Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by bring (administrator) on DESKTOP-DSJCIS2 (MSI MS-7752) (13-05-2021 15:59:15)
Running from D:\Chrome Downloads\frst64
Loaded Profiles: bring
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\bring\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusriteusb\Focusrite Notifier.exe [5029376 2020-06-02] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Run: [Discord] => C:\Users\bring\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Run: [f.lux] => C:\Users\bring\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-20] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\bring\AppData\Local\splice\app-3.6.94170\Splice.exe [83318784 2021-05-02] (Splice) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-10] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006CB8B0-0B69-4173-9C22-C3D578887FC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04A06AAC-E389-4DB6-917C-12CB9BD6539B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {075A32EF-9327-4B2F-BB25-0A176189E998} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1058B329-C487-4561-9E93-AE6A8B5328F6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35A41008-0753-4917-A8A8-31924079B2CC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F27A515-9C53-4B91-8EE1-A93698AC27EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47359B58-F261-41FD-AF70-E708D98F702A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F465907-996D-4F65-8B25-A3C0000AAC00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {6A748765-BEB7-4739-9EF0-970193B1907B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-22] (Google LLC -> Google LLC)
Task: {A6F176BC-9E4F-4347-9E91-9981BA8FFED4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD7B83C6-EA9A-4A60-AE92-D59EC297E0E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AE573026-63DC-4801-8288-3BD5A9FBE62D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-22] (Google LLC -> Google LLC)
Task: {C9DA3100-820D-4413-A485-DB472AD820D1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D58B0200-1B35-4A53-93F4-87E7E58AE84D} - System32\Tasks\Microsoft\Windows\ExploitGuard\cmiadtdim => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> /unregister /nologo C:\Users\bring\AppData\Local\BitsPrep\AsjsSobrce\Winpogs_Medxnfi.dll
Task: {DEF278E8-170F-4091-AE7A-7C47A6DC9794} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F4FC3AE2-337D-4CD0-8200-03A916BE1B40} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F78960BE-21E2-481C-87D6-E9DDE349E3AA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 200.1.104.35 200.1.104.36
Tcpip\..\Interfaces\{e876780f-f16d-44c9-adc0-66781daa9a4e}: [DhcpNameServer] 200.1.104.35 200.1.104.36
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\bring\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-13]
Edge Extension: (xAskHelp) - C:\ProgramData\Sekbst\Gbzmx\4432A5BD [2021-05-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-13]
CHR HomePage: Profile 1 -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBEQo0lOCwIxrzs2Rcb6iYzH5XEFX-HAz-jXAXZ8ivMbXbDApnjWC1w6s1wWM2ybrSNeQ28tQjfFwa-ZFxpxp4qi0881KifiyD4FALaxSmAk_z_yvKFChZfJ1h8N0Qd4N0O92dbjCiw4QK19pN2kx40Ffx6dB4jb-kAhADD3z7XMFwiozJcrKqwxLNNtak,
CHR StartupUrls: Profile 1 -> "hxxps://www.google.tt/?gws_rd=cr,ssl&ei=wvatU4CpBcTmywPb5oK4AQ"
CHR DefaultSearchURL: Profile 1 -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR Extension: (Slides) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-22]
CHR Extension: (YouTube) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-05-10]
CHR Extension: (Night Eye - Dark mode on any website) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\alncdjedloppbablonallfbkeiknmkdi [2021-04-30]
CHR Extension: (Docs) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-22]
CHR Extension: (Google Drive) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (Turn Off the Lights) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2021-04-01]
CHR Extension: (YouTube) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-22]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Tampermonkey) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-03-26]
CHR Extension: (Chameleon) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmpojjilddefgnhiicjcmhbkjgbbclob [2020-05-22]
CHR Extension: (Sheets) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-22]
CHR Extension: (Google Docs Offline) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Youtube Video Downloader) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjndphdopaigpbbhdlgphjgfccacnbja [2020-08-04]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-05-13]
CHR Extension: (Looper for YouTube) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2021-04-23]
CHR Extension: (Grammarly for Chrome) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-05-09]
CHR Extension: (DotVPN — a Better way to VPN) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2020-05-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\bring\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]
CHR Extension: (xAskHelp) - C:\ProgramData\Sekbst\Gbzmx [2021-05-13]
CHR Profile: C:\Users\bring\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-22]
Opera:
=======
OPR Profile: C:\Users\bring\AppData\Roaming\Opera Software\Opera Stable [2020-05-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2546776 2021-04-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3486808 2021-04-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe [2599312 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe [128376 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 Focusriteusb; C:\WINDOWS\System32\drivers\Focusriteusb.sys [123456 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [92568 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [87912 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [42000 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29712 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36376 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [45592 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48144 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44048 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [44048 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41008 2021-02-04] (McAfee, LLC. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys [14536 2020-05-22] (EVGA -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-13 15:57 - 2021-05-13 15:59 - 000000000 ____D C:\FRST
2021-05-13 15:46 - 2021-05-13 15:46 - 000000000 ___HD C:\ProgramData\Sekbst
2021-05-13 15:36 - 2021-05-13 15:36 - 000000798 _____ C:\Users\bring\Desktop\AppCleaner.lnk
2021-05-13 15:36 - 2021-05-13 15:36 - 000000000 ____D C:\Users\bring\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppCleaner
2021-05-12 00:48 - 2021-05-12 01:47 - 000000000 ____D C:\ProgramData\AVG
2021-05-11 22:40 - 2021-05-11 22:40 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-11 18:27 - 2021-05-11 18:27 - 393645114 _____ C:\WINDOWS\MEMORY.DMP
2021-05-11 18:27 - 2021-05-11 18:27 - 000560156 _____ C:\WINDOWS\Minidump\051121-6500-01.dmp
2021-05-11 09:40 - 2021-05-11 09:40 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-11 09:40 - 2021-05-11 09:40 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-11 09:40 - 2021-05-11 09:40 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-11 09:39 - 2021-05-11 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-11 09:39 - 2021-05-11 09:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-11 09:39 - 2021-05-11 09:39 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-11 09:39 - 2021-05-11 09:39 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-11 09:39 - 2021-05-11 09:39 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-11 09:39 - 2021-05-11 09:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-11 09:39 - 2021-05-11 09:39 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-11 09:39 - 2021-05-11 09:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-11 09:38 - 2021-05-11 09:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-11 09:38 - 2021-05-11 09:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-11 09:16 - 2021-05-11 09:16 - 000000000 ___HD C:\$SysReset
2021-05-11 06:33 - 2021-05-13 15:41 - 089128960 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-05-11 06:29 - 2021-05-11 06:33 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-05-10 23:39 - 2021-05-11 02:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-05-10 23:39 - 2021-05-10 23:39 - 000000000 ____D C:\ProgramData\GridinSoft
2021-05-10 23:28 - 2021-05-10 23:31 - 000000000 ____D C:\ProgramData\SecTaskMan
2021-05-10 23:08 - 2021-05-10 23:08 - 000000000 ____D C:\Users\bring\AppData\Local\mbam
2021-05-06 23:34 - 2021-05-06 23:34 - 000000000 ____D C:\Program Files\Vstplugins
2021-05-06 23:26 - 2021-05-11 03:30 - 000000000 _____ C:\Users\bring\Documents\MainAppLog.txt
2021-05-06 23:07 - 2021-05-06 23:07 - 000000870 _____ C:\Users\bring\Desktop\Studio One 5.lnk
2021-05-06 23:07 - 2021-05-06 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus
2021-05-06 05:23 - 2021-05-11 18:27 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-06 05:23 - 2021-05-06 05:23 - 000482788 _____ C:\WINDOWS\Minidump\050621-9765-01.dmp
2021-05-06 05:07 - 2021-05-11 00:22 - 000000000 ____D C:\Users\bring\Documents\VlcpVideoV1.0.1
2021-05-06 05:06 - 2021-05-06 05:08 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-05-05 19:11 - 2021-05-05 19:11 - 000366989 _____ C:\Users\bring\Desktop\kupdf.net_w-timothy-gallwey-the-inner-game-of-tennis.pdf
2021-05-02 22:58 - 2021-05-04 04:08 - 000000000 ____D C:\Users\bring\AppData\Local\SpliceSettings
2021-05-02 22:58 - 2021-05-02 22:58 - 000002215 _____ C:\Users\bring\Desktop\Splice.lnk
2021-05-02 22:58 - 2021-05-02 22:58 - 000000000 ____D C:\Users\bring\Documents\Splice
2021-05-02 22:58 - 2021-05-02 22:58 - 000000000 ____D C:\Users\bring\AppData\Roaming\Splice
2021-05-02 22:58 - 2021-05-02 22:58 - 000000000 ____D C:\Users\bring\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
2021-05-02 22:58 - 2021-05-02 22:58 - 000000000 ____D C:\Users\bring\AppData\Local\splice
2021-05-02 22:58 - 2021-05-02 22:58 - 000000000 ____D C:\Users\bring\AppData\Local\IsolatedStorage
2021-05-01 21:10 - 2021-05-01 21:21 - 001597301 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip
2021-05-01 20:21 - 2021-05-11 03:32 - 000000000 ____D C:\Users\bring\Documents\Studio One
2021-05-01 20:06 - 2021-05-06 23:17 - 000000000 ____D C:\ProgramData\PreSonus
2021-05-01 20:06 - 2021-05-01 20:06 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2021-05-01 20:06 - 2020-01-24 06:25 - 000033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2021-05-01 20:06 - 2011-01-18 11:49 - 000034152 _____ (GEAR Software Inc.) C:\WINDOWS\SMSS-PFRO0f32.tmp
2021-05-01 19:55 - 2021-05-06 23:07 - 000000000 ____D C:\Users\bring\AppData\Roaming\PreSonus
2021-05-01 19:55 - 2021-05-01 19:55 - 000000880 _____ C:\Users\bring\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Studio One.lnk
2021-05-01 19:55 - 2021-05-01 19:55 - 000000000 ____D C:\ProgramData\{35733029-9859-49C7-8475-1E78E2AAE413}
2021-05-01 19:55 - 2020-01-24 06:25 - 000125872 _____ (GEAR Software Inc.) C:\WINDOWS\system32\GEARAspi64.dll
2021-05-01 19:55 - 2020-01-24 06:25 - 000106928 _____ (GEAR Software Inc.) C:\WINDOWS\SysWOW64\GEARAspi.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-29 21:05 - 2021-04-27 17:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-29 21:05 - 2021-04-27 17:16 - 001453344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-29 21:05 - 2021-04-27 17:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-29 21:05 - 2021-04-27 17:16 - 001192736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-29 21:05 - 2021-04-27 17:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-29 21:05 - 2021-04-27 17:13 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-04-29 21:05 - 2021-04-27 17:13 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-04-29 21:05 - 2021-04-27 17:13 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 001590560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-04-29 21:05 - 2021-04-27 17:12 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-04-29 21:05 - 2021-04-27 17:12 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-04-29 21:05 - 2021-04-27 17:11 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-04-29 21:05 - 2021-04-27 17:11 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-04-29 21:05 - 2021-04-27 17:11 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-04-29 21:05 - 2021-04-27 17:11 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-04-29 21:05 - 2021-04-27 17:11 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-04-29 21:05 - 2021-04-27 17:10 - 000848664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-04-29 21:05 - 2021-04-27 17:09 - 006159176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-04-29 21:05 - 2021-04-23 21:08 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-04-29 02:43 - 2021-04-29 02:44 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-04-25 13:50 - 2021-04-25 13:50 - 000000000 ____D C:\Users\bring\AppData\Local\Epic Games
2021-04-25 13:49 - 2021-04-28 14:30 - 000000000 ____D C:\Users\bring\AppData\Local\T2GP Launcher
2021-04-25 13:49 - 2021-04-25 13:49 - 000000000 ____D C:\Users\bring\AppData\Roaming\T2GP Launcher
2021-04-22 13:09 - 2021-04-22 13:09 - 000002665 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quran Explorer Desktop.lnk
2021-04-22 13:09 - 2021-04-22 13:09 - 000002653 _____ C:\Users\Public\Desktop\Quran Explorer Desktop.lnk
2021-04-22 13:09 - 2021-04-22 13:09 - 000002653 _____ C:\ProgramData\Desktop\Quran Explorer Desktop.lnk
2021-04-22 13:09 - 2021-04-22 13:09 - 000000000 ____D C:\Users\bring\AppData\Roaming\Quran Explorer
2021-04-22 13:09 - 2021-04-22 13:09 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2021-04-22 13:09 - 2021-04-22 13:09 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-04-22 13:09 - 2021-04-22 13:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2021-04-22 13:09 - 2021-04-22 13:09 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-04-22 13:07 - 2021-04-22 13:07 - 024546363 _____ C:\Users\bring\Downloads\QESetup-Beta.exe
2021-04-15 08:51 - 2020-08-14 03:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-04-14 08:11 - 2021-04-14 08:11 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-13 15:58 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-13 15:49 - 2020-09-14 22:25 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-13 15:44 - 2020-05-23 12:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-13 15:42 - 2020-09-14 22:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 15:42 - 2020-09-14 22:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-13 15:42 - 2020-09-14 22:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 15:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-13 15:42 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-13 15:41 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 12:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-13 10:34 - 2021-03-24 18:03 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C64EBA4B-4E16-457C-AE93-EA97F16CBA90}
2021-05-13 04:13 - 2020-09-14 22:23 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2429153621-234642561-3579324590-1001
2021-05-13 04:13 - 2020-09-14 22:12 - 000002363 _____ C:\Users\bring\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 04:13 - 2020-05-22 11:09 - 000000000 ___RD C:\Users\bring\OneDrive
2021-05-12 01:17 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-12 00:58 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-12 00:47 - 2020-09-14 22:19 - 000276448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 00:46 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-12 00:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 00:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-11 22:41 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-11 22:34 - 2020-05-22 15:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 22:33 - 2020-05-22 15:25 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 18:29 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-11 18:26 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-11 18:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-11 09:43 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-11 02:24 - 2020-06-05 10:57 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-11 02:24 - 2020-05-22 11:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 02:24 - 2020-05-22 11:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 02:24 - 2020-05-22 11:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-10 23:11 - 2020-05-22 11:20 - 000002412 _____ C:\Users\bring\Desktop\Ghuraba (gh) - Chrome.lnk
2021-05-10 18:38 - 2020-05-22 13:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-08 22:59 - 2020-05-22 11:14 - 000000000 ____D C:\Users\bring\AppData\Local\Google
2021-05-06 23:33 - 2020-07-09 07:03 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-05-06 23:30 - 2020-05-26 22:05 - 000000000 ____D C:\Users\bring\AppData\Roaming\uTorrent
2021-05-06 04:08 - 2020-05-22 19:07 - 000000000 ____D C:\Users\bring\AppData\Roaming\vlc
2021-05-02 22:58 - 2020-10-21 11:43 - 000000000 ____D C:\Users\bring\AppData\Local\SquirrelTemp
2021-04-29 21:14 - 2020-06-15 18:46 - 000000000 ____D C:\Users\bring\AppData\Local\CrashDumps
2021-04-29 21:10 - 2020-05-28 10:55 - 000000000 ____D C:\Users\bring\AppData\Local\NVIDIA
2021-04-28 21:33 - 2020-05-27 01:19 - 000000000 ____D C:\Users\bring\AppData\Local\BitTorrentHelper
2021-04-27 17:09 - 2020-08-18 02:47 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-04-25 22:45 - 2020-09-14 22:23 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 22:45 - 2020-09-14 22:23 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-25 13:49 - 2020-05-23 13:11 - 000000000 ____D C:\Users\bring\AppData\Local\D3DSCache
2021-04-25 04:17 - 2020-09-14 22:12 - 000000000 ____D C:\Users\bring
2021-04-23 10:26 - 2020-11-20 13:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-22 12:27 - 2021-03-18 13:30 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 12:27 - 2021-03-11 16:26 - 001695184 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-04-22 12:27 - 2021-03-11 16:26 - 000236472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-04-22 12:27 - 2021-03-11 16:26 - 000176592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-04-22 12:27 - 2021-03-11 16:26 - 000159672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-04-22 12:27 - 2021-03-11 16:26 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-04-22 12:27 - 2021-03-11 16:26 - 000038328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-04-20 20:05 - 2020-09-14 22:23 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 20:05 - 2020-09-14 22:23 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-18 20:42 - 2021-03-11 00:13 - 000000000 ____D C:\Users\bring\Desktop\sfv mods
2021-04-15 08:52 - 2020-09-14 22:23 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:52 - 2020-09-14 22:23 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:52 - 2020-05-28 10:55 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-04-15 08:52 - 2020-05-28 10:55 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-04-15 08:52 - 2020-05-22 13:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-15 08:51 - 2020-09-14 22:23 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-09-14 22:23 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-15 08:51 - 2020-05-22 11:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-15 08:51 - 2020-05-22 11:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-14 08:24 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-14 08:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-14 08:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-14 08:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-14 08:11 - 2020-09-14 22:20 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
**************************************************************************************************************************************************
**************************************************************************************************************************************************
addition text
***************************************************************************************************************************************************
****************************************************************************************************************************************************
could not find the more options prompt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by bring (13-05-2021 16:01:05)
Running from D:\Chrome Downloads\frst64
Windows 10 Pro Version 20H2 19042.985 (X64) (2020-09-15 02:23:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2429153621-234642561-3579324590-500 - Administrator - Disabled)
bring (S-1-5-21-2429153621-234642561-3579324590-1001 - Administrator - Enabled) => C:\Users\bring
DefaultAccount (S-1-5-21-2429153621-234642561-3579324590-503 - Limited - Disabled)
Guest (S-1-5-21-2429153621-234642561-3579324590-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2429153621-234642561-3579324590-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\uTorrent) (Version: 3.5.5.45988 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
AppCleaner (HKLM-x32\...\AppCleaner) (Version: 3.3.6626.24371 - UpdateStar GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG)
Core Temp 1.16 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.16 - ALCPU)
Custom Shop version 2.0.0 (HKLM\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 2.0.0 - IK Multimedia)
Discord (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\Flux) (Version: - f.lux Software LLC)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite Usb 4.65.5.658 (HKLM\...\Focusrite Usb_is1) (Version: 4.65.5.658 - Focusrite Audio Engineering, Ltd.)
GEAR driver installer for x64 WinXP (HKLM\...\{89264031-7A83-4DB5-AECB-22BC115BB886}) (Version: 5.005.3 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Guitar Pro 7 (HKLM-x32\...\Guitar Pro_is1) (Version: 7.5.4.1799 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LED Sync (HKLM-x32\...\{D10D6F85-907E-4F37-8E30-C17F6BC57813}) (Version: 1.1.0 - EVGA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Native Instruments Blocks Base (HKLM-x32\...\Native Instruments Blocks Base) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Expansions Selection (HKLM-x32\...\Native Instruments Expansions Selection) (Version: 1.0.0.10 - Native Instruments)
Native Instruments Guitar Rig 6 (HKLM-x32\...\Native Instruments Guitar Rig 6) (Version: 6.1.1.118 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.2.135 - Native Instruments)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 466.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.98.47688 - Electronic Arts, Inc.)
PreSonus Studio One 5 (HKLM\...\Studio One 5_is1) (Version: 5.0.1 - PreSonus)
Quran Explorer Desktop (HKLM-x32\...\{34A9F183-1011-4845-9826-FBAA53DA59DF}) (Version: 1.0.34 - Quran Explorer)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
SFV Pak Mod Manager (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\sfv) (Version: 2.2.11 - Frosthaven)
Splice (HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\splice) (Version: 3.6.94170 - Distributed Creation, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer)
Transcribe! 8.31 (HKLM-x32\...\Transcribe!_is1) (Version: 8.31 - Seventh String Software)
Twitch Leecher 1.8.4 (HKLM\...\{4871CA2A-E8D6-429D-B3AD-DA09410AF346}) (Version: 1.8.4.0 - Franiac) Hidden
Twitch Leecher 1.8.4 (HKLM-x32\...\{904941a6-1120-4eaa-a150-30df49e3939c}) (Version: 1.8.4.0 - Franiac)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 5.91 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.1 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.57.2.0_x86__kgqvnymyfvs32 [2021-04-21] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.58.5.0_x86__kgqvnymyfvs32 [2021-05-09] (king.com)
Japanese Islands PREMIUM -> C:\Program Files\WindowsApps\Microsoft.JapaneseIslandsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-02-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-11] (Microsoft Studios) [MS Ad]
Night Eye -> C:\Program Files\WindowsApps\43069RAZORdeveloper.NightEye_3.7.6.0_neutral__c9kkezg6y739m [2021-03-24] (RAZORdeveloper)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-29] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-04-01] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-04-30] (Spotify AB) [Startup Task]
Subdivision Metronome 10 -> C:\Program Files\WindowsApps\51672mmaciekk.SubdivisionMetronome_4.0.3.0_x64__z6teh460wqmk8 [2020-07-10] (macieksz) [MS Ad]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio_OfficeDocOpener_3.2.21.0_x86__3h5nez1g3qt2c [2021-01-13] (GT Office PDF Studio)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2103.5001.0_x64__8wekyb3d8bbwe [2021-03-11] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2429153621-234642561-3579324590-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-05-31] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-05-31] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvshext.dll [2021-04-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-05-31] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-05-31] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\bring\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Sekbst\Gbzmx\4432A5BD"
==================== Loaded Modules (Whitelisted) =============
2021-01-15 21:43 - 2021-01-15 21:42 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-15 21:43 - 2021-01-15 21:42 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Program Files (x86)\Origin\ssleay32.dll
2021-01-15 21:43 - 2021-01-15 21:42 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5Core.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5Gui.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5Network.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 000146432 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-05-11 00:01 - 2021-01-15 21:42 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\bring\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-05-22 14:05 - 2021-03-18 13:39 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bring\Desktop\sekirot\Wallpaper-Berserk-anime-manga-Guts-black-armor-.jpg
DNS Servers: 200.1.104.35 - 200.1.104.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2429153621-234642561-3579324590-1001\...\StartupApproved\Run: => "com.squirrel.splice.Splice"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{405A7E62-5D18-409E-8A9C-36E2A745737E}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{829BD799-0445-4FF1-8E51-0D7B99A4F998}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7CA062A7-9CE8-4176-BC55-CAB10C4F0A4A}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5DD8456-47AA-4195-B1C3-6E1649AC4C17}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{96D5EDCD-0146-4365-B88B-9CDC1C5A416E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{769CFF9E-1CA7-4016-B60D-042402C14F4B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C51BBBC6-3CDB-48F1-98C8-FD72A7560B7E}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{52D2114B-22FE-4215-B0D9-89B65994E743}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F28A7F5-10EE-4470-BE78-F70BDDE037F5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{0242BF30-D09C-47CA-BCA7-DCDA3855CDF1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{E24C4617-9EBF-4A3F-82AE-79D16A256489}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{49C948DB-E880-424D-AC38-12CE7A3168FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0311DE83-1C0C-4E05-9E11-83D494FB42D7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{0ADC7103-43CD-490A-864C-16F86FD4378D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{37D2BF4D-F280-4085-87A6-C06C1F1A7E74}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{945DAB81-9455-45E1-B423-941FC993D988}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{3E0BC0CC-201F-4FA2-920C-B34210C99C45}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D473E655-C8A0-4386-8B22-A572455EE25B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{CBD9DD67-95A2-44A0-A448-FBDEF30F98D0}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B026FBBF-5D7C-4D0D-9ECB-30D786248644}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CB4DB25A-046A-416F-A535-C012CD9421F5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{A2EDB8F4-F8D8-4AC7-BB33-C0ED745AE9AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{46BE287B-1BE8-4DE9-B3D9-08C608D9A943}] => (Allow) C:\Users\bring\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DACB1892-9218-4ADD-AEE9-6BE1AA14A0EF}] => (Allow) C:\Users\bring\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0CAB6D8E-90A3-477F-957C-581846C7B9A2}C:\users\bring\appdata\roaming\utorrent\updates\3.5.5_45790.exe] => (Allow) C:\users\bring\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{BC7FDA7C-FB24-4A8F-BCDF-645ECFCD57A7}C:\users\bring\appdata\roaming\utorrent\updates\3.5.5_45790.exe] => (Allow) C:\users\bring\appdata\roaming\utorrent\updates\3.5.5_45790.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{07561935-D222-4FFF-B680-D269AB19D7D8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{6CE8273D-B8AE-4433-9292-0620D325B875}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{8C3EFBD4-269E-460D-BE61-5783C55C2268}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [{4BD8A606-5CF3-4AFC-B87E-CB8295BF4681}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [TCP Query User{51213ECE-D1CE-4A1F-A402-604AD86334AD}D:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{7D1FA4E5-124D-4EDF-9C22-745567651D38}D:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{6F96D695-66CB-4648-9757-63859D58CEDA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{E64FADE3-3F2E-49DC-819B-ADDAE76F635D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{28B051E9-9D59-4F90-8CB9-91CC29540E1B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{FA782A3F-F266-4B17-ADD2-812A8FE0FC54}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{4CA6A2B3-6489-4C2D-B95D-F97815AE0CCE}D:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{60F63836-1AD4-4CD8-A72F-B6A1DCB252DA}D:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{1BF5E03C-B6C4-4093-99C8-67D1335B5819}] => (Allow) D:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe => No File
FirewallRules: [{0652F21D-EE3C-43D0-9A90-22BAF3631160}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{E0A09AF7-C148-4DAD-9917-F930B28335FA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{F42647FD-B0C9-4264-814E-8B7101DFB5B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{3412AF86-4208-4307-A614-037ABF153510}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{0707F02E-FE61-4060-9EE4-8B3A887B13DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{880A7827-4A37-48B5-AB13-0E3B843AE74A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B2EDABB9-B648-42AC-A31D-8CA40DC41016}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{44076947-F1FB-4912-92BE-C906EA286B5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6AD3E142-DFDA-4D6A-92A9-6D66C6C4E617}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11F6E3A5-775D-4833-93C8-1BC3399D442B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC0A81A2-C72D-49FA-8767-9CEA83DE8874}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE95A242-D9CD-4300-8FB1-3FC7174C23A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA41253A-B97B-47A9-A349-3B8EF2BA907C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89FB6BC2-B45F-4538-8836-D16C19FAF20F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BEF5D1-5939-436E-B5C1-746C039830A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{78D5F687-E775-4995-868B-8F6243643325}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D67A972-5A75-4D42-9323-790339D7D98C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C4811B15-76A4-4730-A0B7-F1AE788B53BB}D:\program files\presonus\studio one 5\studio one.exe] => (Allow) D:\program files\presonus\studio one 5\studio one.exe (PreSonus) [File not signed]
FirewallRules: [UDP Query User{53C3975D-829D-418A-BA23-03FA0C0AE102}D:\program files\presonus\studio one 5\studio one.exe] => (Allow) D:\program files\presonus\studio one 5\studio one.exe (PreSonus) [File not signed]
FirewallRules: [TCP Query User{2DD778B5-37D7-4B70-A1D7-FEB4D9CC228F}D:\program files\presonus\studio one 5\pluginscanner.exe] => (Allow) D:\program files\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{4FB4A5ED-4F1D-4AA7-88B9-470AD077B70B}D:\program files\presonus\studio one 5\pluginscanner.exe] => (Allow) D:\program files\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [{2F5980E0-F361-4681-A41F-C02F73B37AA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:110.03 GB) (Free:26.35 GB) (24%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/11/2021 10:52:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Zoro (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (05/11/2021 01:38:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1dc
Start Time: 01d746790e4728a1
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 19b218d9-00ba-474a-a7f9-4cbf26fc6226
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (05/11/2021 09:47:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 16a0
Start Time: 01d746690dc17277
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 4314418f-1eae-43d7-9f79-bc6086c53e5c
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (05/10/2021 11:18:57 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (05/06/2021 05:38:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program dota2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2db4
Start Time: 01d7425b0763372e
Termination Time: 41
Application Path: D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
Report Id: fe16d99a-f0a7-4b8a-ba50-04f0e04bbf9b
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
System errors:
=============
Error: (05/13/2021 03:42:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NIHostIntegrationAgent service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/13/2021 03:42:28 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.
Error: (05/12/2021 08:32:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/12/2021 08:32:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/12/2021 08:32:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/12/2021 08:32:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/12/2021 08:32:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/12/2021 08:32:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DSJCIS2)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-05-11 15:15:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0[/URL]
Name: App:Utorrent_BundleInstaller
Severity: Low
Category: Potentially Unwanted Software
Path: file:_D:\Chrome Downloads\uTorrent (1).exe; file:_D:\Chrome Downloads\uTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.429.0, AS: 1.339.429.0, NIS: 1.339.429.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-11 15:15:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/AskToolbar&threatid=227072&enterprise=0[/URL]
Name: PUA:Win32/AskToolbar
Severity: Low
Category: Potentially Unwanted Software
Path: file:_D:\D\dldedprograms\BitTorrent-6.1.2.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.429.0, AS: 1.339.429.0, NIS: 1.339.429.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-11 15:15:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!rfn&threatid=2147692398&enterprise=0[/URL]
Name: HackTool:Win32/Keygen!rfn
Severity: High
Category: Tool
Path: containerfile:_D:\Chrome Downloads\acad2018_x64.iso; file:_D:\Chrome Downloads\acad2018_x64.iso->Crack\xf-adsk2018_x86.7z->xf-adsk2018_x86.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.429.0, AS: 1.339.429.0, NIS: 1.339.429.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-11 15:15:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PullUpdate&threatid=226949&enterprise=0[/URL]
Name: PUA:Win32/PullUpdate
Severity: Low
Category: Potentially Unwanted Software
Path: containerfile:_D:\Chrome Downloads\tuinst.exe; file:_D:\Chrome Downloads\tuinst.exe->(nsis-3-TuneUpUpdater.exe)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.429.0, AS: 1.339.429.0, NIS: 1.339.429.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-11 15:15:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!ml&threatid=2147748160&enterprise=0[/URL]
Name: HackTool:Win32/AutoKMS!ml
Severity: High
Category: Tool
Path: containerfile:_D:\Abu Antivirus\ESET NOD32 Antivirus 6.0.308.0.rar; file:_D:\Abu Antivirus\ESET NOD32 Antivirus 6.0.308.0.rar->ESET NOD32 Antivirus 6.0.308.0\box, mara-fix 1.7\Eset fix.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.339.429.0, AS: 1.339.429.0, NIS: 1.339.429.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-06 04:16:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.647.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-05-06 04:16:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.647.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-05-06 04:16:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-05-05 22:37:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.647.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-05-05 22:37:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.647.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
CodeIntegrity:
===============
Date: 2021-05-12 01:44:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-05-12 01:43:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.10 02/28/2013
Motherboard: MSI Z77A-G45 (MS-7752)
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16328.87 MB
Available physical RAM: 12512.35 MB
Total Virtual: 18760.87 MB
Available Virtual: 12906.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.03 GB) (Free:26.35 GB) NTFS
Drive d: (Zoro) (Fixed) (Total:3725.8 GB) (Free:1695.13 GB) NTFS
\\?\Volume{e79f3935-25fa-4801-87c6-e3fad25f1c75}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{953b5567-477d-4679-8766-431f5cacad93}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: E1107084)
Partition: GPT.
==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 2D117F8C)
Partition: GPT.
==================== End of Addition.txt =======================