22:50 - 2020-08-04 22:50 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2020-08-04 22:50 - 2020-08-04 22:50 - 000001149 _____ C:\ProgramData\Desktop\Oracle VM VirtualBox.lnk
2020-08-04 22:50 - 2020-08-04 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2020-08-04 22:50 - 2020-08-04 22:50 - 000000000 ____D C:\Program Files\Oracle
2020-08-04 22:50 - 2020-07-11 11:47 - 001030096 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2020-08-04 22:50 - 2020-07-11 11:47 - 000187456 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2020-08-03 22:23 - 2020-08-03 22:27 - 000038080 _____ C:\WINDOWS\system32\Drivers\EQU8_HELPER_13.sys
2020-08-03 22:23 - 2020-08-03 22:24 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Diabotical
2020-08-03 22:23 - 2020-08-03 22:23 - 000000000 ____D C:\ProgramData\EQU8
2020-08-03 20:43 - 2020-08-03 20:43 - 000000295 _____ C:\Users\ciara\Desktop\Diabotical.url
2020-08-02 17:11 - 2020-08-02 17:11 - 000000910 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-08-02 17:11 - 2020-08-02 17:11 - 000000862 _____ C:\Users\ciara\Desktop\Start Tor Browser.lnk
2020-08-02 17:04 - 2020-08-02 17:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-08-02 16:56 - 2020-08-02 16:56 - 000000000 ____D C:\Users\ciara\Desktop\Tor Browser
2020-08-01 22:25 - 2020-08-01 22:25 - 000000825 _____ C:\Users\ciara\Desktop\ShareX.lnk
2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\Program Files\ShareX
2020-07-28 21:10 - 2020-07-28 21:10 - 010184056 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2020-07-28 21:10 - 2020-07-28 21:10 - 000000000 ____D C:\Users\ciara\AppData\Local\FACEIT
2020-07-28 21:09 - 2020-07-30 22:22 - 000000000 ____D C:\Users\ciara\AppData\Local\FACEITApp
2020-07-28 21:09 - 2020-07-28 21:12 - 000000000 ____D C:\Program Files\FACEIT AC
2020-07-28 21:09 - 2020-07-28 21:09 - 000000892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2020-07-28 21:09 - 2020-07-28 21:09 - 000000880 _____ C:\Users\Public\Desktop\FACEIT AC.lnk
2020-07-28 21:09 - 2020-07-28 21:09 - 000000880 _____ C:\ProgramData\Desktop\FACEIT AC.lnk
2020-07-28 01:22 - 2020-07-28 01:22 - 000000222 _____ C:\Users\ciara\Desktop\Grand Theft Auto V.url
2020-07-26 02:35 - 2020-07-26 02:35 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Statespace
2020-07-23 06:08 - 2020-07-23 06:08 - 000223320 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2020-07-23 06:06 - 2020-07-23 06:06 - 000197720 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2020-07-22 23:10 - 2020-07-22 23:10 - 000022832 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_126953333375267.dll
2020-07-22 23:10 - 2020-07-22 23:10 - 000000000 ____D C:\Users\ciara\AppData\Local\RogueCompany
2020-07-22 23:10 - 2020-07-22 23:10 - 000000000 ____D C:\Users\ciara\AppData\Local\Epic Games
2020-07-22 23:09 - 2020-07-22 23:09 - 000000283 _____ C:\Users\ciara\Desktop\Rogue Company.url
2020-07-22 22:52 - 2020-07-29 20:08 - 000305376 _____ (SteelSeries) C:\WINDOWS\system32\engineco.dll
2020-07-22 06:22 - 2020-07-28 21:14 - 000000000 ____D C:\Users\ciara\AppData\Local\log
2020-07-21 13:45 - 2020-08-14 16:03 - 000000000 ____D C:\Users\ciara\AppData\Roaming\FACEIT
2020-07-21 13:45 - 2020-07-28 21:09 - 000002190 _____ C:\Users\ciara\Desktop\FACEIT.lnk
2020-07-21 13:45 - 2020-07-28 21:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2020-07-20 21:04 - 2020-07-20 21:04 - 000000000 ____D C:\Users\ciara\Desktop\New folder (7)
2020-07-20 20:58 - 2020-07-20 21:04 - 000000000 ____D C:\Users\ciara\AppData\Roaming\MAXON
2020-07-20 19:45 - 2020-07-20 19:45 - 000995748 _____ C:\WINDOWS\Minidump\072020-4906-01.dmp
2020-07-20 19:31 - 2020-07-20 19:31 - 000689788 _____ C:\WINDOWS\Minidump\072020-4718-01.dmp
2020-07-20 19:25 - 2020-07-20 19:25 - 000930516 _____ C:\WINDOWS\Minidump\072020-4812-01.dmp
2020-07-20 19:00 - 2020-07-20 19:00 - 000000946 _____ C:\Users\Public\Desktop\CPUID CPU-Z MSI.lnk
2020-07-20 19:00 - 2020-07-20 19:00 - 000000946 _____ C:\ProgramData\Desktop\CPUID CPU-Z MSI.lnk
2020-07-20 18:57 - 2020-07-20 19:45 - 868960610 _____ C:\WINDOWS\MEMORY.DMP
2020-07-20 18:57 - 2020-07-20 19:31 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-20 18:57 - 2020-07-20 18:57 - 000867236 _____ C:\WINDOWS\Minidump\072020-4890-01.dmp
2020-07-18 01:47 - 2020-07-19 03:48 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\MCC
2020-07-18 01:47 - 2020-07-18 01:47 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\UnrealEngine
2020-07-18 01:43 - 2020-07-18 01:43 - 000000222 _____ C:\Users\ciara\Desktop\Halo The Master Chief Collection.url
2020-07-16 21:46 - 2020-07-16 21:46 - 000000000 ____D C:\ProgramData\Intel
2020-07-16 21:43 - 2020-07-08 04:45 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-07-16 21:39 - 2020-07-07 16:47 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-07-16 21:39 - 2020-07-07 16:47 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-07-16 21:39 - 2020-07-07 16:47 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-07-16 21:39 - 2020-07-07 16:47 - 001086680 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 001086680 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-07-16 21:39 - 2020-07-07 16:47 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-07-16 21:39 - 2020-07-07 16:46 - 000674016 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-07-16 21:39 - 2020-07-07 16:46 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 006652824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 005883288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 003901680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 002367728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 001569688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 001486736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 000816360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 000670608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 000581864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-07-16 21:39 - 2020-07-07 16:45 - 000555920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-07-16 21:39 - 2020-07-07 16:45 - 000444824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-07-16 21:39 - 2020-07-07 16:44 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-07-16 21:39 - 2020-07-07 16:44 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-07-16 21:39 - 2020-07-06 01:40 - 000078796 _____ C:\WINDOWS\system32\nvinfo.pb
2020-07-16 18:04 - 2020-07-16 18:04 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-07-16 17:59 - 2020-08-02 12:48 - 000000000 ____D C:\Users\ciara\AppData\Roaming\steelseries-engine-3-client
2020-07-16 17:58 - 2020-08-02 12:42 - 000000000 ____D C:\ProgramData\SteelSeries
2020-07-16 17:58 - 2020-07-24 18:04 - 000000000 ____D C:\Program Files\SteelSeries
2020-07-16 17:58 - 2020-07-16 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2020-07-15 22:50 - 2020-07-20 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2020-07-15 22:50 - 2020-07-20 19:00 - 000000000 ____D C:\Program Files\CPUID
2020-07-15 22:50 - 2020-07-15 22:50 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2020-07-15 22:50 - 2020-07-15 22:50 - 000000975 _____ C:\ProgramData\Desktop\CPUID HWMonitor.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-08-14 19:14 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Discord
2020-08-14 19:14 - 2020-06-10 15:44 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-14 19:04 - 2020-06-10 16:32 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-08-14 18:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-14 16:49 - 2020-06-10 16:11 - 000000000 ____D C:\Program Files (x86)\Steam
2020-08-14 16:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-14 16:18 - 2020-07-12 21:36 - 000000048 _____ C:\WINDOWS\system32\perfdish001.dat
2020-08-14 16:10 - 2020-06-10 15:40 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-14 16:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-08-14 16:03 - 2020-07-10 11:55 - 000000000 ____D C:\ProgramData\Mullvad VPN
2020-08-14 16:03 - 2020-06-29 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-08-14 16:03 - 2020-06-10 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-14 16:03 - 2020-06-10 23:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-08-14 16:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-08-14 05:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-13 19:03 - 2020-06-10 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-13 00:27 - 2020-06-10 16:00 - 000000000 ____D C:\Users\ciara\AppData\Local\Battle.net
2020-08-11 03:35 - 2020-06-11 22:29 - 000000000 ____D C:\Users\ciara\AppData\Roaming\EasyAntiCheat
2020-08-11 03:31 - 2020-06-15 15:14 - 000000000 ____D C:\Users\ciara\AppData\Roaming\vlc
2020-08-11 03:20 - 2020-06-11 16:40 - 000000000 ____D C:\Users\ciara\AppData\Roaming\TS3Client
2020-08-11 03:13 - 2020-06-10 15:46 - 000000000 ____D C:\Users\ciara\AppData\Local\D3DSCache
2020-08-11 03:13 - 2020-06-10 15:39 - 000000000 ____D C:\Users\ciara
2020-08-08 08:28 - 2020-07-06 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-08-08 08:28 - 2020-07-06 16:42 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-08-07 21:07 - 2020-06-15 20:56 - 000000000 ____D C:\Users\ciara\AppData\Local\NordVPN
2020-08-06 18:21 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Local\Discord
2020-08-06 18:20 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-05 19:56 - 2020-06-10 15:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3266006208-3946979777-4142415845-1001
2020-08-05 19:56 - 2020-06-10 15:42 - 000000000 ___RD C:\Users\ciara\OneDrive
2020-08-05 19:56 - 2020-06-10 15:39 - 000002367 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-04 18:55 - 2020-06-25 15:28 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Mozilla
2020-08-04 12:40 - 2020-06-10 15:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-08-03 19:10 - 2020-06-11 00:41 - 000000000 ____D C:\Program Files\Epic Games
2020-08-03 01:11 - 2020-06-10 16:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-08-02 12:42 - 2020-06-10 18:03 - 000000000 ____D C:\Users\ciara\AppData\Local\cache
2020-07-31 16:53 - 2020-06-27 20:20 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Blitz
2020-07-31 16:51 - 2020-06-27 20:20 - 000002239 _____ C:\Users\ciara\Desktop\Blitz.lnk
2020-07-29 20:08 - 2019-12-23 17:53 - 000048936 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2020-07-28 21:09 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Local\SquirrelTemp
2020-07-27 02:30 - 2020-07-10 11:55 - 000000000 ____D C:\Users\ciara\AppData\Local\Mullvad VPN
2020-07-25 14:23 - 2020-06-28 22:20 - 000000000 ____D C:\Users\ciara\AppData\Local\CrashDumps
2020-07-24 21:17 - 2020-06-10 16:54 - 000000000 ____D C:\Users\ciara\.dbus-keyrings
2020-07-24 21:05 - 2020-06-25 15:27 - 000000000 ____D C:\Users\ciara\Desktop\New folder
2020-07-23 21:49 - 2020-06-10 15:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-19 01:07 - 2020-07-01 22:50 - 000000000 ____D C:\Users\ciara\AppData\Roaming\slobs-client
2020-07-17 12:40 - 2020-06-10 16:52 - 000000000 ____D C:\Users\ciara\AppData\Local\NVIDIA
2020-07-16 21:45 - 2020-06-10 15:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-07-16 21:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-16 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-16 09:28 - 2020-06-10 15:40 - 000018486 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-16 09:28 - 2020-06-10 15:40 - 000017600 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-16 09:28 - 2020-06-10 15:40 - 000011708 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-16 04:57 - 2020-07-06 16:40 - 000000000 ____D C:\Program Files (x86)\Razer
2020-07-16 03:49 - 2020-06-10 17:51 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-15 15:40 - 2020-07-06 18:20 - 000000000 ____D C:\Users\ciara\AppData\Local\Ubisoft Game Launcher
==================== Files in the root of some directories ========
2020-07-03 07:56 - 2020-07-03 07:56 - 000007604 _____ () C:\Users\ciara\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by ciara (14-08-2020 19:15:12)
Running from D:\Downloads
Windows 10 Pro Version 2004 19041.329 (X64) (2020-06-10 14:38:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3266006208-3946979777-4142415845-500 - Administrator - Disabled)
ciara (S-1-5-21-3266006208-3946979777-4142415845-1001 - Administrator - Enabled) => C:\Users\ciara
DefaultAccount (S-1-5-21-3266006208-3946979777-4142415845-503 - Limited - Disabled)
Guest (S-1-5-21-3266006208-3946979777-4142415845-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3266006208-3946979777-4142415845-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2_1) (Version: 9.2.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.4.1 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BleachBit 4.0.0.1628 (HKLM-x32\...\BleachBit) (Version: 4.0.0.1628 - BleachBit)
Blender (HKLM\...\{0294B421-9B23-49AE-917C-B62EF6D42E8B}) (Version: 2.83.1 - Blender Foundation)
Blitz 1.10.41 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.10.41 - Blitz Inc.)
BorisFX Sapphire OFX (HKLM\...\GenArts Sapphire OFX_is1) (Version: 11.0 - Team V.R)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z MSI 1.92 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.92 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\FACEITApp) (Version: 1.24.1 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FileZilla Client 3.48.1 (HKLM-x32\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
FTBApp 202006271817-a3b3b73d4c-release (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\1726-2696-9539-5278) (Version: 202006271817-a3b3b73d4c-release - CreeperHost LTD)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - )
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v13.0.17) (Version: - Red Giant LLC)
Mailspring (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Mailspring) (Version: 1.7.8 - Foundry 376, LLC)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft OneDrive (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.45.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
Mullvad VPN 2020.5.0 (HKLM\...\{2A356FD4-03B7-4F45-99B4-737BE580DC82}) (Version: 2020.5.0 - Mullvad VPN)
Mullvad-Wintun (HKLM\...\{3F8BDD2B-DF33-4D58-9963-6236A41BE905}) (Version: 1.0 - Amagicom AB) Hidden
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 6.1.12 (HKLM\...\{BD4C2875-9059-4C94-A7B5-493A538AC180}) (Version: 6.1.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.80.42860 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Proxifier version 3.42 (HKLM-x32\...\Proxifier_is1) (Version: 3.42 - Initex)
Python 3.8.3 (32-bit) (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\{6f6f2a2d-6475-4359-bc65-b2cf464bd085}) (Version: 3.8.3150.0 - Python Software Foundation)
Python 3.8.3 Core Interpreter (32-bit) (HKLM-x32\...\{D3A7FDC5-BA4E-44FC-8822-800226B81C71}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Development Libraries (32-bit) (HKLM-x32\...\{EA35D9DB-86A9-4705-9D15-7FE33E261450}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Documentation (32-bit) (HKLM-x32\...\{BAF129CE-5C13-4383-9807-A44055644E08}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Executables (32-bit) (HKLM-x32\...\{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 pip Bootstrap (32-bit) (HKLM-x32\...\{4ADFAA3D-1670-4161-A64A-83535B6D78C6}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Standard Library (32-bit) (HKLM-x32\...\{26B2CC8C-1492-437D-B27A-655AFB3647DE}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Test Suite (32-bit) (HKLM-x32\...\{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Utility Scripts (32-bit) (HKLM-x32\...\{14A8B424-0141-4E46-A1E2-548DF8349BB7}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0730.072314 - Razer Inc.)
ReelSmart Motion Blur v5 for After Effects and Premiere Pro (HKLM\...\ReelSmart Motion Blur v5 for After Effects and Premiere Pro 5.1.8) (Version: 5.1.8 - RE:Vision Effects)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.1.0 - ShareX Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.3 - SteelSeries ApS)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\WinDirStat) (Version: - )
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-06-25] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.40.3.0_x86__kgqvnymyfvs32 [2020-06-25] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-15] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-06-15] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0 [2020-07-05] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-06-11 00:38 - 2020-06-11 00:38 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-08-11 03:13 - 2020-08-11 03:13 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2020-08-11 03:13 - 2020-08-11 03:13 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2020-06-10 16:05 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2020-08-11 03:13 - 2020-08-11 03:13 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-11 03:13 - 2020-08-11 03:13 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-07-01 18:13 - 2020-07-01 18:13 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Red Giant\Services\LIBEAY32.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2020-08-11 03:13 - 2020-08-11 03:13 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2020-08-11 03:13 - 2020-08-11 03:13 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-14 16:03 - 2020-08-11 03:13 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2020-07-24 21:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\Mullvad VPN\resources;
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\ddvv6rp-082eda72-41c9-489c-9545-aa18121b8def.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Mullvad: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Mullvad: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\StartupFolder: => "Mailspring.lnk"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "WallpaperEngine"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{89CDB862-56E6-4081-8963-EB9756EDCEA2}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{8C46E5DB-22E3-4F9E-BA97-0968EDDDD874}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{746403A2-89F6-4EC4-9B5F-83D425F46D9D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{AF3B37EB-F2CB-4559-B070-D89D352C59BA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{F7D40FA6-EF18-4688-862A-5C5E95A3BADD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1CB03558-1C17-4BF1-A1F3-E89E3E57870E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AF15FEBD-CE73-48D0-A39B-C28032C65C48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6E405BC8-3D89-4B75-9954-CE63FE539AFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2813E4B-8B24-4399-BE6D-29551E206D87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3D5A8AE-CDA2-4A1B-8169-285C542A6F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{169A236E-905E-4F2B-A40F-328737459CF3}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{611C74AC-F549-4E62-9AE5-65AF50AF67B5}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D1AF23FB-76EC-4C45-A3AC-BB7CCF135614}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{A6722C37-7908-4677-95AB-375B092C9DC8}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [TCP Query User{7F802E8D-8000-4391-888C-1933CCB90F4A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{AE07A41D-4A2A-4315-9EC6-A062CE76C87A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{3E7BDC12-66BD-4527-AA02-E8EF3DAB3420}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{B8C7B440-AB31-4E53-AD2C-2B1BFFFF2C4B}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{623410C7-2BBC-401B-AAD5-F10A07209DE7}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{2E797113-5775-4838-B654-7910CAD13736}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{6F52C3F7-0C87-47A9-AD4B-859132ECD403}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{619CDEE3-93CA-405A-8933-9FB237BC12A5}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{317BE8F6-E978-4943-9D47-3A51DA5943B4}] => (Allow) C:\Users\ciara\Desktop\New folder\Client.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{19A71299-11D0-4780-AA6D-02EF643FE574}] => (Allow) C:\Users\ciara\Desktop\New folder\forward.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{9E412DAA-46F6-47BE-975B-130BAB2470A5}] => (Allow) C:\Users\ciara\Desktop\New folder\Lineupd.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{23D9B8E0-6BF7-4E9B-B8E7-187623D9A40F}] => (Allow) C:\Users\ciara\Desktop\New folder\newforward.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{C765881B-0A24-4E78-A705-441FFAA9CC38}] => (Allow) C:\Users\ciara\Desktop\New folder\newsocket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{48B621F8-9019-4DA2-A36A-8863AFBB4907}] => (Allow) C:\Users\ciara\Desktop\New folder\socket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{CF107EF8-73CF-486E-B444-5720CA7015BA}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\ProxyAPI.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{BDAAD038-1B63-4F78-B450-EF4DB1D66B7F}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\Monitor.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{7F982A48-4EDD-4493-8CE8-5DAE14FE215C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{248A39A7-3A0D-4203-A9D7-CC5D5112BB8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{7B891A83-091A-4D4E-9FFB-721AE0DA1F71}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{48F6A267-A603-41BE-8997-9619869888B7}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{EE159C03-A0BA-4D83-AB42-458258B44CBC}C:\users\ciara\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\ciara\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{C9422D42-7DF7-4606-A413-23298C7B2C6E}C:\users\ciara\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\ciara\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{684FE636-18BA-4AC0-AB56-35BC8A1DD0C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{869B63CD-6674-471C-A3B7-F75B8D516F5B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0593319-76BF-4A76-A594-AA554BC41FFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{42EC252C-34DA-4052-9D19-5E618838FD47}C:\users\ciara\.ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\ciara\.ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{341AB953-18C8-44B1-BC3A-D0C041BEE18C}C:\users\ciara\.ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\ciara\.ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{1EE6ABBF-A767-4CD6-9CD0-FA524DBCF387}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{F5D1BDF7-30F9-4BDC-AC63-0C280D8E2ACE}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{6F68B01B-8939-4EFE-8A97-FCA2328F5F35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B719BE31-320A-4812-9603-B63E639C85C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7AE48087-028B-4FFF-A58B-10D4FC542E36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F29FBBA-53D7-41D5-84EA-2C95DFB51B2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{89331BFC-8864-48BF-ADEC-5E5AFF48BCC9}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{543D5A27-6E49-4CAC-B1CC-BD1A15F5577C}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{6BE7EE71-7DCF-4647-A0FF-1A3A5DD301DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB01C202-E803-4E36-98A9-E70ADEAC47D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9C7D277-C3BB-4218-A11B-2035F0FB0115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AA45EA5-FD03-4388-92FA-312FCED0B686}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{157CAB00-E870-49C9-8878-3C74328AF763}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73858C5F-C49C-4117-AC67-A678450AFF8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{051D58A5-64E8-4B63-B53D-11CA2AF67B72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D82ABFEA-4D2D-424C-A97A-A149359FF9C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C6FAD4CE-20B5-447E-9257-D9C58D190DDA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{62C123C0-696B-4245-BFBF-6A3D5416385F}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AAE4DD9A-6561-4DB4-A41F-8045CB8A3C93}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{5482F7F6-EFE6-4451-8C64-0605F9CDBE45}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AE202ACE-38E9-40AC-9CD5-18C84554DEEE}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2C59E271-0ECC-4360-BEB6-376316F338B3}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{A269CDF7-CD14-44CF-A297-B26D15956F85}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [{3A3FDCE3-DF1D-45F9-9CCD-4498A8633B54}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{941ECEEC-1743-4335-90E6-979920D1147E}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0E180A44-6E58-4837-98E2-12BDB6236FCB}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6DF95C9B-8C00-461D-97EC-1F55ACDC08A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{646E92F4-0927-4BDD-962A-5369C736221E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D7FA545-68DB-4F27-B65F-49709D78AAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DCD6689-D37A-4AD1-9E13-155FDE7BD25E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{127362C5-AF5B-4C11-9942-9599370EC359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0DD80E6A-4175-4A12-8DE9-363DBAD7AAEA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37FCB7FF-C4B7-4F95-A532-A58AF1F6072D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8F6460FB-1D24-401B-859F-0F763AEEB529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5860DC40-67CE-4A6A-957B-72F8C7452AC9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B0C60894-27E6-4503-A1E1-345848499370}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{174DD1C4-B525-4FF3-BBE5-D060EC47FBA9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{CC4D1732-9001-41CF-9ACE-77700CD24466}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{6274AA14-B90E-4748-BBA7-7A2484AC18AC}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E48465AA-4C70-4780-8384-27A915DCDBF7}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [{2F987F1E-79A6-4EE1-9456-A727E8C8BF0A}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{DB0CAC54-4D47-4D83-BA0B-E2B2B91BC4F0}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{FFB3AD7E-1C94-40B6-A61A-AFA522024C0F}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{410F46B3-C2AD-4E7D-967F-072CB3297546}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04DE6697-CC2C-4B50-9886-7011F0174526}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{9BB32F98-664E-446A-A465-77591034CAA2}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{D2818E51-C707-436E-A40D-A53E0FF7AA14}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{25086979-F826-4485-AEE5-769AC9445FA9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{E9209C0A-FC96-4FF2-9066-6B3668797048}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8C0AA6EA-2023-47F6-918A-32743026D697}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E58D832D-3D60-4708-98B7-E56FD1D5DA24}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{5248A18B-C468-417A-8E75-A0293ACE7993}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{72D527AA-3C8C-489A-8D74-D27D98399993}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe (Microsoft Corporation) [File not signed]
==================== Restore Points =========================
23-07-2020 21:49:22 Installed DirectX
31-07-2020 18:01:24 Scheduled Checkpoint
04-08-2020 22:50:35 Installed Oracle VM VirtualBox 6.1.12
11-08-2020 03:34:23 Installed DirectX
==================== Faulty Device Manager Devices ============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/13/2020 06:27:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Storage homie (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (08/11/2020 04:14:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.8.3.55, time stamp: 0x5f191b5d
Faulting module name: ucrtbase.dll, version: 10.0.19041.1, time stamp: 0x587bd36d
Exception code: 0xc0000409
Fault offset: 0x0009d132
Faulting process id: 0x3130
Faulting application start time: 0x01d66f8d7517f6da
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 03d3dbdd-9db1-408b-a4e1-096d0a43ab1e
Faulting package full name:
Faulting package-relative application ID:
Error: (08/11/2020 04:11:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.8.3.55, time stamp: 0x5f191b5d
Faulting module name: ucrtbase.dll, version: 10.0.19041.1, time stamp: 0x587bd36d
Exception code: 0xc0000409
Fault offset: 0x0009d132
Faulting process id: 0x11a0
Faulting application start time: 0x01d66f8d2ae08db7
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 5e8a6cdc-5f60-4802-b19e-b9380ed7d9ba
Faulting package full name:
Faulting package-relative application ID:
Error: (08/11/2020 03:47:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.8.3.55, time stamp: 0x5f191b5d
Faulting module name: ucrtbase.dll, version: 10.0.19041.1, time stamp: 0x587bd36d
Exception code: 0xc0000409
Fault offset: 0x0009d132
Faulting process id: 0x1310
Faulting application start time: 0x01d66f89c44f3485
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 7a21c631-a4b4-4115-a8f3-a74ab2205437
Faulting package full name:
Faulting package-relative application ID:
Error: (08/11/2020 03:46:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (08/11/2020 03:46:56 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (08/11/2020 03:38:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program r5apex.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1858
Start Time: 01d66f88762d42c3
Termination Time: 7
Application Path: C:\Program Files (x86)\Origin Games\Apex\r5apex.exe
Report Id: 36f70e1a-cc15-46d6-a5a7-201d3050a8ae
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (08/11/2020 03:38:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program r5apex.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 265c
Start Time: 01d66f880b9ecdb3
Termination Time: 8
Application Path: C:\Program Files (x86)\Origin Games\Apex\r5apex.exe
Report Id: bdf34484-0d7a-4122-88c0-28823e7c0d33
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
System errors:
=============
Error: (08/14/2020 07:07:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (08/14/2020 07:05:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (08/14/2020 07:05:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (08/14/2020 07:03:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (08/14/2020 07:03:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (08/14/2020 07:01:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (08/14/2020 07:01:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (08/14/2020 06:59:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Windows Defender:
===================================
Date: 2020-06-18 16:05:24.2970000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {F91B9DDC-992F-494C-B810-80FF3E9CBF6C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-07-06 16:45:34.3780000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2020-08-14 19:04:49.0170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 19:04:49.0150000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:48:20.7010000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:48:20.6980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:16:24.4340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:16:24.4290000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:04:48.7750000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-14 18:04:48.7710000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.A0 07/22/2016
Motherboard: MSI Z170A GAMING M5 (MS-7977)
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 38%
Total physical RAM: 16343.59 MB
Available physical RAM: 10112.43 MB
Total Virtual: 20695.59 MB
Available Virtual: 9964.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.44 GB) (Free:52.74 GB) NTFS
Drive d: (Storage homie) (Fixed) (Total:1863.01 GB) (Free:780.12 GB) NTFS
\\?\Volume{07edae41-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{07edae41-0000-0000-0000-903b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D34B90AC)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 07EDAE41)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
==================== End of Addition.txt =======================
Sign In
Create Account
