Sometimes my laptop just gets extremely slow and unusable which makes me have to manually restart it for it to start working again.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by tehke (administrator) on LAPTOP-D982FIHM (LENOVO 82N6) (15-03-2023 00:50:31)
Running from C:\Users\tehke\Desktop
Loaded Profiles: tehke
Platform: Microsoft Windows 11 Home Version 22H2 22621.1413 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Users\tehke\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.EyeX.Interaction.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.5900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe <6>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(D:\Downloads\MB\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Downloads\MB\mbamtray.exe
(D:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Discord Inc. -> Discord Inc.) C:\Users\tehke\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe
(explorer.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Windows\System32\RZTHXHelper.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Ryochan7) [File not signed] D:\Downloads\DS4\DS4Windows\DS4Windows.exe
(explorer.exe ->) (ShareX Team) [File not signed] D:\Program Files\ShareX\ShareX.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(services.exe ->) (Keepsolid Inc. -> KeepSolid Inc.) D:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Downloads\MB\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_e80f65c4535abb35\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZTHXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e879bbabfd265223\RtkAudUService64.exe <2>
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.5900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e879bbabfd265223\RtkAudUService64.exe [1342856 2021-11-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3069768 2022-04-08] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe [385264 2020-04-26] (Razer USA Ltd. -> )
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe [2740872 2022-11-21] (iMobie Inc. -> iMobie Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-02-10] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630536 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [Discord] => C:\Users\tehke\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-22] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [Opera GX Stable] => C:\Users\tehke\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-03-01] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tehke\AppData\Local\Microsoft\Teams\Update.exe [2587432 2023-03-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [EpicGamesLauncher] => E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\tehke\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [MicrosoftEdgeAutoLaunch_5336C2924B55FD107B3D46AF0B1AC178] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe [2740872 2022-11-21] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [576136 2022-11-21] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-05] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630536 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\terry\AppData\Local\Microsoft\Teams\Update.exe [2587432 2023-03-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [MicrosoftEdgeAutoLaunch_9CE861ED124B1A707734DA2D6DCB9C85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [EpicGamesLauncher] => E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-05] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe [2740872 2022-11-21] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [576136 2022-11-21] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-22] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [165200 2023-02-07] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Run: [RzAppEngine] => C:\Program Files\Razer\RzAppEngine\rzappengine.exe [1641840 2021-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1006\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630536 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1006\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-22] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3252700674-1244316876-1502611229-1006\...\Run: [MicrosoftEdgeAutoLaunch_9E340A4B8FFE17B011AC7F2648A3CF2E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-22] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\Razer\RzAppEngine\1.49.0.0\Installer\chrmstp.exe [2023-02-23] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-13] (Google LLC -> Google LLC)
Startup: C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2022-04-14]
ShortcutTarget: DS4Windows.lnk -> D:\Downloads\DS4\DS4Windows\DS4Windows.exe (Ryochan7) [File not signed]
Startup: C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2022-04-01]
ShortcutTarget: ShareX.lnk -> D:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0349AD3E-6B03-4253-8074-8EEB01830EB0} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [844400 ] (A-Volute SAS -> Nahimic)
Task: {0360F5CE-8161-4907-903E-DB705B6AB7C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {11617D12-4B3C-4AF4-8F38-A30A4BC5E5AA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {14228127-AB65-47BC-80FE-3EA67850F495} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141240 2023-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {165C51FE-88FC-46F5-86EE-C8174ED4A1EE} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1AE370FD-A53C-401A-9B13-334C7FEE2391} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1C319FDD-C11F-4D5E-ACC2-626F2FA42656} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {1CF780B9-1251-43EE-9815-093751E6C2A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864416 2022-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DB03838-AC13-4D55-AFB5-5309F3C80271} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-02-10] (Razer USA Ltd. -> Razer Inc.)
Task: {1EC80690-9638-4649-BB54-4D0BD6A5D445} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11dafbc5-3d59-4a3a-916d-c2129dd93bf3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {32A0AB69-654E-46A4-A776-32CC92D5F697} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {35F23AB2-9573-4A81-8425-0BC0F5FC8D06} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {419BC390-EEE3-4234-9622-9D37FB15F466} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45D7879C-FDC7-4679-9BD1-EE1D425E5C50} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90832 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {49808836-B352-4372-B7A6-80B9F375AEB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B1D506F-45FB-4476-B34E-FFBB79BE8631} - System32\Tasks\Opera GX scheduled Autoupdate 1650357760 => C:\Users\tehke\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-03-01] (Opera Norway AS -> Opera Software)
Task: {4B712A5F-E082-4E41-AFF3-912B11965DBB} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-03-29] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {517C63D5-B447-478B-922E-93B03C6E5474} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {53D05616-639E-43A9-8648-B85872A45B05} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141240 2023-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ED7219D-85A6-4CDB-BE89-4037669AFE99} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b9e2b2ec-0be3-4b0d-b8b4-38499ff14efe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5F1A05D1-AEAA-4C4C-BC5B-B29E56186078} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1105520 2022-03-29] (A-Volute SAS -> Nahimic)
Task: {5F8C073C-004B-47E6-83B5-217BFC5C63E0} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {614A7E5B-2203-4B05-BAA5-F9FBBD7CAD56} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {62B172AE-A7DF-4EC2-9B9B-F8B0068C227B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {6DCB43A0-72BF-4298-B84D-57C2475CCD8B} - System32\Tasks\GoogleUpdateTaskMachineUA{8AD28AD5-EAB6-431B-A7FA-62BD323D9B73} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-24] (Google LLC -> Google LLC)
Task: {6EDBA1BC-0B71-4A64-B3AA-BAE60375919A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {826BFBC3-251B-4AF2-8332-BB76EC6C7194} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85ED6B01-E526-4A18-BBAA-25B20B50489B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\09dd2f03-d524-4c67-865b-5e8d2044adb8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {924A6861-0C9E-4510-8190-2B60DDBE6692} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {96483C33-E819-4B8E-B95C-C360AB782024} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7056328 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A6EF20A-8FC9-4AEE-A555-45C4AD5DA42B} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1652344982 => C:\Users\tehke\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-03-01] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\tehke\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {9C49309C-2145-4677-9F0B-9EC1CC2EB47E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B1E84A10-E97A-41B7-B569-1F9E742982D1} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1105520 ] (A-Volute SAS -> Nahimic)
Task: {B2BDDC0A-8A5E-49C5-A319-CA2201CE4E0F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ed1ba159-d063-43f9-ac70-323eab9aae71 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BA835612-6945-4E3E-8276-F8FE30374EAB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {BAA5ECDB-6946-453F-83FF-08043C6EF147} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7056328 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0523EA8-5DF0-4B5C-A016-A4D6343BA63A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3BB619D-B78D-4E24-B13B-53519C890E60} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864416 2022-12-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0CFFB3A-5F04-49A8-B7A4-3EA9B2D8BCD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D11D0626-DBCA-460D-BB9B-4BA1916A8285} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D29B03DE-FFB5-4387-84BD-364DA451D7FA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D3E59819-91B1-44FB-8266-5065662052E5} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [844400 2022-03-29] (A-Volute SAS -> Nahimic)
Task: {D6D59B16-9FB3-4CD3-AC71-A6F586B49E35} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D85FE556-B54E-4263-A5AB-A4E57E02FD84} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DF215273-1FF1-412F-BB17-5AB27CA4BE0B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E71BEE14-52AE-4C39-9DB5-3BC5F40854C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E91CA5CE-637F-4043-A1BD-54389D1C7883} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {E99C436B-F57E-4D2B-8E76-ADD70103F937} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F69C89C5-1D26-499B-9CC5-77A7B1898AAB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6E6D771-34AC-41FC-A339-87EB297F9A3E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8AF594B-5746-4B7E-9A21-9AD9ED0CD9E8} - System32\Tasks\GoogleUpdateTaskMachineCore{C4CC0640-D2FF-4F37-AE5A-0C9040B268C4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-24] (Google LLC -> Google LLC)
Task: {FA5EA007-4E22-4C52-BC4C-299C2E2B165C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBC7CDFC-012D-4254-B253-CAFC58AFCE94} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [186568 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3f438854-abf6-4678-8778-405ce82b3a9f}: [DhcpNameServer] 150.208.1.3
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{c439920d-0d92-4cbf-9a78-ff265fa201f0}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tehke\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-15]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\tehke\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-02-23]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default [2023-03-15]
CHR DownloadDir: D:\Downloads
CHR StartupUrls: Default -> "hxxp://google.ca/"
CHR Extension: (Scope by SellerLabs) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aifeflcmgbbjnkopdmliglhooofhgmld [2022-07-19]
CHR Extension: (BetterTTV) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-03-02]
CHR Extension: (MEGA) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2023-03-12]
CHR Extension: (Ban Checker for Steam) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2022-05-23]
CHR Extension: (Eno® from Capital One®) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2023-01-19]
CHR Extension: (Tampermonkey) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-27]
CHR Extension: (Google Docs Offline) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-15]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-24]
CHR Extension: (Coinbase Wallet extension) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfanknocfeofbddgcijnmhnfnkdnaad [2023-03-09]
CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2023-03-12]
CHR Extension: (Egrow.io Amazon Scout Extension) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickcnpogpccagkhpcmibbkmdlnhiepda [2023-01-12]
CHR Extension: (Imagus) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2022-03-24]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2022-12-28]
CHR Extension: (Behind The Overlay) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2022-03-24]
CHR Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2023-02-24]
CHR Extension: (Amazon Product Finder - AMZScout PRO) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\njopapoodmifmcogpingplfphojnfeea [2023-02-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-24]
CHR Extension: (Hover Zoom+) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2023-02-06]
CHR Profile: C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-07]
CHR Profile: C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-02]
CHR Extension: (Slides) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-02]
CHR Extension: (Docs) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-02]
CHR Extension: (Google Drive) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-02]
CHR Extension: (YouTube) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-02]
CHR Extension: (Sheets) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-02]
CHR Extension: (Gmail) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-02]
CHR Profile: C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-03]
CHR Extension: (Slides) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-03]
CHR Extension: (Docs) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-03]
CHR Extension: (Google Drive) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-03]
CHR Extension: (YouTube) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-03]
CHR Extension: (Sheets) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-03]
CHR Extension: (Google Docs Offline) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-03]
CHR Extension: (Gmail) - C:\Users\tehke\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-03]
CHR Profile: C:\Users\tehke\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001) Opera GXStable - "C:\Users\tehke\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9198496 2022-12-28] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588712 2023-02-10] (Razer USA Ltd. -> Razer Inc.)
R3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-08-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncHelper.exe [3412400 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; D:\Downloads\MB\MBAMService.exe [9002208 2023-03-01] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [856472 2023-03-02] (McAfee, LLC -> McAfee, LLC)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1930888 2022-03-29] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.043.0226.0001\OneDriveUpdaterService.exe [3795336 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1994664 2023-02-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [485296 2023-02-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2022-12-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2022-11-23] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [301576 2023-02-22] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-01] (Razer USA Ltd. -> Razer)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2023-03-01] (Razer USA Ltd. -> Razer Inc.)
R2 RzThxSrv; C:\WINDOWS\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-03-14] (Microsoft Windows -> Microsoft Corporation)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [223528 2021-05-05] (Tobii AB -> Tobii AB)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72912 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10569840 2022-04-08] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VPNUnlimitedService; D:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [48072 2023-01-09] (Keepsolid Inc. -> KeepSolid Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; D:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [29128 2023-01-09] (Keepsolid Inc. -> )
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [140376 2023-03-14] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e80f65c4535abb35\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e80f65c4535abb35\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-03-29] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 csaudio; C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_3abbd251e5a04b6f\csaudio.sys [322984 2022-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2022-03-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [64832 2021-08-25] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [286424 2022-05-14] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1439976 2022-05-15] (MEDIATEK INC. -> MediaTek Inc.)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [85144 2021-09-13] (A-Volute SAS -> Windows ® Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85144 2021-09-13] (A-Volute SAS -> Windows ® Win 7 DDK provider)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [245536 2022-06-16] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008a; C:\WINDOWS\System32\drivers\RzDev_008a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 sRZTHXSpatial; C:\WINDOWS\System32\drivers\RZTHXSpatial.sys [172024 2020-04-25] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8571048 2022-04-08] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-03-14] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-15 00:50 - 2023-03-15 00:50 - 000051469 _____ C:\Users\tehke\Desktop\FRST.txt
2023-03-15 00:47 - 2023-03-15 00:50 - 000000000 ____D C:\FRST
2023-03-15 00:47 - 2023-03-15 00:47 - 000000000 ____D C:\Users\tehke\Downloads\FRST-OlderVersion
2023-03-15 00:46 - 2023-03-15 00:47 - 002378752 _____ (Farbar) C:\Users\tehke\Desktop\FRST64.exe
2023-03-14 17:16 - 2023-03-14 17:16 - 000000000 ___HD C:\$WinREAgent
2023-03-14 02:55 - 2023-03-14 02:55 - 000026451 _____ C:\Users\terry\Downloads\lucy-2014-english-yify-432164.zip
2023-03-14 02:05 - 2023-03-14 02:05 - 000013273 _____ C:\Users\terry\Downloads\Lucy (2014) [1080p] [BluRay] [YTS.MX].torrent
2023-03-13 01:05 - 2023-03-13 01:05 - 978876277 _____ C:\Users\tehke\Downloads\Grace Coffey.zip
2023-03-13 00:08 - 2023-03-13 00:08 - 284229917 _____ C:\Users\tehke\Downloads\Haley Roat.zip
2023-03-11 21:47 - 2023-03-11 21:47 - 2297860633 _____ C:\Users\tehke\Downloads\Marissa.zip
2023-03-07 20:52 - 2023-03-08 19:47 - 000000000 ____D C:\Users\tehke\AppData\Local\BeamNG.drive
2023-03-07 14:19 - 2023-03-07 14:19 - 000632533 _____ C:\Users\tehke\Downloads\IMG_2445.jpeg
2023-03-05 18:54 - 2023-03-05 18:54 - 000000000 ____D C:\Users\terry\AppData\Local\Nahimic
2023-03-04 00:01 - 2023-03-04 00:01 - 000066822 _____ C:\Users\terry\Downloads\everything-everywhere-all-at-once-2022-english-yify-427543.zip
2023-03-03 23:59 - 2023-03-03 23:59 - 000021399 _____ C:\Users\terry\Downloads\Everything Everywhere All at Once (2022) [1080p] [WEBRip] [5.1] [YTS.MX].torrent
2023-03-03 18:21 - 2023-03-03 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-03-03 18:21 - 2023-03-03 18:21 - 000000537 _____ C:\Users\tehke\Desktop\BeamNG.drive.lnk
2023-03-03 18:21 - 2023-03-03 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2023-03-03 09:50 - 2023-03-03 09:50 - 000000000 ____D C:\Users\tehke\AppData\Local\Nahimic
2023-02-28 04:48 - 2023-03-15 00:31 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-02-24 05:29 - 2023-02-24 05:29 - 000000000 ____D C:\Users\tehke\AppData\Local\ToastNotificationManagerCompat
2023-02-24 04:01 - 2023-02-24 04:01 - 000003103 _____ C:\Users\terry\Downloads\th (1).jfif
2023-02-24 04:00 - 2023-02-24 04:00 - 000007590 _____ C:\Users\terry\Downloads\th.jfif
2023-02-24 02:25 - 2023-02-24 02:25 - 000000000 ____D C:\Users\terry\AppData\Roaming\WinRAR
2023-02-24 01:36 - 2023-02-24 01:37 - 441610027 _____ C:\Users\terry\Downloads\Gran Turismo 2.zip
2023-02-24 01:31 - 2023-02-24 03:59 - 000000000 ____D C:\Users\terry\Documents\DuckStation
2023-02-24 01:30 - 2023-02-24 01:30 - 018763650 _____ C:\Users\terry\Downloads\duckstation-windows-x64-release.zip
2023-02-24 01:27 - 2023-02-24 01:27 - 001289312 _____ (ALCPU ) C:\Users\terry\Downloads\Core-Temp-setup.exe
2023-02-24 01:27 - 2023-02-24 01:27 - 001289312 _____ (ALCPU ) C:\Users\terry\Downloads\Core-Temp-setup (1).exe
2023-02-24 01:27 - 2023-02-24 01:27 - 000000859 _____ C:\Users\terry\Desktop\Core Temp.lnk
2023-02-24 01:03 - 2023-02-24 01:04 - 000000000 ____D C:\Users\terry\AppData\Local\BY-COMBO2
2023-02-24 01:03 - 2023-02-24 01:03 - 000000887 _____ C:\Users\terry\Desktop\Glorious Model O Software.lnk
2023-02-24 01:03 - 2023-02-24 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorious Model O Software
2023-02-24 01:01 - 2023-02-24 01:01 - 002565531 _____ C:\Users\terry\Downloads\ModelO_1-0-9.zip
2023-02-23 23:27 - 2023-02-23 23:27 - 000000000 ____D C:\Users\terry\AppData\Roaming\Blizzard Entertainment
2023-02-23 23:24 - 2023-02-23 23:27 - 000000000 ____D C:\Users\terry\Documents\StarCraft II
2023-02-23 23:23 - 2023-02-24 01:24 - 000000000 ____D C:\Users\terry\AppData\Local\Battle.net
2023-02-23 23:23 - 2023-02-23 23:27 - 000000000 ____D C:\Users\terry\AppData\Local\Blizzard Entertainment
2023-02-23 23:23 - 2023-02-23 23:23 - 000000000 ____D C:\Users\terry\AppData\Roaming\Battle.net
2023-02-23 23:22 - 2023-03-15 00:33 - 000003976 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2023-02-23 23:22 - 2023-02-23 23:22 - 000000000 ____D C:\Users\terry\AppData\Local\ToastNotificationManagerCompat
2023-02-23 23:22 - 2023-02-23 23:22 - 000000000 ____D C:\Users\terry\AppData\Local\AWSToolkit
2023-02-23 23:22 - 2023-02-23 23:22 - 000000000 ____D C:\ProgramData\Razer Chroma SDK
2023-02-23 23:21 - 2023-02-23 23:21 - 000001980 _____ C:\Users\Public\Desktop\THX Spatial Audio.lnk
2023-02-23 23:20 - 2023-02-23 23:20 - 000002088 _____ C:\Users\Public\Desktop\Streamer Companion App.lnk
2023-02-23 23:20 - 2020-04-26 10:57 - 001490672 _____ C:\WINDOWS\system32\THXServiceApi.dll
2023-02-23 23:20 - 2020-04-26 10:57 - 000385264 _____ C:\WINDOWS\system32\RZTHXHelper.exe
2023-02-23 23:20 - 2020-04-26 10:57 - 000357104 _____ (Razer) C:\WINDOWS\system32\RZTHXService.exe
2023-02-23 23:19 - 2023-02-23 23:19 - 000001994 _____ C:\Users\Public\Desktop\Razer Virtual Ring Light.lnk
2023-02-23 23:19 - 2023-02-23 23:19 - 000001244 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2023-02-23 23:19 - 2023-02-23 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2023-02-23 23:18 - 2023-02-23 23:18 - 000001220 _____ C:\Users\Public\Desktop\Razer Axon.lnk
2023-02-23 23:18 - 2023-02-23 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Axon
2023-02-23 23:16 - 2023-02-23 23:16 - 000000020 ___SH C:\Users\tehke\ntuser.ini
2023-02-23 23:16 - 2023-02-23 23:16 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Tobii
2023-02-23 23:16 - 2023-02-23 23:16 - 000000000 ____D C:\Users\tehke\AppData\Local\Tobii
2023-02-23 23:16 - 2023-02-23 23:16 - 000000000 ____D C:\Users\tehke\AppData\Local\IsolatedStorage
2023-02-23 23:01 - 2023-02-23 23:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2023-02-23 23:01 - 2023-02-23 23:01 - 000000000 ____D C:\Program Files\DIFX
2023-02-23 23:00 - 2023-03-15 00:39 - 000851362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-23 23:00 - 2023-02-23 23:00 - 020902944 _____ C:\Users\terry\Downloads\Viper Mini_Mouse_FirmwareUpdater_v1.03.02_r1.exe
2023-02-23 22:56 - 2023-02-23 22:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-02-23 22:55 - 2023-03-15 00:32 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2023-02-23 22:55 - 2023-03-15 00:32 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2023-02-23 22:55 - 2023-03-15 00:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-23 22:55 - 2023-03-10 19:14 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1006
2023-02-23 22:55 - 2023-03-10 19:14 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1004
2023-02-23 22:55 - 2023-03-10 19:14 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3252700674-1244316876-1502611229-1001
2023-02-23 22:55 - 2023-03-10 19:14 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-23 22:55 - 2023-03-06 13:56 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1650357760
2023-02-23 22:55 - 2023-03-06 13:50 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-23 22:55 - 2023-03-06 13:50 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-23 22:55 - 2023-02-23 23:21 - 000000000 ____D C:\ProgramData\Nahimic
2023-02-23 22:55 - 2023-02-23 22:55 - 000003786 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1652344982
2023-02-23 22:55 - 2023-02-23 22:55 - 000003424 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{8AD28AD5-EAB6-431B-A7FA-62BD323D9B73}
2023-02-23 22:55 - 2023-02-23 22:55 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000003200 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{C4CC0640-D2FF-4F37-AE5A-0C9040B268C4}
2023-02-23 22:55 - 2023-02-23 22:55 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002958 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-02-23 22:55 - 2023-02-23 22:55 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-23 22:55 - 2023-02-23 22:55 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2023-02-23 22:55 - 2023-02-23 22:55 - 000002342 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2023-02-23 22:55 - 2023-02-23 22:55 - 000000020 ___SH C:\Users\terry\ntuser.ini
2023-02-23 22:55 - 2023-02-23 22:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-02-23 22:55 - 2023-02-23 22:55 - 000000000 ____D C:\Users\terry\AppData\Roaming\Tobii
2023-02-23 22:55 - 2023-02-23 22:55 - 000000000 ____D C:\Users\terry\AppData\Local\Tobii
2023-02-23 22:55 - 2023-02-23 22:55 - 000000000 ____D C:\Users\terry\AppData\Local\IsolatedStorage
2023-02-23 22:54 - 2023-02-23 22:55 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2023-02-23 22:54 - 2023-02-23 22:55 - 000028578 _____ C:\WINDOWS\diagerr.xml
2023-02-23 22:51 - 2023-03-15 00:50 - 000000000 ____D C:\Users\terry
2023-02-23 22:51 - 2023-03-12 02:31 - 000000000 ____D C:\Users\tehke
2023-02-23 22:51 - 2023-02-23 22:53 - 000000000 ____D C:\Users\Terryc
2023-02-23 22:51 - 2023-02-23 22:52 - 000000000 ____D C:\Users\defaultuser100000
2023-02-23 22:50 - 2023-03-15 00:32 - 000471296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-23 22:50 - 2023-03-15 00:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-23 22:50 - 2023-02-23 22:50 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-02-23 22:48 - 2023-02-23 22:49 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-02-23 22:47 - 2023-02-23 22:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-02-23 22:47 - 2023-02-23 22:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\WINDOWS\system32\en-CA
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\WINDOWS\addins
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\Program Files\MSBuild
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-02-23 22:43 - 2023-02-23 22:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-02-23 22:19 - 2023-03-03 09:51 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-02-23 22:19 - 2023-02-23 23:20 - 000000000 ____D C:\Program Files\Razer
2023-02-23 22:19 - 2023-02-23 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Game Manager Service
2023-02-23 22:19 - 2023-02-23 22:19 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2023-02-23 22:16 - 2023-02-23 22:16 - 008184072 _____ (Razer Inc.) C:\Users\terry\Downloads\RazerSynapseInstaller_V1.12.0.385.exe
2023-02-23 16:51 - 2023-02-23 16:51 - 000021453 _____ C:\Users\terry\Downloads\Wicked City (1987) [REPACK] [1080p] [BluRay] [YTS.MX].torrent
2023-02-17 01:19 - 2023-03-08 00:28 - 000000000 ___DC C:\WINDOWS\Panther
2023-02-16 03:06 - 2023-02-16 03:06 - 000309672 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2023-02-16 03:01 - 2023-02-16 03:01 - 000253864 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2023-02-15 10:00 - 2023-02-15 23:32 - 000000000 ____D C:\Users\tehke\AppData\Local\Notepad
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-15 00:51 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-15 00:46 - 2022-03-24 14:21 - 000000000 ____D C:\Users\tehke\AppData\Roaming\discord
2023-03-15 00:39 - 2022-05-06 22:22 - 000000000 ____D C:\WINDOWS\INF
2023-03-15 00:38 - 2022-03-24 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-15 00:34 - 2022-05-09 15:47 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-03-15 00:34 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-15 00:34 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-15 00:34 - 2022-02-14 20:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-15 00:33 - 2022-03-24 14:21 - 000000000 ____D C:\Users\tehke\AppData\Local\Discord
2023-03-15 00:32 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-15 00:32 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-15 00:32 - 2022-03-24 15:25 - 000000000 ____D C:\Users\tehke\.tobii
2023-03-15 00:32 - 2021-06-23 11:44 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\UUS
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-15 00:31 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-15 00:31 - 2022-05-06 22:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-03-15 00:28 - 2022-03-24 14:18 - 000000000 ____D C:\Users\tehke\AppData\Local\D3DSCache
2023-03-14 17:20 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-14 17:20 - 2022-03-25 15:32 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-14 17:20 - 2022-03-25 15:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-14 16:56 - 2022-09-19 00:14 - 000000000 ____D C:\Users\terry\AppData\Roaming\vlc
2023-03-14 16:56 - 2022-08-02 07:13 - 000000000 ____D C:\Users\terry\.tobii
2023-03-14 16:56 - 2022-08-02 02:39 - 000000000 ____D C:\Users\terry\AppData\Local\CrashDumps
2023-03-14 02:56 - 2022-09-19 00:05 - 000000000 ____D C:\Users\terry\AppData\Roaming\qBittorrent
2023-03-14 01:30 - 2022-08-02 02:39 - 000000000 ____D C:\Users\terry\AppData\Local\D3DSCache
2023-03-13 15:47 - 2022-03-24 14:21 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-13 15:47 - 2022-03-24 14:21 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-12 15:30 - 2022-03-24 18:47 - 000000000 ____D C:\Users\tehke\AppData\Local\CrashDumps
2023-03-12 02:57 - 2022-05-13 14:42 - 000002413 _____ C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2023-03-12 02:57 - 2022-05-13 14:42 - 000002405 _____ C:\Users\tehke\Desktop\Microsoft Teams (work or school).lnk
2023-03-12 00:06 - 2022-04-21 14:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-03-11 18:24 - 2023-01-17 12:07 - 000002289 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-11 18:24 - 2021-06-23 11:45 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-10 22:14 - 2022-08-10 21:15 - 000002413 _____ C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2023-03-10 22:14 - 2022-08-10 21:15 - 000002405 _____ C:\Users\terry\Desktop\Microsoft Teams (work or school).lnk
2023-03-10 19:14 - 2022-04-19 02:11 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-09 19:35 - 2022-04-01 03:01 - 000000000 ____D C:\Users\tehke\Documents\ShareX
2023-03-06 13:56 - 2022-04-19 01:42 - 000001449 _____ C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2023-03-03 21:19 - 2022-03-24 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-03-03 19:53 - 2022-03-24 23:15 - 000000000 ____D C:\Users\tehke\AppData\Roaming\qBittorrent
2023-03-03 09:48 - 2022-08-02 02:39 - 000000000 ___RD C:\Users\terry\OneDrive
2023-03-03 09:48 - 2022-03-24 14:19 - 000000000 ___RD C:\Users\tehke\OneDrive
2023-03-01 03:04 - 2022-06-07 19:31 - 000016596 _____ C:\Users\tehke\Desktop\New Text Document.txt
2023-02-28 04:38 - 2022-07-07 19:15 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-02-27 12:23 - 2022-08-02 02:58 - 000000000 ____D C:\Users\terry\AppData\Local\PlaceholderTileLogoFolder
2023-02-27 04:58 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\servicing
2023-02-26 03:07 - 2022-08-02 02:39 - 000000000 ____D C:\Users\terry\AppData\Local\Packages
2023-02-25 09:03 - 2022-03-24 14:18 - 000000000 ____D C:\Users\tehke\AppData\Local\PlaceholderTileLogoFolder
2023-02-24 18:09 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-02-24 13:53 - 2022-04-05 04:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-02-24 09:14 - 2022-03-24 14:18 - 000000000 ____D C:\Users\tehke\AppData\Local\Packages
2023-02-24 05:29 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-02-24 05:29 - 2022-03-24 14:26 - 000000000 ____D C:\Users\tehke\AppData\Local\Razer
2023-02-24 05:28 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-02-24 01:27 - 2022-03-24 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2023-02-23 23:22 - 2022-03-25 06:08 - 000000000 ____D C:\ProgramData\Razer
2023-02-23 23:19 - 2022-08-02 02:39 - 000000000 ____D C:\Users\terry\AppData\Local\Razer
2023-02-23 23:19 - 2022-03-25 06:08 - 000000000 ____D C:\Program Files (x86)\Razer
2023-02-23 23:16 - 2022-03-24 14:18 - 000002365 _____ C:\Users\tehke\Desktop\Microsoft Edge.lnk
2023-02-23 23:16 - 2021-06-23 11:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-23 23:11 - 2022-03-24 14:18 - 000000000 ____D C:\ProgramData\Packages
2023-02-23 22:55 - 2022-08-02 02:39 - 000002365 _____ C:\Users\terry\Desktop\Microsoft Edge.lnk
2023-02-23 22:55 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-02-23 22:55 - 2022-05-06 22:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-02-23 22:53 - 2022-05-06 22:24 - 000000000 __RHD C:\Users\Public\Libraries
2023-02-23 22:52 - 2022-05-09 15:06 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-02-23 22:52 - 2022-04-06 15:31 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2023-02-23 22:52 - 2022-03-26 00:51 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-02-23 22:51 - 2022-04-15 18:41 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WickrMe
2023-02-23 22:51 - 2022-04-07 16:00 - 000000000 ____D C:\Users\Terryc\AppData\Local\Packages
2023-02-23 22:51 - 2022-03-24 14:21 - 000000000 ____D C:\Users\tehke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-02-23 22:51 - 2022-03-24 14:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Packages
2023-02-23 22:51 - 2022-02-14 20:16 - 000000000 ____D C:\ProgramData\A-Volute
2023-02-23 22:50 - 2022-02-14 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-02-23 22:50 - 2022-02-14 20:16 - 000000000 ____D C:\WINDOWS\system32\csaudio
2023-02-23 22:49 - 2022-06-15 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K22
2023-02-23 22:49 - 2022-05-16 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy VII Remake Intergrade
2023-02-23 22:49 - 2022-05-09 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-02-23 22:49 - 2022-05-06 22:28 - 000000000 ____D C:\WINDOWS\Setup
2023-02-23 22:49 - 2022-05-06 22:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-02-23 22:49 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-23 22:49 - 2022-04-24 05:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.4
2023-02-23 22:49 - 2022-04-19 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-02-23 22:49 - 2022-04-18 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2023-02-23 22:49 - 2022-04-16 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K19
2023-02-23 22:49 - 2022-04-07 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2023-02-23 22:49 - 2022-04-07 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2023-02-23 22:49 - 2022-04-07 04:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostwire Tokyo
2023-02-23 22:49 - 2022-04-01 03:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2023-02-23 22:49 - 2022-03-30 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2023-02-23 22:49 - 2022-03-26 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELDEN RING
2023-02-23 22:49 - 2022-03-26 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2023-02-23 22:49 - 2022-03-26 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-02-23 22:49 - 2022-03-24 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-02-23 22:49 - 2022-03-24 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-02-23 22:49 - 2022-03-24 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2023-02-23 22:49 - 2022-03-24 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-02-23 22:49 - 2022-03-24 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-02-23 22:49 - 2022-03-24 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RazerCentral
2023-02-23 22:49 - 2022-02-14 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-02-23 22:49 - 2022-02-14 20:16 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2023-02-23 22:49 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-02-23 22:49 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-02-23 22:48 - 2022-11-23 07:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2023-02-23 22:48 - 2022-04-14 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2023-02-23 22:48 - 2022-03-24 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-02-23 22:48 - 2022-02-14 20:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\lenovo
2023-02-23 22:48 - 2022-02-14 20:10 - 000000000 ____D C:\WINDOWS\Lenovo
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\Globalization
2023-02-23 22:47 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-02-23 22:46 - 2022-05-06 22:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-02-23 22:46 - 2022-05-06 22:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-02-23 22:43 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\OCR
2023-02-23 22:42 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-02-23 22:42 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-02-23 22:42 - 2022-05-06 23:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-02-23 22:42 - 2022-05-06 23:01 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\IME
2023-02-23 22:42 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-02-23 00:26 - 2022-03-24 23:28 - 000000000 ____D C:\Users\tehke\AppData\Roaming\vlc
2023-02-21 06:37 - 2022-04-19 02:09 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-17 23:44 - 2022-11-27 01:38 - 000001596 _____ C:\Users\tehke\Desktop\New Text Document (2).txt
2023-02-17 23:44 - 2022-03-24 14:21 - 000002242 _____ C:\Users\tehke\Desktop\Discord.lnk
2023-02-15 00:53 - 2021-06-23 11:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by tehke (15-03-2023 00:52:42)
Running from C:\Users\tehke\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1413 (X64) (2023-02-24 05:55:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3252700674-1244316876-1502611229-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3252700674-1244316876-1502611229-503 - Limited - Disabled)
Guest (S-1-5-21-3252700674-1244316876-1502611229-501 - Limited - Disabled)
tehke (S-1-5-21-3252700674-1244316876-1502611229-1001 - Administrator - Enabled) => C:\Users\tehke
terry (S-1-5-21-3252700674-1244316876-1502611229-1004 - Administrator - Enabled) => C:\Users\terry
Terryc (S-1-5-21-3252700674-1244316876-1502611229-1006 - Administrator - Enabled) => C:\Users\Terryc
terry_w2lrri1 (S-1-5-21-3252700674-1244316876-1502611229-1005 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-3252700674-1244316876-1502611229-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\uTorrent) (Version: 3.5.5.46248 - BitTorrent Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.8.4.0 - iMobie Inc.)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BeamNG.drive v0.23 (HKLM-x32\...\BeamNG.drive_is1) (Version: 0.23 - BeamNG)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.6.110.1002 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\BlueStacks X) (Version: 0.14.3.5 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
ELDEN RING (HKLM-x32\...\ELDEN RING_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Final Fantasy VII Remake Intergrade (HKLM-x32\...\Final Fantasy VII Remake Intergrade_is1) (Version: - )
Ghostwire Tokyo (HKLM-x32\...\Ghostwire Tokyo_is1) (Version: 0.0.0 - DODI-Repacks)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
GSmartControl (HKLM\...\GSmartControl) (Version: 1.1.4 - Alexander Shaduri)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.23.241 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.23.241 - Malwarebytes)
Microsoft .NET Host - 5.0.16 (x64) (HKLM\...\{DAA471F4-54A9-4820-A1C5-266B5153C144}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.7 (x64) (HKLM\...\{8F51A211-71F1-4858-8198-8A5A66818D16}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.16 (x64) (HKLM\...\{29CBA832-8D09-42D0-82F4-3583EE247A5E}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.7 (x64) (HKLM\...\{E18A98D1-DF73-4E11-AC20-FD0190628270}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM\...\{16E242C4-24A9-4381-8023-0F246750CA47}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM-x32\...\{68696b91-f423-4e8e-a58f-631366d0f77a}) (Version: 5.0.16.31117 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.7 (x64) (HKLM\...\{882F32A5-8330-4366-844A-2F3B73C3F021}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Flight Simulator (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Microsoft Flight Simulator) (Version: - HOODLUM)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20461 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Teams) (Version: 1.6.00.4472 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\...\Teams) (Version: 1.6.00.4472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM\...\{90B8150E-08C5-4225-9F94-9BBB39D82601}) (Version: 40.64.31121 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM-x32\...\{c34fb08d-bd27-4d0b-a7bc-f7d5359f9518}) (Version: 5.0.16.31121 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM\...\{30702F00-F514-4094-BA4A-A05B42FD1CAC}) (Version: 48.31.44003 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM-x32\...\{a7dab025-ec7a-4e8a-add3-6d872f1d8aca}) (Version: 6.0.7.31422 - Microsoft Corporation)
MPC-HC 1.9.18 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.18 - MPC-HC Team)
NBA 2K19 (HKLM-x32\...\NBA 2K19_is1) (Version: - )
NBA 2K22 (HKLM-x32\...\NBA 2K22_is1) (Version: - )
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.36 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20461 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20461 - Microsoft Corporation) Hidden
Opera GX Stable 95.0.4635.74 (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Opera GX 95.0.4635.74) (Version: 95.0.4635.74 - Opera Software)
qBittorrent 4.4.2 (HKLM-x32\...\qBittorrent) (Version: 4.4.2 - The qBittorrent project)
Razer Axon (HKLM\...\Razer Axon_is1) (Version: 1.0.33.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.5.7.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0228.022313 - Razer Inc.)
Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.7.0 - ShareX Team)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamer Companion App (HKLM-x32\...\Streamer Companion App) (Version: 2.0.1.3 - Razer Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
Telegram Desktop (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.6.5 - Telegram FZ-LLC)
THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 2.0.1.12 - Razer Inc.)
Tobii Experience Software For Windows (LenovoY760) (HKLM\...\{7F9E80DA-CBD7-49F5-A756-294D0FA745F4}) (Version: 4.110.0.13215 - Tobii AB)
VALORANT (HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
VPN Unlimited 8.6.2 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.6.2 - KeepSolid Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.805 - McAfee, LLC)
WickrMe (HKLM\...\{B49C1616-0DE8-4178-92C3-BD45602C2B8D}) (Version: 5.102.9 - Wickr Inc.)
Windows Driver Package - Razer Inc. (WinUSB) USB (05/04/2016 6.2.9200.16385) (HKLM\...\874D6B1A2BD2AE8FF3594AB704F2A4A3F8342FB5) (Version: 05/04/2016 6.2.9200.16385 - Razer Inc.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
X-Rite Color Assistant 2.12.0.0 (HKLM-x32\...\{6DCFB107-4604-4AA8-BEA6-CC80BCF0B3E4}_is1) (Version: 2.12.0.0 - X-Rite, Inc)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-11-22] (Microsoft Corporation)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-02-24] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.48.2.0_x64__6rarf9sa4v8jt [2023-03-14] (Disney)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.2.214.0_x64__rz1tebttyb220 [2023-02-28] (Dolby Laboratories)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-17] (LENOVO INC.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-08-03] (Microsoft Corporation)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.91.6552.0_x64__8wekyb3d8bbwe [2023-03-06] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-02-24] (Microsoft Corporation)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm [2023-02-20] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.28.255.0_x64__dt26b99r8h8gj [2023-03-14] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0 [2023-03-07] (Spotify AB) [Startup Task]
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.53.13804.0_x64__j9ea20k37yd2w [2023-03-14] (Tobii AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm [2023-03-14] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-15] (Microsoft Windows)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WinRAR -> D:\Program Files\WinRAR [2023-02-24] (0)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3252700674-1244316876-1502611229-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tehke\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23034.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3252700674-1244316876-1502611229-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\tehke\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-3252700674-1244316876-1502611229-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Downloads\MB\mbshlext.dll [2023-03-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e80f65c4535abb35\nvshext.dll [2022-06-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Downloads\MB\mbshlext.dll [2023-03-01] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\tehke\Desktop\rtc7788 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2023-03-01 23:55 - 2023-02-27 13:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-09-29 06:19 - 2022-08-07 21:02 - 000019968 _____ () [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\SharpOSC.dll
2022-11-23 07:27 - 2017-09-03 20:52 - 000089600 _____ () [File not signed] C:\Program Files (x86)\iMobie\AnyTrans\zlib1.dll
2023-02-23 04:34 - 2023-02-23 04:34 - 001530368 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-03-12 05:05 - 2023-03-12 05:05 - 105989120 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-03-12 05:05 - 2023-03-12 05:05 - 008795648 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2023-02-20 01:30 - 2023-02-20 01:30 - 021083136 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm\Nahimic3.dll
2023-03-06 01:20 - 2023-03-06 01:20 - 007067136 _____ () [File not signed] C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\widget_core_interface_dll.dll
2022-03-24 14:36 - 2022-11-07 03:17 - 000387072 _____ () [File not signed] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-03-24 14:36 - 2022-11-07 03:17 - 008052736 _____ () [File not signed] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-09-29 06:19 - 2022-09-29 12:46 - 000265728 _____ (Benjamin Höglinger-Stelzer) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\Nefarius.Utilities.DeviceManagement.dll
2020-08-17 15:10 - 2022-01-17 02:30 - 000090624 _____ (Bernhard Millauer,Uwe Mayer, Konrad Mattheis) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\WPFLocalizeExtension.dll
2021-04-24 07:25 - 2022-10-02 05:36 - 000125440 _____ (Bevan Arps(original); whistyun) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\MdXaml.dll
2020-01-29 04:08 - 2020-01-28 22:08 - 000013824 _____ (bloomtom) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\HttpProgress.dll
2021-03-15 19:39 - 2022-04-05 06:57 - 001199104 _____ (DotNetProjects) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\DotNetProjects.Wpf.Extended.Toolkit.dll
2021-01-28 05:14 - 2022-02-10 18:07 - 000336896 _____ (GitHub Community) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\Microsoft.Win32.TaskScheduler.dll
2021-01-22 00:48 - 2022-10-04 09:17 - 000336384 _____ (havendv -> Lakritzator and Philipp Sumi) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\H.NotifyIcon.dll
2022-08-02 14:12 - 2022-10-04 09:17 - 000109568 _____ (havendv -> Lakritzator and Philipp Sumi) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\H.NotifyIcon.Wpf.dll
2022-11-23 01:31 - 2022-09-08 01:16 - 000017920 _____ (Michael Denny, Contributors (see GitHub repo)) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\WpfScreenHelper.dll
2021-05-26 23:45 - 2022-10-25 20:21 - 000212992 _____ (Nefarius Software Solutions e.U.) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\Nefarius.ViGEm.Client.dll
2023-02-23 23:16 - 2023-02-23 23:16 - 000174592 _____ (Nefarius Software Solutions e.U.) [File not signed] C:\Users\tehke\AppData\Local\Temp\Costura\B4046D3CFAA9590D376E0436D537BF26\64\vigemclient.dll
2021-03-24 22:05 - 2022-09-01 15:27 - 000832512 _____ (NLog) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\NLog.dll
2022-11-23 07:27 - 2021-06-06 23:33 - 001353216 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\iMobie\AnyTrans\System.Data.SQLite.dll
2021-08-17 13:56 - 2022-11-06 21:55 - 003595776 _____ (Ryochan7) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\DS4Windows.dll
2022-04-07 23:35 - 2021-07-22 13:11 - 000058880 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] D:\Program Files (x86)\VPN Unlimited\cares.dll
2022-04-07 23:35 - 2022-10-31 12:05 - 000416768 _____ (The curl library, hxxps://curl.se/) [File not signed] D:\Program Files (x86)\VPN Unlimited\libcurl.dll
2022-04-07 23:35 - 2022-07-05 22:42 - 002525184 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2022-04-07 23:35 - 2022-07-05 22:42 - 000532992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2020-08-16 17:22 - 2022-01-17 02:12 - 000036864 _____ (Uwe Mayer,Konrad Mattheis,Bernhard Millauer) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\XAMLMarkupExtensions.dll
2022-11-23 01:31 - 2022-10-02 05:36 - 000008704 _____ (whistyun) [File not signed] [File is in use] D:\Downloads\DS4\DS4Windows\MdXaml.Plugins.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3306]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-19] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-19] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 05:08 - 2022-06-22 01:56 - 000000871 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 edf.eset.com
0.0.0.0 expire.eset.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Users\terry\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tehke\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1070956.jpg
HKU\S-1-5-21-3252700674-1244316876-1502611229-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\terry\Downloads\th.jfif
HKU\S-1-5-21-3252700674-1244316876-1502611229-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3252700674-1244316876-1502611229-1001\...\StartupApproved\Run: => "Opera GX Stable"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FA3D9CD9-BF79-4E54-A66F-BAE256304D02}] => (Allow) D:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{DF386D83-E8B4-4498-9D89-F7EEFC13A22D}] => (Allow) D:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{7D4280E7-7B43-456F-9836-65289217A2AA}] => (Allow) D:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (Keepsolid Inc. -> KeepSolid Inc.)
FirewallRules: [{BD9B4607-E759-4E53-8FB5-9189152EAEC4}] => (Allow) D:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (Keepsolid Inc. -> KeepSolid Inc.)
FirewallRules: [UDP Query User{02BF276A-A2B4-472A-A1B9-045136E3548D}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [TCP Query User{3279C445-3008-4325-8EB4-1790CD109A12}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{1FFE03ED-1DA7-4538-826D-A46A56FA0480}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{813A5889-4353-4820-B4A0-DC91B3C01A5A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{201609B0-1BDD-4744-9FB0-53FC62154D95}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DBF99A41-C40A-4297-BE29-AC005E20D0A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3461D076-3186-40A0-919C-159EA3A77B5D}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [TCP Query User{7B7D956B-DAB0-4DB5-B406-962CACACC163}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{8ADE8427-B91F-4415-B1AF-910FE044734F}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\xldownload\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{796EE9EB-2F72-481A-82CA-B1C330F5B8CF}] => (Allow) C:\Program Files (x86)\iMobie\AnyTrans\xldownload\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{DF07C02D-411D-46F6-A64F-20000D982D6D}D:\program files\videolan\vlc\vlc.exe] => (Allow) D:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E2EEC09E-4D60-4FC1-83A6-9835633838D5}D:\program files\videolan\vlc\vlc.exe] => (Allow) D:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1A3E5AC6-B5A8-44E0-A501-581539DC582A}D:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe => No File
FirewallRules: [TCP Query User{506A7352-1E68-449F-9F9D-8A0BCCD396FA}D:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base88500\sc2_x64.exe => No File
FirewallRules: [UDP Query User{7F8CFAF2-022E-45E5-97FD-10062BB23A24}C:\users\tehke\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\tehke\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{C9738C52-88A9-4057-B538-DB1029FC14EC}C:\users\tehke\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\tehke\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [{8607FB6D-B4F5-4BE5-9489-C28D3E67A45C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BF38E6A2-AA98-4E91-9CF2-6C74E19B5BC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B3481C4C-EB20-4EAB-970B-E3B63CB06609}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2C54E203-A60B-4DF5-93F2-D95EEECFD8E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B41B4130-FD5C-4A1D-BA2B-B0A6FBB79E6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{DD557009-79A6-40B6-9C27-A02338ED5145}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9245A4C2-C00F-4986-806C-F0FD1DD2A6F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6E5C27C0-B0F0-47DF-8459-98E3672062A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.870.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [UDP Query User{4C548F2E-FD68-4203-8FC6-293A763F8752}D:\program files\epic games\fallguys\fallguys_client_game.exe] => (Allow) D:\program files\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [TCP Query User{A9EDF648-C636-4527-ACB6-73B312DC5235}D:\program files\epic games\fallguys\fallguys_client_game.exe] => (Allow) D:\program files\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{DF8CC82D-2305-4CBC-87EF-D3806428EB2A}E:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{89AE0F41-FB3E-42BE-A413-EB0CCF7D2175}E:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5D83637E-6C07-42AB-B47F-751A57E5B3BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{369BB4DB-21D1-49C0-BC49-BE8685E8520E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C082DF4D-F00E-455B-8664-715D9D6D7C9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E184D41D-0E6D-4BD5-B5AB-9526BBC13FE6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E587663F-DD33-4B66-B750-078B80BAF80F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B3D919A0-FF41-4ECD-8784-2B7076DDC234}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E6EE2708-3A1F-40BF-8524-9F07FC7EE515}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{05E7A3FE-6AED-4D04-A7E2-E34B626F5D32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [UDP Query User{A7C56748-FF1D-4B71-ACA7-526CAE9A2275}E:\games\nba 2k22\nba2k22.exe] => (Block) E:\games\nba 2k22\nba2k22.exe () [File not signed]
FirewallRules: [TCP Query User{53FCDA60-909C-4198-A241-8103012EE145}E:\games\nba 2k22\nba2k22.exe] => (Block) E:\games\nba 2k22\nba2k22.exe () [File not signed]
FirewallRules: [UDP Query User{3370FAAD-4BE6-43F6-829B-0319816A03C2}C:\users\tehke\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\tehke\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{8C6C4E34-C687-4748-9AB7-A326FBACB2C3}C:\users\tehke\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\tehke\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{77BAA295-67B2-41C7-B515-D44851CA66C3}E:\games\flight simulator\microsoft flight simulator\flightsimulator.exe] => (Allow) E:\games\flight simulator\microsoft flight simulator\flightsimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [TCP Query User{D8B2FE13-B8B5-423D-9271-6E8A17919E5C}E:\games\flight simulator\microsoft flight simulator\flightsimulator.exe] => (Allow) E:\games\flight simulator\microsoft flight simulator\flightsimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [UDP Query User{1AADE3E5-8A0F-44AD-9A1F-EBB34F70FE20}D:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe => No File
FirewallRules: [TCP Query User{51406327-309B-4553-BBA6-ABDC6BD59097}D:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe => No File
FirewallRules: [{CEF0907C-E653-45FF-9A7C-F89E8E7EACDF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{624CF589-180A-43C9-B739-EB0C0B9662D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F2EC377-D610-423C-8A3B-973BC2D4E4E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA6F9461-B445-4597-A0E6-0F4DD671E277}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{416BE1BC-DE4C-4986-ADEB-8C1D74E9E006}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{236B3DCD-C294-4D82-9BCD-77F2CA833AE0}] => (Allow) D:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{F5E41059-B84D-4F44-A9BF-68E829B4AB31}] => (Allow) D:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{3DAAC5BE-53DD-49EB-98CB-B6A067C42A3E}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{DE24A092-8D54-4E66-81D7-1E4A9F6F941D}] => (Allow) D:\BlueStacks\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{94F77DF2-E246-4810-9EDC-DBF498D56BBE}] => (Allow) D:\BlueStacks\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{053F9DDC-B876-47C8-9140-8B44270FD3AB}] => (Allow) D:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{EF09ABE3-EF47-483C-AADF-95CC8F2A5C1F}] => (Allow) D:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{902E6672-3F5A-43F5-8528-E3A0E7E8C50A}] => (Allow) C:\Users\tehke\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B89559FD-604A-4797-91C7-7B53E1995124}] => (Allow) C:\Users\tehke\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C67C87BF-74BC-47ED-A5CE-84C1702A5D6B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FF6BC194-8D39-4399-B239-2F8900AC24BC}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{97C13D7B-B8BB-4284-9E33-B31644C942D3}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{42EB94E4-B8BD-487D-A206-EB0E8FCC74E6}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A190F41B-F640-442E-9109-B30BBF9951B7}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{83E94C09-4715-4CEB-A8A6-A051916387EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D680103C-E1C4-4117-B41A-A08BF819970E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8135982C-A3A5-43AF-9799-B38D4B590BFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E18A459F-D6C0-432F-BEE6-F57FA3A341B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4AC820B-01E2-4E86-A5A8-5F52AD82C587}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D807AD0D-4984-4BEE-812F-98CB99DB3957}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D2F034E9-518F-4399-BA0B-DBFAB97D6BFA}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [TCP Query User{9B4843FF-1899-4824-B554-2E84E07FE645}D:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{C1871B4D-DF63-4190-A09F-977104BDAD02}D:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{360BA9BD-B9C2-4CA8-8D1B-C5A3E65FF119}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A867A71-2EA7-4352-BE0D-57AF262A3F8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8C57708-C6D2-4709-9E12-F49ED62A13F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A13018B-28DF-4D05-B969-3237117AAA7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49D02712-BA3B-4F9C-B3D5-75399B1AB223}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A169D781-C8F8-428B-803D-868C9BF7CA84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C904F9B4-A732-4669-855C-18A0EB5FE399}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E09EDDE1-2923-4265-ACC4-DB1A0A168A0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{543FFA10-8164-4403-A546-23B61D156B8D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23034.1300.1846.7680_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDAB621B-6863-4D7D-9101-D6D97CF9EAAC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23034.1300.1846.7680_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B5FA7DD-9D5F-46AE-9A58-A3892751F616}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B170263-8DF6-45CC-808D-764E218D3D29}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{10C7DF15-1A93-4A32-AF5E-CC33F113E8C4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33F15601-BAF6-4FBC-BA2A-116DD24B8472}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
10-03-2023 00:28:00 Scheduled Checkpoint
14-03-2023 17:16:43 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-D982FIHM.local already in use; will try LAPTOP-D982FIHM-2.local instead
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 LAPTOP-D982FIHM.local. Addr 192.168.0.225
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.225:5353 16 LAPTOP-D982FIHM.local. AAAA FDF8:D5E1:F93F:4266:0272:C476:5579:D05B
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 LAPTOP-D982FIHM.local. AAAA FE80:0000:0000:0000:6F51:9E54:E485:7546
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.225:5353 16 LAPTOP-D982FIHM.local. AAAA FDF8:D5E1:F93F:4266:0272:C476:5579:D05B
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 LAPTOP-D982FIHM.local. AAAA 2604:3D00:D15D:7E76:7546:F231:C88E:5B4F
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.225:5353 16 LAPTOP-D982FIHM.local. AAAA FDF8:D5E1:F93F:4266:0272:C476:5579:D05B
Error: (03/15/2023 12:51:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 LAPTOP-D982FIHM.local. AAAA 2604:3D00:D15D:7E76:EB0E:A89D:1889:60FB
System errors:
=============
Error: (03/15/2023 12:31:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Audiosrv service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (03/15/2023 12:31:37 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The Audiosrv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
The request is not supported.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (03/15/2023 12:31:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AppXSvc service depends on the StateRepository service which failed to start because of the following error:
The operation completed successfully.
Error: (03/15/2023 12:31:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:23:53 AM on 3/15/2023 was unexpected.
Error: (03/14/2023 04:56:28 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:55000. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
Error: (03/14/2023 01:30:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-D982FIHM)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (03/13/2023 11:24:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-D982FIHM)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (03/13/2023 11:15:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.
Windows Defender:
================
Date: 2023-03-13 21:00:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-11 18:52:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-03-15 00:33:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2023-03-15 00:32:05
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\dtlitescsibus.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x20. Status 0xC00000BB.
Date: 2023-03-12 20:36:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-03-12 01:32:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2023-03-10 18:15:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Downloads\MB\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO GKCN53WW 02/25/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 9 5900HX with Radeon Graphics
Percentage of memory in use: 31%
Total physical RAM: 32620.06 MB
Available physical RAM: 22255.11 MB
Total Virtual: 40812.06 MB
Available Virtual: 27299.21 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:952.62 GB) (Free:806.38 GB) (Model: SKHynix_HFS001TDE9X084N) NTFS
Drive d: (Data) (Fixed) (Total:953.85 GB) (Free:703.12 GB) (Model: SKHynix_HFS001TDE9X084N) NTFS
Drive e: (One Touch) (Fixed) (Total:4657.33 GB) (Free:3802.02 GB) (Model: Seagate One Touch HDD SCSI Disk Device) NTFS
\\?\Volume{0af6318f-5335-4cce-bcf1-c37154c74faa}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.38 GB) NTFS
\\?\Volume{fe006d31-1f1e-4cea-b168-9297dd4deeac}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{3aee5421-0265-4415-be95-b778f81f5be9}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 43FF248E)
Partition: GPT.
==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: 1B25E18B)
Partition: GPT.
==========================================================
Disk: 2 (Size: 4657.5 GB) (Disk ID: A9F36CD3)
Partition: GPT.
==================== End of Addition.txt =======================