www.bleepingcomputer.com
Open in
urlscan Pro
104.20.59.209
Public Scan
Submitted URL: https://www.bleepingcomputer.com/forums/t/770398/need-help-creating-a-fixlist-for-farbar/#entry5341295
Effective URL: https://www.bleepingcomputer.com/forums/t/770398/need-help-creating-a-fixlist-for-farbar/
Submission: On April 05 via api from US — Scanned from DE
Effective URL: https://www.bleepingcomputer.com/forums/t/770398/need-help-creating-a-fixlist-for-farbar/
Submission: On April 05 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
POST https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&do=search&fromMainBar=1
<form action="https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&do=search&fromMainBar=1" method="post" id="search-box">
<fieldset>
<label for="main_search" class="hide">Search</label>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=search&search_in=forums" title="Advanced Search" accesskey="4" rel="search" id="adv_search" class="right">Advanced</a>
<span id="search_wrap" class="right">
<input type="text" id="main_search" name="search_term" class="" size="17" tabindex="100" placeholder="Search...">
<span class="choice ipbmenu clickable" id="search_options" style="">This topic</span>
<ul id="search_options_menucontent" class="ipbmenu_content ipsPad" style="display: none; position: absolute; z-index: 9999;">
<li class="title" style="z-index: 10000;"><strong style="z-index: 10000;">Search section:</strong></li>
<li class="special" style="z-index: 10000;">
<label for="s_topic" title="This topic" style="z-index: 10000;">
<input type="radio" name="search_app" value="forums:topic:770398" class="input_radio" id="s_topic" checked="checked" style="z-index: 10000;"><strong style="z-index: 10000;">This topic</strong>
</label>
</li>
<li class="app" style="z-index: 10000;"><label for="s_forums" title="Forums" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_forums" value="forums" style="z-index: 10000;">Forums</label></li>
<li class="app" style="z-index: 10000;"><label for="s_members" title="Members" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_members" value="members" style="z-index: 10000;">Members</label></li>
<li class="app" style="z-index: 10000;"><label for="s_core" title="Help Files" style="z-index: 10000;"><input type="radio" name="search_app" class="input_radio" id="s_core" value="core" style="z-index: 10000;">Help Files</label></li>
<li class="app" style="z-index: 10000;">
<label for="s_calendar" title="Calendar" style="z-index: 10000;">
<input type="radio" name="search_app" class="input_radio" id="s_calendar" value="calendar" style="z-index: 10000;">Calendar </label>
</li>
</ul>
<input aria-label="Search the forum" type="submit" class="submit_input clickable" value="">
</span>
</fieldset>
</form>POST https://www.bleepingcomputer.com/forums/index.php?
<form id="modform" method="post" action="https://www.bleepingcomputer.com/forums/index.php?">
<input type="hidden" name="app" value="forums">
<input type="hidden" name="module" value="moderate">
<input type="hidden" name="section" value="moderate">
<input type="hidden" name="do" value="postchoice">
<input type="hidden" name="f" value="22">
<input type="hidden" name="t" value="770398">
<input type="hidden" name="auth_key" value="880ea6a14ea49e853634fbdc5015a024">
<input type="hidden" name="st" value="">
<input type="hidden" name="page" value="">
<input type="hidden" value="" name="selectedpidsJS" id="selectedpidsJS">
<input type="hidden" name="tact" id="tact" value="">
</form>POST https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=login&do=process
<form action="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=login&do=process" method="post" id="login">
<input type="hidden" name="auth_key" value="880ea6a14ea49e853634fbdc5015a024">
<input type="hidden" name="referer" value="https://www.bleepingcomputer.com/forums/t/770398/need-help-creating-a-fixlist-for-farbar/">
<h3>Sign In</h3>
<div class="ipsBox_notice">
<ul class="ipsList_inline">
<li>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=login&serviceClick=twitter" class="ipsButton_secondary"><img src="https://www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/twitter.png" alt="Twitter"> Use Twitter</a>
</li>
</ul>
</div>
<br>
<div class="ipsForm ipsForm_horizontal">
<fieldset>
<ul>
<li class="ipsField">
<div class="ipsField_content"> Need an account? <a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=register" title="Register now!">Register now!</a>
</div>
</li>
<li class="ipsField ipsField_primary">
<label for="ips_username" class="ipsField_title">Username</label>
<div class="ipsField_content">
<input id="ips_username" type="text" class="input_text" name="ips_username" size="30" tabindex="0">
</div>
</li>
<li class="ipsField ipsField_primary">
<label for="ips_password" class="ipsField_title">Forum Password</label>
<div class="ipsField_content">
<input id="ips_password" type="password" class="input_text" name="ips_password" size="30" tabindex="0"><br>
<a href="https://www.bleepingcomputer.com/forums/index.php?app=core&module=global&section=lostpass" title="Retrieve password">I've forgotten my password</a>
</div>
</li>
<li class="ipsField ipsField_checkbox">
<input type="checkbox" id="inline_remember" checked="checked" name="rememberMe" value="1" class="input_check" tabindex="0">
<div class="ipsField_content">
<label for="inline_remember">
<strong>Remember me</strong><br>
<span class="desc lighter">This is not recommended for shared computers</span>
</label>
</div>
</li>
<li class="ipsField ipsField_checkbox">
<input type="checkbox" id="inline_invisible" name="anonymous" value="1" class="input_check" tabindex="0">
<div class="ipsField_content">
<label for="inline_invisible">
<strong>Sign in anonymously</strong><br>
<span class="desc lighter">Don't add me to the active users list</span>
</label>
</div>
</li>
<li class="ipsPad_top ipsForm_center desc ipsType_smaller">
<a rel="nofollow" href="https://www.bleepingcomputer.com/forums/privacypolicy/">Privacy Policy</a>
</li>
</ul>
</fieldset>
<div class="ipsForm_submit ipsForm_center">
<input type="submit" class="ipsButton" value="Sign In" tabindex="0">
</div>
</div>
</form>Text Content
WE VALUE YOUR PRIVACY
We and our partners store and/or access information on a device, such as cookies
and process personal data, such as unique identifiers and standard information
sent by a device for personalised ads and content, ad and content measurement,
and audience insights, as well as to develop and improve products.
With your permission we and our partners may use precise geolocation data and
identification through device scanning. You may click to consent to our and our
partners’ processing as described above. Alternatively you may access more
detailed information and change your preferences before consenting or to refuse
consenting. Please note that some processing of your personal data may not
require your consent, but you have a right to object to such processing. Your
preferences will apply to this website only. You can change your preferences at
any time by returning to this site or visit our privacy policy.
MORE OPTIONSAGREE
* Sign In
* Create Account
Search Advanced This topic
* Search section:
* This topic
* Forums
* Members
* Help Files
* Calendar
*
* View New Content
* Forum Rules
* BleepingComputer.com
* Forums
* Members
* Tutorials
* Startup List
* Virus Removal
* Downloads
* Uninstall List
* Welcome Guide
* More
1. BleepingComputer.com
2. → Security
3. → Virus, Trojan, Spyware, and Malware Removal Help
Javascript Disabled Detected
You currently have javascript disabled. Several functions may not work. Please
re-enable javascript to access full functionality.
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come
together to discuss and learn how to use their computers. Using the site is easy
and fun. As a guest, you can browse and view the various discussions in the
forums, but can not create a new topic or reply to an existing one unless you
are logged in. Other benefits of registering an account are subscribing to
topics and forums, creating a blog, and having no ads shown anywhere on the
site.
Click here to Register a free account now! or read our Welcome Guide to learn
how to use this site.
Latest News: Ukraine spots Russian-linked 'Armageddon' phishing attacks
Featured Deal: Become well-rounded in Microsoft Office with this course bundle
deal
NEED HELP CREATING A FIXLIST FOR FARBAR
Started by chronictyro , Mar 31 2022 12:55 AM
* Please log in to reply
12 replies to this topic
#1 CHRONICTYRO
chronictyro
*
* Members
* 9 posts
* OFFLINE
Posted 31 March 2022 - 12:55 AM
I've downloaded the program and run the scan. I'm not sure what the next step
is. I'll copy and paste the contents of the .txt files below:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2022
Ran by acbou (administrator) on SPECCY-JUEVOS (MicroElectronics G708)
(30-03-2022 23:51:08)
Running from C:\Users\acbou\Downloads
Loaded Profiles: acbou
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) Language:
English (United States)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file
will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program
Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program
Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program
Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH &
Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files
(x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation)
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc.
-> Advanced Micro Devices, Inc.) C:\Program
Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices
Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.)
C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft
Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Tablet\Pen\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom
Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(C:\Users\acbou\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Software AS
-> Opera Software) C:\Users\acbou\AppData\Local\Programs\Opera
GX\84.0.4316.52\opera_crashreporter.exe
(DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe
->) (Advanced Micro Devices Inc. -> AMD)
C:\Windows\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atieclxx.exe
(explorer.exe ->) (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File
Stream\55.0.3.0\crashpad_handler.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program
Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
C:\Windows\System32\spool\drivers\x64\3\E_YATISLE.EXE <2>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files
(x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files
(x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files
(x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA
Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Software AS -> Opera Software)
C:\Users\acbou\AppData\Local\Programs\Opera GX\opera.exe <24>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common
Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD)
C:\Windows\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program
Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Blue
Sherpa\sherpa_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program
Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program
Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program
Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher ->
Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation)
C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe
<2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT
CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
C:\Windows\System32\escsvc64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files
(x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common
Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program
Files\Tablet\Pen\WTabletServiceCon.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program
Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program
Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Seiko Epson Corporation) [File not signed] C:\Program Files
(x86)\EPSON Software\Event Manager\EEventManager.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944
2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event
Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File
not signed]
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Steam] => C:\Program
Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve
Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [GogGalaxy] =>
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-02-15] (GOG
Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [EADM] => C:\Program
Files (x86)\Origin\Origin.exe [3146936 2022-03-07] (Electronic Arts, Inc. ->
Electronic Arts)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Opera GX Browser
Assistant] => C:\Users\acbou\AppData\Local\Programs\Opera
GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS ->
Opera Software)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Gaijin.Net Updater]
=> C:\Users\acbou\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
[2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000000] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000001] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000002] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Windows x64\Print Processors\sst8cPC:
C:\Windows\System32\spool\prtprocs\x64\sst8cpc.dll [43520 2015-05-26] (Microsoft
Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK
provider)
HKLM\...\Windows x64\Print Processors\us015PC:
C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-27] (Microsoft
Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK
provider)
HKLM\...\Print\Monitors\EPSON ET-2750 Series 64MonitorBE:
C:\Windows\system32\E_YLMBSLE.DLL [184832 2017-07-14] (Microsoft Windows
Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll
[500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\sst8c Langmon: C:\Windows\system32\sst8clm.dll [22528
2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: us008lm.dll
HKLM\...\Print\Monitors\us015 Langmon: C:\Windows\system32\us015lm.dll [31096
2019-08-27] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components:
[{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program
Files\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-29]
(Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESETMC.lnk
[2021-08-16]
ShortcutTarget: ESETMC.lnk -> C:\Program Files\ESETMC\ESETMC.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
Task: {0C131F53-26DF-46D4-A41E-2B73F15276C9} - System32\Tasks\Mozilla\Firefox
Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla
Firefox\firefox.exe --MOZ_LOG
sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE
C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log
--backgroundtask backgroundupdate
Task: {2077050C-A4CD-436D-BCA9-4BC6C694CA8F} -
System32\Tasks\Avira_Antivirus_Systray => C:\Program Files
(x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH &
Co. KG -> Avira Operations GmbH & Co. KG)
Task: {20B6A69C-C731-491B-8100-600117FCE168} -
System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft
Shared\Office16\operfmon.exe [59232 2022-03-04] (Microsoft Corporation ->
Microsoft Corporation)
Task: {2A4A081C-8AF9-40D2-B88F-6DB62A65F7D5} -
System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program
Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-12]
(Microsoft Corporation -> Microsoft Corporation)
Task: {2EB36205-5D6F-462B-9F16-F4D0BF992B58} - System32\Tasks\FxSound\Update =>
C:\Program [Argument = Files\FxSound LLC\FxSound\updater.exe /silent]
Task: {36B79A76-FF97-4C43-995C-E18F4DAA9B8F} - System32\Tasks\NVIDIA GeForce
Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program
Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
[3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3BD0B3CD-6648-4273-858F-DC89615BF25A} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2022-03-02] (Adobe
Systems Incorporated -> Adobe Systems Incorporated)
Task: {3FA96AC8-EBD0-47E0-8E38-0B497F06DF63} - System32\Tasks\EPSON ET-2750
Series Update {644AE659-9338-489E-B817-872ACB4EED3B} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {4D6948B6-8708-408C-9098-E27F87C281DD} - System32\Tasks\StartDVR =>
C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-03-28] (Advanced
Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4E7EC21B-36E8-4360-B843-D60090536AA5} - System32\Tasks\EPSON ET-2750
Series Update {EC215EFA-8B57-4AF5-87DF-40E256C6D985} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {4FE7B193-6B10-4AEA-BC94-AE5E0643FA3C} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\2 => C:\Program Files\Adobe\Adobe Creative
Cloud\ACC\Creative Cloud.exe [781552 2022-03-02] (Adobe Inc. -> Adobe Inc.)
Task: {5172B1E5-4DEE-4152-A1C9-CA040983375B} -
System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program
Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-12]
(Microsoft Corporation -> Microsoft Corporation)
Task: {58DFEEAE-3A05-44BE-ABC6-EFD52BE86A96} -
System32\Tasks\Avira_Security_Update => C:\windows\system32\net.exe [59904
2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5E031223-D5B5-49D5-BF0E-2F8049476872} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\1 => C:\Program Files\LGHUB\lghub.exe [139935808
2022-03-22] (Logitech Inc -> Logitech, Inc.)
Task: {61CF382D-DBF1-4DDD-8DE1-7B531A08380E} -
System32\Tasks\Avira_Security_Systray => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1664960
2022-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {62B5C476-03E5-4981-A306-A5360A85CB19} - System32\Tasks\EPSON ET-2750
Series Update {12E20AF9-1E15-4778-A72F-B4258576C7E5} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {64232545-E6D6-4E51-BF15-6DDCCDA038CC} -
System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6F13FD98-A019-4A25-AA74-7187CC64C04F} -
System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-05] (Google LLC -> Google
LLC)
Task: {6F7F624B-E5BE-4E75-9144-35287EB68E57} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\3 => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp
"C:\Users\acbou\AppData\Local\Avira\Security\Delay Load for Current\FxSound.exe
- Shortcut.lnk"
Task: {6FFC17E4-B325-4679-9167-BDE6E3C17DA1} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\4 => C:\Program Files (x86)\EPSON
Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08]
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7160E23C-B144-4E0F-ACC4-8A8A1989E8B3} -
System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7E191E81-A500-492E-8B35-695DC5C9890C} - System32\Tasks\StartCN =>
C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-03-28] (Advanced Micro
Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8018F7EC-A962-4AD3-8037-BADF33DA558C} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\1 => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp
"C:\ProgramData\Avira\Security\Delay Load for ALL\FxSound.lnk"
Task: {8382B301-BB3A-4C56-B212-395C94DB381C} - System32\Tasks\Avira\System
Speedup\SecurityTestScheduler => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {83A8FA77-C6DF-4769-A530-1CB1D82A590D} -
System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {83BF2A49-F6E2-487A-972A-D7B8BD9471BF} -
System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files
(x86)\Microsoft\Edge\Application\99.0.1150.55\Installer\setup.exe [3192224
2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {872BFB90-8ACE-4981-B163-4D30EEDC05DD} - System32\Tasks\ModifyLinkUpdate
=> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {87FA17CC-72DC-4272-A580-A12DF7D2F5A9} -
System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-05] (Google LLC -> Google
LLC)
Task: {8E8B0658-6650-4D18-801D-78DF798436CD} -
System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple
Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple
Inc.)
Task: {959E2438-F3FD-42AD-B7B6-D5D1640290A5} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\4 => C:\Program Files (x86)\Toolkit\Toolkit.exe
[1596776 2022-02-23] (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
Task: {98AAA7D9-2C8D-4ACC-92B2-ED6FC6BE580A} - System32\Tasks\Mozilla\Firefox
Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla
Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {9A16C663-506F-442A-9926-60819003B31C} -
System32\Tasks\AMDRyzenMasterSDKTask => C:\Program
Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-22] (Advanced Micro
Devices, Inc.) [File not signed]
Task: {9A33768C-57F0-4739-AE53-82BADFCF2C54} -
System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
=> C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872
2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program
Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f
C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9A33C71D-5039-40A9-8170-1DAAB85F39CD} -
System32\Tasks\AviraSystemSpeedupUpdate =>
C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe
[32790416 2022-03-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {9EE10A20-D84D-45E4-A1E4-1DB089214F70} - System32\Tasks\Opera GX scheduled
Autoupdate 1633140646 => C:\Users\acbou\AppData\Local\Programs\Opera
GX\launcher.exe [2406096 2022-03-29] (Opera Software AS -> Opera Software)
Task: {A447043A-3407-4312-8019-49007C4A2658} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\6 => C:\Program Files\Adobe\Elements 2020
Organizer\Elements Auto Creations 2020.exe [3560048 2022-03-02] (Adobe Inc. ->
Adobe Systems Incorporated)
Task: {B4B6E848-451D-4C71-A6FE-FE29C564FED4} -
System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {B69A1E81-BECE-4A62-BBA5-E2439830A657} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\2 => C:\Program Files\Google\Drive File
Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google,
Inc.)
Task: {BBBF8463-67AA-4B46-B84C-D9C867638F19} - \Opera GX scheduled assistant
Autoupdate 1634675884 -> No File <==== ATTENTION
Task: {BD14DA08-336D-448C-A79C-5B05B58A0188} -
System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program
Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696
2022-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {D681F8C3-D582-40CE-98EB-2C1E6B842CF8} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Adobe\Adobe
Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
Task: {DB1CD4C8-87EE-4087-8706-6D25B95DDE4F} -
System32\Tasks\BlueStacksHelper_nxt => C:\Program
Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-03-16] (Bluestack
Systems, Inc -> BlueStack Systems, Inc.)
Task: {DF70C2E3-EB3C-4DF9-AD75-5AF485D63BDC} -
System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program
Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696
2022-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6C7AF09-9168-4A83-BA44-5E6CA23017E4} - System32\Tasks\AMDInstallLauncher
=> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {EF7BF987-589D-4A36-AF18-E536BE1AE855} -
System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {FB58BE88-4485-44B9-AC9E-D68A2EC00DE7} -
System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FC07EC3A-CA62-45D9-A69D-C1C62E336984} -
System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {FD0CE48A-49B2-4827-A992-C0AF9FA6C28C} - System32\Tasks\AMDLinkUpdate =>
C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FD5F1AEE-5FD1-4F1B-B203-EFE32417B81E} -
System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
C:\windows\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{12E20AF9-1E15-4778-A72F-B4258576C7E5}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{12E20AF9-1E15-4778-A72F-B4258576C7E5}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{644AE659-9338-489E-B817-872ACB4EED3B}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{644AE659-9338-489E-B817-872ACB4EED3B}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{EC215EFA-8B57-4AF5-87DF-40E256C6D985}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{EC215EFA-8B57-4AF5-87DF-40E256C6D985}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be
removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2c115bd5-8bb7-4e99-843e-d0a36ac35840}: [DhcpNameServer]
192.168.86.1
Tcpip\..\Interfaces\{84947340-df33-430b-8115-4653929cdb32}: [DhcpNameServer]
192.168.86.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\acbou\AppData\Local\Microsoft\Edge\User Data\Default
[2022-03-30]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: q3vihob9.default
FF ProfilePath:
C:\Users\acbou\AppData\Roaming\Mozilla\Firefox\Profiles\q3vihob9.default
[2022-03-02]
FF ProfilePath:
C:\Users\acbou\AppData\Roaming\Mozilla\Firefox\Profiles\f1cxyzxa.default-release
[2022-03-21]
FF Session Restore: Mozilla\Firefox\Profiles\f1cxyzxa.default-release -> is
enabled.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files
(x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web
Print\Firefox Add-on [2022-03-09] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation ->
Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program
Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program
Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe
Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-03-02] (Adobe Inc. -> Adobe
Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program
Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files
(x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe
Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-03-02] (Adobe Inc. -> Adobe
Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files
(x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF ExtraCheck: C:\Program Files\mozilla
firefox\defaults\pref\eset_security_config_overlay.js [2022-03-21]
Chrome:
=======
CHR Profile: C:\Users\acbou\AppData\Local\Google\Chrome\User Data\Default
[2022-03-20]
CHR Extension: (Slides) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-05]
CHR Extension: (Safe Torrent Scanner) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-02-22]
CHR Extension: (Docs) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-05]
CHR Extension: (Google Drive) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-05]
CHR Extension: (YouTube) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-05]
CHR Extension: (Sheets) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-05]
CHR Extension: (Google Docs Offline) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-22]
CHR Extension: (AdBlock — best ad blocker) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26]
CHR Extension: (Zoom) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-01-05]
CHR Extension: (Kindle Cloud Reader) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2022-01-05]
CHR Extension: (Chrome Remote Desktop) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-01-05]
CHR Extension: (Google Keep Chrome Extension) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-02-23]
CHR Extension: (Ghostery – Privacy Ad Blocker) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-02-27]
CHR Extension: (Chrome Web Store Payments) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-05]
CHR Extension: (vidIQ Vision for YouTube) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2022-02-27]
CHR Extension: (Mass Effect 3 1920x1080) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pbajkfcoapbkccklekmjkhikfdcciojo [2022-01-05]
CHR Extension: (Gmail) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-05]
CHR
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension:
[lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1828491354-875682740-3383768496-1001) Opera
GXStable - "C:\Users\acbou\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop
Common\ElevationManager\AdobeUpdateService.exe [844528 2022-03-02] (Adobe Inc.
-> Adobe Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
[1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AntivirProtectedService; C:\Program Files
(x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe
[485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048
2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832
2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile
Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. ->
Apple Inc.)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer
Host\Avira.OptimizerHost.exe [3000232 2022-02-18] (Avira Operations GmbH & Co.
KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
[386864 2022-03-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AviraSecurity; C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.exe [265096 2022-03-18] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [264288 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
[8901968 2021-10-19] (BattlEye Innovations e.K. -> )
R2 CAMService; C:\Program Files\NZXT
CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe
[524480 2022-02-08] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft
Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520
2022-03-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files
(x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595944 2021-10-28] (EasyAntiCheat
Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online
Services\service\EpicOnlineServicesHost.exe [16029472 2021-11-24] (Epic Games
Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [8344720
2022-01-27] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG
Galaxy\GalaxyClientService.exe [1959776 2022-02-15] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication;
C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832
2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11099200
2022-03-22] (Logitech Inc -> Logitech, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe
[2563288 2022-03-07] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files
(x86)\Origin\OriginWebHelperService.exe [3481824 2022-03-07] (Electronic Arts,
Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat
Protection\MsSense.exe [6254864 2022-03-30] (Microsoft Windows Publisher ->
Microsoft Corporation)
R2 sherpa_service; C:\Program Files\Blue Sherpa\sherpa_service.exe [351136
2021-07-29] (Logitech Inc -> Logitech, Inc.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [337112
2021-10-16] (Twitch Interactive, Inc. -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common
Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-29] (Wellbia.com
Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows
Defender\platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-03-02] (Microsoft
Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows
Defender\platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-03-02] (Microsoft
Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-29]
(PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem;
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe
-s NVDisplay.ContainerLocalSystem -f
%ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\plugins\LocalSystem
-r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 VMAuthdService; "C:\Program Files (x86)\VMware\VMware
Player\vmware-authd.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
R3 ALSysIO; C:\Users\acbou\AppData\Local\Temp\ALSysIO64.sys [47240 2022-03-30]
(ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33728 2021-12-13]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\windows\system32\AMDRyzenMasterDriver.sys [43336
2022-03-17] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD;
C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys
[109520 2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 amdwddmg;
C:\WINDOWS\System32\DriverStore\FileRepository\u0377867.inf_amd64_755c7326c73377da\B377789\amdkmdag.sys
[90150488 2022-03-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices,
Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced
Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032
2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AsrDrv103; C:\windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2021-10-01]
(ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft
Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728
2022-03-16] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power
Technology -> Windows ® Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power
Technology -> Windows ® Win 7 DDK provider)
R1 ElRawDisk; C:\windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS
Corporation -> EldoS Corporation)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft
Windows Hardware Compatibility Publisher -> )
S3 EQU8_HELPER_36; C:\windows\system32\DRIVERS\EQU8_HELPER_36.sys [38032
2022-01-22] (Int3 Software AB -> )
R3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [324072 2021-09-29] (Microsoft
Windows Hardware Compatibility Publisher -> FxSound LLC)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456
2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys
[44488 2021-12-25] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [33528
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [21704
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [62904
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
S3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [17424
2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS
Technology Co., LTd)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552
2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA
Corporation)
R3 SteamStreamingMicrophone;
C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01]
(Valve Corp. -> )
R3 SteamStreamingSpeakers;
C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve
Corp. -> )
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05]
(Valve Corp. -> Valve Corporation)
R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft
Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-01-12]
(VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware,
Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-03-02]
(Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-03-02]
(Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-02]
(Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\windows\xhunter1.sys [2522256 2022-01-29] (Wellbia.com Co., Ltd.
-> Wellbia.com Co., Ltd.)
S3 cpuz152; \??\C:\Users\acbou\AppData\Local\Temp\cpuz152\cpuz152_x64.sys [X]
<==== ATTENTION
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2022
Ran by acbou (30-03-2022 23:51:49)
Running from C:\Users\acbou\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) (2022-03-29 01:10:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
acbou (S-1-5-21-1828491354-875682740-3383768496-1001 - Administrator - Enabled)
=> C:\Users\acbou
Administrator (S-1-5-21-1828491354-875682740-3383768496-500 - Administrator -
Disabled)
DefaultAccount (S-1-5-21-1828491354-875682740-3383768496-503 - Limited -
Disabled)
Guest (S-1-5-21-1828491354-875682740-3383768496-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1828491354-875682740-3383768496-504 - Limited -
Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Avira Antivirus (Enabled - Up to date)
{8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date)
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 -
Adobe Inc.)
Adobe Premiere Elements 2020 (HKLM-x32\...\PRE_18_2) (Version: 18.0 - Adobe
Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_3) (Version: 2.3 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506
- Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.3.2 - Advanced
Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2})
(Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E})
(Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44})
(Version: 2.6.3.1 - Apple Inc.)
ASRRGBLED v1.0.85 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.85 - ASRock
Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: -
Ubisoft)
AutoHotkey 1.1.33.10 (HKLM\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira
Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.40.2.32087 -
Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.63.27634 - Avira
Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira
Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version:
6.17.0.11380 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1)
(Version: 1.82.0 - Bethesda Softworks)
Blue Sherpa (HKLM-x32\...\Blue Sherpa) (Version: - Blue Microphones)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.6.100.1026 - BlueStack
Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\BlueStacks
X) (Version: 0.14.3.5 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 -
Apple Inc.)
Brackets (HKLM-x32\...\{4F3B6E8C-401B-4EDE-A423-6481C239D6FF}) (Version: 2.0.1 -
brackets.io) Hidden
Brackets (HKLM-x32\...\Brackets 2.0.1) (Version: 2.0.1 - brackets.io)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009
- Advanced Micro Devices, Inc.) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version:
1.17.1 - ALCPU)
CPUID CPU-Z 2.00 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.00 - CPUID, Inc.)
CPUID HWMonitor Pro 1.46 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.46 -
CPUID, Inc.)
Creation Kit: Fallout 4 (HKLM-x32\...\Creation Kit: Fallout 4) (Version: -
Bethesda Softworks)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.52 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Discord)
(Version: 1.0.9003 - Discord Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3})
(Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version:
1.04.8524.0 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version:
1.0.2.1 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{5ca4886b-7bc8-477c-8576-901b1e8f0586}) (Version:
1.0.2.1 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version:
1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version:
1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version:
1.00.00 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{b00e47a4-d642-402c-a060-8d959a0537db}) (Version:
1.00.00 - ENE TECHNOLOGY INC.) Hidden
Enlisted Launcher 1.0.3.80
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1)
(Version: - Gaijin Network)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E})
(Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8})
(Version: 2.0.28.0 - Epic Games, Inc.)
EPSON ET-2750 Series Printer Uninstall (HKLM\...\EPSON ET-2750 Series)
(Version: - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570})
(Version: 3.11.0053 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D})
(Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker
(HKLM-x32\...\{C4D8E138-C67B-41D5-B493-F54BB72B43E0}) (Version: 3.3.0.0 - Seiko
Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson ScanSmart (HKLM-x32\...\{D310BDCC-D4B4-4DC1-B9DF-D1D7367CAC4F}) (Version:
3.6.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639})
(Version: 4.6.3 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version:
3.1.4.0 - SEIKO EPSON Corporation)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
FxSound (HKLM\...\{2A810962-B8B5-4838-8D65-246E0B25ED8E}) (Version: 1.1.15.0 -
FxSound LLC) Hidden
FxSound (HKLM\...\FxSound 1.1.15.0) (Version: 1.1.15.0 - FxSound LLC)
Ghost Recon Breakpoint (HKLM-x32\...\Uplay Install 11903) (Version: - Ubisoft)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:
- GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version:
55.0.3.0 - Google LLC)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.1- - Inkscape)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000040-0220-1033-84C8-B8D95FA3C8C3})
(Version: 22.40.0.2 - Intel Corporation)
iTunes (HKLM\...\{781FFA26-A8FF-47B7-9BFB-5F4FB3A72315}) (Version: 12.12.3.5 -
Apple Inc.)
Kotor Tool (HKLM-x32\...\Kotor Tool) (Version: - )
Launcher Prerequisites (x64)
(HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic
Games, Inc.) Hidden
Local 6.3.1
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\db9b6d64-7ad2-556e-893c-24e21cb471e1)
(Version: 6.3.1 - WPEngine, Inc.)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:
2022.3.242300 - Logitech)
LOOT version 0.17.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1)
(Version: 0.17.0 - LOOT Team)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version:
16.0.14931.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.55 - Microsoft
Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version:
99.0.1150.55 - Microsoft Corporation)
Microsoft OneDrive
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\OneDriveSetup.exe)
(Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9})
(Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable
(HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 -
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable
(HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
(HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
(HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
(HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
(HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
(HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
(HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
(HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
(HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 -
Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
(HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 -
Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
(HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
(HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664
(HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
(HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664
(HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 -
Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139
(HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 -
Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704
(HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 -
Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh
(HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 -
Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 98.0.1 (x64 en-US))
(Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version:
98.0.1 - Mozilla)
NVIDIA FrameView SDK 1.2.7321.30900954
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version:
1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version:
3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.15
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version:
512.15 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version:
1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version:
9.21.0713 - NVIDIA Corporation)
NZXT CAM 4.33.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.33.2
- NZXT, Inc.)
Office 16 Click-to-Run Extensibility Component
(HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 -
Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component
(HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 -
Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component
(HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 -
Microsoft Corporation) Hidden
Opera GX Stable 84.0.4316.52
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Opera GX 84.0.4316.52)
(Version: 84.0.4316.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
(Version: 6.0.9079.1 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version:
2.0.9.3 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{27555A81-EED9-4B96-8721-900AE920D662}) (Version:
1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung C410 Series (HKLM-x32\...\Samsung C410 Series) (Version: 1.15
(6/12/2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version:
1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:
1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 1.5.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version:
1.5.2 - General Workings, Inc.)
The Legend of Pirates Online
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\The Legend of Pirates
Online) (Version: 1.4.1 - The TLOPO Team)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version:
1.85.203.1030 - Electronic Arts Inc.)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version:
- Ubisoft)
Tom Clancys Rainbow Six Extraction (HKLM-x32\...\Uplay Install 5271) (Version:
- Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: -
Ubisoft Montreal)
Toolkit (HKLM-x32\...\Toolkit) (Version: 1.30.0.23 - Seagate)
Twitch Chat Overlay version 0.9.1
(HKLM-x32\...\{8849A0F2-CED5-4007-ACA9-A4AF88B6D126}_is1) (Version: 0.9.1 -
baffler)
Twitch Studio
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0})
(Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51})
(Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339})
(Version: 1.0.14.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.7 - Black
Tree Gaming Ltd.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version: - Ubisoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet
Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer
and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WeMod (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\WeMod) (Version:
8.0.10 - WeMod)
WicReset version 5.60.0.0
(HKLM-x32\...\{20379D3A-321B-4830-96A6-37183B713AE8}_is1) (Version: 5.60.0.0 -
WWW.WIC.SUPPORT)
Windows 7 USB/DVD Download Tool
(HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 -
Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91})
(Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\ZoomUMX) (Version:
5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program
Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc
[2022-03-02] (Adobe Systems Incorporated)
Aliens: Fireteam Elite -> C:\Program
Files\WindowsApps\ColdIronStudiosLLC.AliensFireteam_1.0.55.0_x64__r52mqvf2yh3da
[2022-03-25] (Cold Iron Studios LLC)
Amazon Prime Video for Windows -> C:\Program
Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.93.0_x64__pwbj9vvecjh7j
[2022-03-18] (Amazon Development Centre (London) Ltd)
AMD Link -> C:\Program
Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.21.50009.0_x64__0a9344xs7nr4m
[2022-03-28] (Advanced Micro Devices Inc.)
Audiobooks from Audible -> C:\Program
Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2
[2022-01-27] (Audible Inc)
Cinebench -> C:\Program
Files\WindowsApps\MAXONComputerGmbH.Cinebench_23.2.0.0_x64__rsne5bsk8s7tj
[2021-10-23] (MAXON Computer GmbH)
Disney+ -> C:\Program
Files\WindowsApps\Disney.37853FC22B2CE_1.25.5.0_x64__6rarf9sa4v8jt [2022-03-22]
(Disney)
Fallout 76 -> C:\Program
Files\WindowsApps\Mutable\BethesdaSoftworks.Fallout76-PC_1.0.47.0_x64__3275kfvn8vcwc
[2022-03-01] (Bethesda Softworks)
FlowPad -> C:\Program
Files\WindowsApps\2505FireCubeStudios.FlowPad_5.2.18.0_x64__k45w5yt88e21j
[2022-03-06] (FireCubeStudios)
Halo: The Master Chief Collection -> C:\Program
Files\WindowsApps\Mutable\Microsoft.Chelan_1.2645.0.0_x64__8wekyb3d8bbwe
[2022-01-08] (Microsoft Studios)
Hulu -> C:\Program
Files\WindowsApps\HULULLC.HULUPLUS_3.7.0.0_neutral__fphbd361v8tya [2022-03-30]
(Hulu.)
Instagram -> C:\Program
Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt
[2022-02-28] (Instagram)
Messenger -> C:\Program
Files\WindowsApps\FACEBOOK.317180B0BB486_1420.6.106.0_x64__8xx8rvfyw5nnt
[2022-03-02] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program
Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
[2022-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program
Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
[2022-03-28] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program
Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-12]
(Netflix, Inc.)
Newsflow -> C:\Program
Files\WindowsApps\6958MaxN.Newsflow_2.1.12.1000_x64__5jrsa023thkzc [2022-02-01]
(MaxN)
NVIDIA Control Panel -> C:\Program
Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj
[2022-03-28] (NVIDIA Corp.)
Paramount+ -> C:\Program
Files\WindowsApps\2BDFC20A.CBS_1.0.1.0_neutral__bd059sf7kn2rm [2022-01-11] (CBS
Interactive Inc.)
Photos Add-on -> C:\Program
Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe
[2022-01-19] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program
Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe
[2021-10-27] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program
Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g
[2021-10-20] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0
[2022-03-22] (Spotify AB) [Startup Task]
Subnautica -> C:\Program
Files\WindowsApps\UnknownWorldsEntertainmen.GAMEPREVIEWSubnautica_1.0.7.0_x64__bh1f6rvenfkm2
[2022-01-08] (Unknown Worlds Entertainment)
TikTok -> C:\Program
Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se
[2022-03-02] (Bytedance Pte. Ltd.)
Twitter -> C:\Program
Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2022-03-28]
(Twitter Inc.)
WhatsApp Desktop -> C:\Program
Files\WindowsApps\5319275A.WhatsAppDesktop_2.2208.15.0_x64__cv1g1gvanyjgm
[2022-03-25] (WhatsApp Inc.)
XboxInsiderHub -> C:\Program
Files\WindowsApps\Microsoft.XboxInsider_1.2203.11001.0_x64__8wekyb3d8bbwe
[2022-03-25] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32
-> C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations
2020.exe (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DA4B190409FF}
-> [Creative Cloud Files] => C:\Users\acbou\Creative Cloud Files [2022-03-02
17:33]
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32
-> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe
Inc. -> Adobe Inc.)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32
-> C:\Program Files (x86)\Adobe\Adobe Creative
Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] ->
{A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [
GoogleDriveMirrorBlacklistedOverlayIconHandler] ->
{51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] ->
{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] ->
{C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] ->
{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] ->
{853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] ->
{42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
[2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] ->
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files
(x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG
-> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] ->
{14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
=> C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers2: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
ContextMenuHandlers2-x32: [VMDiskMenuHandler] ->
{271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware
Player\vmdkShellExt.dll -> No File
ContextMenuHandlers2: [VMDiskMenuHandler64] ->
{E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware
Player\x64\vmdkShellExt64.dll -> No File
ContextMenuHandlers4: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] ->
{700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>
C:\WINDOWS\System32\atiacm64.dll [2022-03-28] (Advanced Micro Devices Inc. ->
Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] ->
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} =>
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\nvshext.dll
[2022-03-17] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] ->
{0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
[2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers6: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] ->
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files
(x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG
-> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
=> C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752
2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752
2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\acbou\Desktop\Google Drive.lnk -> C:\Program
Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program
Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->
--profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
==================== Loaded Modules (Whitelisted) =============
2021-10-10 13:30 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] [File
is in use] C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2022-03-23 17:55 - 2022-03-22 16:39 - 000151040 _____ () [File not signed]
\\?\C:\Program
Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-10-01 21:09 - 2022-01-27 16:05 - 126964224 _____ () [File not signed]
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-01 21:09 - 2021-11-17 05:38 - 000384000 _____ () [File not signed]
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-01 21:09 - 2021-11-17 05:38 - 008006656 _____ () [File not signed]
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000017920 _____ () [File not signed]
C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003567616 _____ () [File not signed]
C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-03-22 13:39 - 2022-03-22 13:39 - 000683520 _____ (Advanced Micro Devices)
[File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-03-22 13:39 - 2022-03-22 13:39 - 000065024 _____ (Advanced Micro Devices)
[File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-10-10 13:30 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed]
[File is in use] C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2021-10-10 13:30 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed]
C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation)
[File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2021-10-10 13:30 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not
signed] [File is in use] C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2021-10-10 13:30 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not
signed] [File is in use] C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\Logger.dll
2021-10-10 13:30 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not
signed] [File is in use] C:\Program Files\Core
Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2020-02-07 18:20 - 2020-02-07 18:20 - 000132096 _____ (Seiko Epson Corporation)
[File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2018-03-05 17:41 - 2018-03-05 17:41 - 000057856 _____ (Seiko Epson Corporation)
[File not signed] C:\Program Files (x86)\EPSON Software\Event
Manager\EPNWPSHDevFinder.DLL
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION)
[File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION)
[File not signed] C:\WINDOWS\System32\enppmon.dll
2021-10-01 21:09 - 2022-01-27 16:05 - 000983552 _____ (The Chromium Authors)
[File not signed] C:\Program Files
(x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000057856 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031744 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000039424 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000031232 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000415232 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000025088 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000023552 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000532992 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001455104 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001227776 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000135680 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006270976 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006947328 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000740352 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000123392 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001110528 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000326656 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003798528 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000440832 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000054784 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 004255744 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000171520 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001128448 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000206336 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000334336 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000133120 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000396800 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 102854656 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 005611008 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000463360 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000210432 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 002877440 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000056832 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000059392 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000267776 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017408 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000017920 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000290816 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000336896 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000134144 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000106496 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000325120 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000045568 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 000093184 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6212]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Software\Microsoft\Internet
Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Software\Microsoft\Internet
Explorer\Main,Secondary Start Pages = www.microcentertech.com
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 -> DefaultScope
{94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 ->
{94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program
Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON
CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft
Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
[2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -
C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27]
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -
C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04]
(Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -
C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -
C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 03:14 - 2022-03-27 16:40 - 000001040 _____
C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 tlcdenver.local #Local Site
127.0.0.1 www.tlcdenver.local #Local Site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path ->
C:\Program Files (x86)\VMware\VMware
Player\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program
Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA
Corporation\NVIDIA
NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Control
Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.86.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled:
)
Windows Firewall is enabled.
Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge
(disabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge
(disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Wi-Fi 2: VMware Bridge Protocol -> vmware_bridge (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "ESETMC.lnk"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"GalaxyClient"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"EpicGamesLauncher"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"GogGalaxy"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"OneDrive"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"EADM"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Steam"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Bethesda.net"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Opera GX Browser Assistant"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D9647C48-5787-4943-91CA-D8A3696F50EE}C:\program
files (x86)\epson software\event manager\eeventmanager.exe] => (Allow)
C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko
Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{E2EDDD02-AEF4-49D5-9EE1-4C759F4E45D6}C:\program
files (x86)\epson software\event manager\eeventmanager.exe] => (Allow)
C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko
Epson Corporation) [File not signed]
==================== Restore Points =========================
28-03-2022 21:58:48 Windows Update
30-03-2022 17:57:40 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: AMD Radeon™ Graphics
Description: AMD Radeon™ Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdwddmg
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device".
This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/30/2022 11:29:24 PM) (Source: Microsoft-Windows-Defrag) (EventID:
264) (User: )
Description: The storage optimizer couldn't complete retrim on
\\?\Volume{f9d41cbe-ddbd-ce38-2c4a-09133a04a90c}\ because: The operation
requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (03/30/2022 11:29:23 PM) (Source: Microsoft-Windows-Defrag) (EventID:
264) (User: )
Description: The storage optimizer couldn't complete retrim on
\\?\Volume{cf02573b-0693-7de9-e359-a3275eedf517}\ because: The operation
requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (03/30/2022 11:29:23 PM) (Source: Microsoft-Windows-Defrag) (EventID:
264) (User: )
Description: The storage optimizer couldn't complete retrim on 8TB Desktop Drive
(E:) because: The operation requested is not supported by the hardware backing
the volume. (0x8900002A)
Error: (03/30/2022 11:08:02 PM) (Source: Application Hang) (EventID: 1002)
(User: )
Description: The program GH.exe version 2019.3.9.59200 stopped interacting with
Windows and was closed. To see if more information about the problem is
available, check the problem history in the Security and Maintenance control
panel.
Process ID: 5d8
Start Time: 01d844bd0900d1c4
Termination Time: 4294967295
Application Path: E:\SteamLibrary\steamapps\common\Green Hell\GH.exe
Report Id: 65c46ca9-c753-48b4-8a7d-d72972410f78
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (03/30/2022 09:07:59 PM) (Source: Microsoft-Windows-Perflib) (EventID:
1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL
"C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (03/30/2022 09:07:15 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID
{4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started.
[0x8007045b, A system shutdown is in progress.
]
Error: (03/30/2022 05:57:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine
QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is
not functioning.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (03/30/2022 05:56:05 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Faulting application name: AC4BFSP.exe, version: 0.0.0.0, time
stamp: 0x5a8ee55e
Faulting module name: CELib_x86.dll, version: 6.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x0000c482
Faulting process id: 0x4208
Faulting application start time: 0x01d8448734b94421
Faulting application path: E:\SteamLibrary\steamapps\common\Assassin's Creed IV
Black Flag\AC4BFSP.exe
Faulting module path:
C:\Users\acbou\AppData\Local\WeMod\app-8.0.10\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x86.dll
Report Id: 648b7fc0-91bc-405c-bafc-41f33ef9dfd7
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (03/30/2022 11:09:59 PM) (Source: Service Control Manager) (EventID:
7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly. It
has done this 1 time(s).
Error: (03/30/2022 11:09:50 PM) (Source: Service Control Manager) (EventID:
7034) (User: )
Description: The VMware DHCP Service service terminated unexpectedly. It has
done this 1 time(s).
Error: (03/30/2022 11:09:48 PM) (Source: Service Control Manager) (EventID:
7031) (User: )
Description: The VMware NAT Service service terminated unexpectedly. It has
done this 2 time(s). The following corrective action will be taken in 1000
milliseconds: Restart the service.
Error: (03/30/2022 11:09:47 PM) (Source: Service Control Manager) (EventID:
7031) (User: )
Description: The VMware USB Arbitration Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 10000 milliseconds: Restart the service.
Error: (03/30/2022 11:09:46 PM) (Source: Service Control Manager) (EventID:
7031) (User: )
Description: The VMware NAT Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 1000
milliseconds: Restart the service.
Error: (03/30/2022 11:09:44 PM) (Source: Service Control Manager) (EventID:
7034) (User: )
Description: The VMware Authorization Service service terminated unexpectedly.
It has done this 1 time(s).
Error: (03/30/2022 11:05:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:58:20 PM on 3/30/2022 was
unexpected.
Error: (03/30/2022 10:58:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:40:22 PM on 3/30/2022 was
unexpected.
CodeIntegrity:
===============
Date: 2022-03-30 22:03:46
Description:
Code Integrity determined that a process
(\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe)
attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File
Stream\55.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing
level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P4.20B 08/24/2021
Motherboard: ASRock X570 Pro4
Processor: AMD Ryzen 7 5700G with Radeon Graphics
Percentage of memory in use: 25%
Total physical RAM: 32129.9 MB
Available physical RAM: 24032.71 MB
Total Virtual: 36993.9 MB
Available Virtual: 25790.34 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.2 GB) (Free:621.61 GB) NTFS
Drive e: (8TB Desktop Drive) (Fixed) (Total:7451.91 GB) (Free:4793.89 GB) NTFS
\\?\Volume{779627b8-97f5-496b-aa2d-18ebd6a00d0a}\ () (Fixed) (Total:0.55 GB)
(Free:0.08 GB) NTFS
\\?\Volume{67ce21bd-ea39-40ec-a7c3-648d619f9950}\ (Windows RE tools) (Fixed)
(Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{cf02573b-0693-7de9-e359-a3275eedf517}\ () (Fixed) (Total:86.04 GB)
(Free:0 GB) NTFS
\\?\Volume{f9d41cbe-ddbd-ce38-2c4a-09133a04a90c}\ () (Fixed) (Total:132.35 GB)
(Free:0 GB) NTFS
\\?\Volume{b4393a9c-834c-d101-9a5e-3964c1378851}\ () (Fixed) (Total:7.81 GB)
(Free:0 GB) NTFS
\\?\Volume{0d037e5b-4da2-74c0-2a47-9fe073757179}\ () (Fixed) (Total:18.05 GB)
(Free:0 GB) NTFS
\\?\Volume{cb8f2677-b5b3-4dea-9fc4-64301303fc14}\ (SYSTEM) (Fixed) (Total:0.25
GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C3EC0F00)
Partition: GPT.
==========================================================
Disk: 1 (Size: 7452 GB) (Disk ID: 233478D3)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==================== End of Addition.txt =======================
ATTACHED FILES
* Addition.txt 52.62KB 0 downloads
* FRST.txt 96.99KB 0 downloads
* Back to top
--------------------------------------------------------------------------------
BC ADBOT (LOGIN TO REMOVE)
*
* BleepingComputer.com
*
* Register to remove ads
PLAY Top Articles Video Settings Full Screen About Connatix V157504 Read More
Read More Read More Read More Read More Read More WhatsApp voice message
phishing emails pushinfo‑stealing malware 1/1 Skip Ad Continue watching after
the ad Visit Advertiser websiteGO TO PAGE
--------------------------------------------------------------------------------
#2 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted 31 March 2022 - 08:31 AM
Greetings chronictyro and to BleepingComputer's Virus/Trojan/Spyware/Malware
Removal forum.
My name is Oh My! and I am here to help you! Now that we are "friends" please
call me Gary.
If you would allow me to call you by your first name I would prefer to do that.
===================================================
Ground Rules:
* First, please keep in mind most of us at BleepingComputer volunteer our
assistance for your benefit in your time of need. Please try to match our
commitment to you with your patience toward us.
* It is important to not run any tools or take any steps other than those I
will provide for you.
* Please perform all steps in the order they are listed. If things are not
clear or you experience problems be sure to stop and let me know.
* Please copy and paste all logs into your post unless otherwise requested.
* When your computer is clean I will let you know, provide instructions to
remove tools and reports, and offer you information about how you can combat
future infections.
* If you do not reply to your topic after 5 days I will assume it has been
abandoned and I will close it.
===================================================
Now that I am assisting you, you can expect that I will be very responsive to
your situation. If you are able, I would request you check this thread at least
once per day so that we can try to resolve your issues effectively and
efficiently. If you are going to be delayed please be considerate and let me
know.
Is there a reason you ran a FRST scan? Are you experiencing any issues?
Edited by Oh My!, 31 March 2022 - 08:31 AM.
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
#3 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted 01 April 2022 - 03:08 PM
Oh My!, on 31 Mar 2022 - 1:31 PM, said:
> Greetings chronictyro and to BleepingComputer's Virus/Trojan/Spyware/Malware
> Removal forum.
>
> My name is Oh My! and I am here to help you! Now that we are "friends" please
> call me Gary.
>
> If you would allow me to call you by your first name I would prefer to do
> that.
>
> ===================================================
>
> Ground Rules:
>
> * First, please keep in mind most of us at BleepingComputer volunteer our
> assistance for your benefit in your time of need. Please try to match our
> commitment to you with your patience toward us.
> * It is important to not run any tools or take any steps other than those I
> will provide for you.
> * Please perform all steps in the order they are listed. If things are not
> clear or you experience problems be sure to stop and let me know.
> * Please copy and paste all logs into your post unless otherwise requested.
> * When your computer is clean I will let you know, provide instructions to
> remove tools and reports, and offer you information about how you can
> combat future infections.
> * If you do not reply to your topic after 5 days I will assume it has been
> abandoned and I will close it.
>
> ===================================================
>
> Now that I am assisting you, you can expect that I will be very responsive to
> your situation. If you are able, I would request you check this thread at
> least once per day so that we can try to resolve your issues effectively and
> efficiently. If you are going to be delayed please be considerate and let me
> know.
>
> Is there a reason you ran a FRST scan? Are you experiencing any issues?
>
>
Yes, I am. My avira found a trojan and I removed that but I am still
experiencing issues with gameplay, though my computer should be running them
fine. In fact, it was running games fine and suddenly started struggling. I
thought maybe it was a virus, as I have tried many other solutions to no avail.
I also want to know why my firewall keeps turning off and it looks like that may
be because ESET is still hanging around even after I've uninstalled it.
edit: you can call me Anna
Edited by chronictyro, 01 April 2022 - 03:08 PM.
* Back to top
--------------------------------------------------------------------------------
#4 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted 01 April 2022 - 07:59 PM
Thank you for the additional information Anna.
Please do these things.
===================================================
Download and run ESET AV Remover Tool.
===================================================
Farbar Recovery Scan Tool Fix
--------------------
* Right click on the FRST icon and select Run as administrator
* Highlight the below information then hit the Ctrl + C keys at the same time
and the text will be copied
* There is no need to paste the information anywhere, FRST will do it for you
Start::
CreateRestorePoint:
CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESETMC.lnk [2021-08-16]
C:\Program Files\ESETMC
Task: {BBBF8463-67AA-4B46-B84C-D9C867638F19} - \Opera GX scheduled assistant Autoupdate 1634675884 -> No File <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-03-21]
S2 VMAuthdService; "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" [X]
S3 cpuz152; \??\C:\Users\acbou\AppData\Local\Temp\cpuz152\cpuz152_x64.sys [X] <==== ATTENTION
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll -> No File
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 -> DefaultScope {94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 -> {94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
HKLM\...\StartupApproved\StartupFolder: => "ESETMC.lnk"
End::
* Click Fix
* When completed the tool will create a log on the desktop called Fixlog.txt.
Please copy and paste the contents of the file in your reply.
===================================================
Things I would like to see in your next reply. Please be sure to copy and paste
any requested log information unless you are asked to attach it.
* ESET removed?
* Fixlog
* Update on computer performance
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
#5 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted 01 April 2022 - 11:31 PM
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2022
Ran by acbou (01-04-2022 22:22:01) Run:1
Running from C:\Users\acbou\Downloads
Loaded Profiles: acbou
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESETMC.lnk
[2021-08-16]
C:\Program Files\ESETMC
Task: {BBBF8463-67AA-4B46-B84C-D9C867638F19} - \Opera GX scheduled assistant
Autoupdate 1634675884 -> No File <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla
firefox\defaults\pref\eset_security_config_overlay.js [2022-03-21]
S2 VMAuthdService; "C:\Program Files (x86)\VMware\VMware
Player\vmware-authd.exe" [X]
S3 cpuz152; \??\C:\Users\acbou\AppData\Local\Temp\cpuz152\cpuz152_x64.sys [X]
<==== ATTENTION
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
ContextMenuHandlers1: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
ContextMenuHandlers2-x32: [VMDiskMenuHandler] ->
{271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware
Player\vmdkShellExt.dll -> No File
ContextMenuHandlers2: [VMDiskMenuHandler64] ->
{E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware
Player\x64\vmdkShellExt64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] ->
{B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET
Security\shellExt.dll -> No File
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 -> DefaultScope
{94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
SearchScopes: HKU\S-1-5-21-1828491354-875682740-3383768496-1001 ->
{94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} URL =
HKLM\...\StartupApproved\StartupFolder: => "ESETMC.lnk"
*****************
Restore point was successfully created.
Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESETMC.lnk => moved
successfully
"C:\Program Files\ESETMC" => not found
"HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Schedule\TaskCache\Logon\{BBBF8463-67AA-4B46-B84C-D9C867638F19}"
=> removed successfully
"HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBBF8463-67AA-4B46-B84C-D9C867638F19}"
=> removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera
GX scheduled assistant Autoupdate 1634675884" => not found
C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js
=> moved successfully
HKLM\System\CurrentControlSet\Services\VMAuthdService => removed successfully
VMAuthdService => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz152 => removed successfully
cpuz152 => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz153 => removed successfully
cpuz153 => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ESET Security Shell =>
removed successfully
HKLM\Software\Classes\CLSID\{B089FE88-FB52-11D3-BDF1-0050DA34150D} => removed
successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ESET Security Shell =>
removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\VMDiskMenuHandler =>
removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{271DC252-6FE1-4D59-9053-E4CF50AB99DE}
=> removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\VMDiskMenuHandler64 =>
removed successfully
HKLM\Software\Classes\CLSID\{E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => removed
successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ESET Security Shell =>
removed successfully
"HKU\S-1-5-21-1828491354-875682740-3383768496-1001\SOFTWARE\Microsoft\Internet
Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\SOFTWARE\Microsoft\Internet
Explorer\SearchScopes\{94EEEC01-0D55-41FD-8D61-EEBC7A1FC332} => removed
successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESETMC.lnk" => not
found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\ESETMC.lnk"
=> removed successfully
The system needed a reboot.
==== End of Fixlog 22:22:10 ====
It looks like EseT is still showing up in the Security Center part of the
FRST.txt, even after running the fix. The AV remover tool was only to remove
other AV programs and wouldn't give me the option for Eset. My firewall is still
turning off by itself.
In addition to running the FixList I also replaced my monitor's power cord and
changed the HDMI cable and I upgraded my wifi to Wifi6, as my network adapter
said it works better on 6. Pretty much trying everything at this point to rid
myself of the mouse stuttering/lag and monitor losing signal.
It looks better but I won't be sure unitl I've tried running a few games and
seeing what happens.
* Back to top
--------------------------------------------------------------------------------
#6 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted 02 April 2022 - 02:01 PM
Greetings Anna.
We need to reinstall ESET Security then uninstall it using a special program.
After installing ESET please complete the below.
===================================================
Uninstalling Programs Using Revo Uninstaller Free Portable
--------------------
* Download Revo Uninstaller Free Portable and save it to your Desktop
* Right click on the folder and select Extract All..., then click Extract
* Double click on the RevoUninstaller-Portable folder
* Right click on RevoUPort and select Run as administrator
* Click OK on the License Agreement
* From the list of programs double click on the listed program(s), or anything
similar, to remove it (if it exists)
ESET Security
* If the program's uninstaller appears work through the steps to remove the
program(s)
* Be sure the Advanced option is selected then click Scan
* For each window that may appear identifying leftover items click Select All,
Delete, then confirm the deletion
* Once done click Finish
* Reboot your computer
===================================================
Run a new FRST scan and copy/paste both reports in your reply.
===================================================
Things I would like to see in your next reply. Please be sure to copy and paste
any requested log information unless you are asked to attach it.
* ESET installed/uninstalled
* FRST reports (2)
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
#7 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted 03 April 2022 - 03:15 PM
Eset has been uninstalled but...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2022
Ran by acbou (administrator) on SPECCY-JUEVOS (MicroElectronics G708)
(03-04-2022 14:13:02)
Running from C:\Users\acbou\Downloads
Loaded Profiles: acbou
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) Language:
English (United States)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file
will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative
Cloud Experience\CCXProcess.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program
Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program
Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program
Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH &
Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files
(x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe ->) (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files
(x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe
Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe
Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe
Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe
Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Epic
Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc.
-> Epic Games, Inc.) C:\Program Files (x86)\Epic
Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD)
C:\Program Files (x86)\Common Files\Overwolf\0.194.0.15\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD)
C:\Program Files (x86)\Common Files\Overwolf\0.194.0.15\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD)
C:\Program Files (x86)\Overwolf\0.194.0.15\OverwolfBrowser.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->)
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud
Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe
Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop
Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe
Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop
Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe
Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop
Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe
Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative
Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe
->) (Adobe Inc. -> Adobe) C:\Program Files\Adobe\Elements 2020
Organizer\dynamiclinkmanager.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices
Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->)
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative
Cloud Libraries\libs\node.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.)
C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft
Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Tablet\Pen\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom
Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp.
-> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(C:\Users\acbou\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Software AS
-> Opera Software) C:\Users\acbou\AppData\Local\Programs\Opera
GX\84.0.4316.52\opera_crashreporter.exe
(DriverStore\FileRepositoryͷ867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe
->) (Advanced Micro Devices Inc. -> AMD)
C:\Windows\System32\DriverStore\FileRepositoryͷ867.inf_amd64_755c7326c73377da\B377789\atieclxx.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic
Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (FxSound, LLC -> FxSound LLC) C:\Program Files\FxSound
LLC\FxSound\FxSound.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File
Stream\55.0.3.0\crashpad_handler.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program
Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
C:\Windows\System32\spool\drivers\x64\3\E_YATISLE.EXE <2>
(Google LLC -> Google LLC) C:\Program Files
(x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files
(x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA
Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Software AS -> Opera Software)
C:\Users\acbou\AppData\Local\Programs\Opera GX\opera.exe <18>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON
Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common
Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD)
C:\Windows\System32\DriverStore\FileRepositoryͷ867.inf_amd64_755c7326c73377da\B377789\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program
Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files
(x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program
Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program
Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program
Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Blue
Sherpa\sherpa_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program
Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program
Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program
Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher ->
Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation)
C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe
<2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT
CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
C:\Windows\System32\escsvc64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common
Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.)
C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program
Files\Tablet\Pen\WTabletServiceCon.exe
(Spotify AB) C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe
<6>
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe
Creative Cloud\ACC\Creative Cloud.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program
Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program
Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program
Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co.
KG) C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\System32\WWAHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation)
C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) C:\Program
Files (x86)\Toolkit\Toolkit.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944
2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event
Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File
not signed]
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Steam] => C:\Program
Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve
Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [GogGalaxy] =>
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-02-15] (GOG
Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [EADM] => C:\Program
Files (x86)\Origin\Origin.exe [3146936 2022-03-07] (Electronic Arts, Inc. ->
Electronic Arts)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Opera GX Browser
Assistant] => C:\Users\acbou\AppData\Local\Programs\Opera
GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS ->
Opera Software)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Gaijin.Net Updater]
=> C:\Users\acbou\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
[2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000000] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000001] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run:
[EPLTarget\P0000000000000002] =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YATISLE.EXE [421736 2021-11-11] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [LGHUB] => C:\Program
Files\LGHUB\lghub.exe [139935808 2022-03-22] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Run: [Overwolf] =>
C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-03-21]
(Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\RunOnce: [Application
Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
--app-fallback-url=hxxps://www.hulu.com/app/?utm_source=a2hs
--app-id=epffkfffophpagfbbklffindaiconkmc --display-mode=standalone --ip-aumi
(the data entry has 178 more characters).
HKLM\...\Windows x64\Print Processors\sst8cPC:
C:\Windows\System32\spool\prtprocs\x64\sst8cpc.dll [43520 2015-05-26] (Microsoft
Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK
provider)
HKLM\...\Windows x64\Print Processors\us015PC:
C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-27] (Microsoft
Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK
provider)
HKLM\...\Print\Monitors\EPSON ET-2750 Series 64MonitorBE:
C:\Windows\system32\E_YLMBSLE.DLL [184832 2017-07-14] (Microsoft Windows
Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll
[500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\sst8c Langmon: C:\Windows\system32\sst8clm.dll [22528
2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: us008lm.dll
HKLM\...\Print\Monitors\us015 Langmon: C:\Windows\system32\us015lm.dll [31096
2019-08-27] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components:
[{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program
Files\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-29]
(Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
Task: {0C131F53-26DF-46D4-A41E-2B73F15276C9} - System32\Tasks\Mozilla\Firefox
Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla
Firefox\firefox.exe --MOZ_LOG
sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE
C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log
--backgroundtask backgroundupdate
Task: {17111840-0A19-48E6-AF3E-488E9E3995D7} - System32\Tasks\Overwolf Updater
Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540888 2022-03-21]
(Overwolf Ltd -> Overwolf LTD)
Task: {1B36B225-1969-486D-B949-ABED56C22F88} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\1 => C:\Program Files\Google\Drive File
Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google,
Inc.)
Task: {2077050C-A4CD-436D-BCA9-4BC6C694CA8F} -
System32\Tasks\Avira_Antivirus_Systray => C:\Program Files
(x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH &
Co. KG -> Avira Operations GmbH & Co. KG)
Task: {20B6A69C-C731-491B-8100-600117FCE168} -
System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft
Shared\Office16\operfmon.exe [59232 2022-03-04] (Microsoft Corporation ->
Microsoft Corporation)
Task: {2A4A081C-8AF9-40D2-B88F-6DB62A65F7D5} -
System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program
Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-12]
(Microsoft Corporation -> Microsoft Corporation)
Task: {2EB36205-5D6F-462B-9F16-F4D0BF992B58} - System32\Tasks\FxSound\Update =>
C:\Program [Argument = Files\FxSound LLC\FxSound\updater.exe /silent]
Task: {355F6D67-83F2-4EF8-B05D-F0B37EA4BB64} - System32\Tasks\AMDLinkUpdate =>
C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {36B79A76-FF97-4C43-995C-E18F4DAA9B8F} - System32\Tasks\NVIDIA GeForce
Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program
Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
[3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3BD0B3CD-6648-4273-858F-DC89615BF25A} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2022-03-02] (Adobe
Systems Incorporated -> Adobe Systems Incorporated)
Task: {3FA96AC8-EBD0-47E0-8E38-0B497F06DF63} - System32\Tasks\EPSON ET-2750
Series Update {644AE659-9338-489E-B817-872ACB4EED3B} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {4D6948B6-8708-408C-9098-E27F87C281DD} - System32\Tasks\StartDVR =>
C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-03-28] (Advanced
Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4E7EC21B-36E8-4360-B843-D60090536AA5} - System32\Tasks\EPSON ET-2750
Series Update {EC215EFA-8B57-4AF5-87DF-40E256C6D985} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {4FE7B193-6B10-4AEA-BC94-AE5E0643FA3C} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\2 => C:\Program Files\Adobe\Adobe Creative
Cloud\ACC\Creative Cloud.exe [781552 2022-03-02] (Adobe Inc. -> Adobe Inc.)
Task: {5172B1E5-4DEE-4152-A1C9-CA040983375B} -
System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program
Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-12]
(Microsoft Corporation -> Microsoft Corporation)
Task: {58DFEEAE-3A05-44BE-ABC6-EFD52BE86A96} -
System32\Tasks\Avira_Security_Update => C:\windows\system32\net.exe [59904
2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {61CF382D-DBF1-4DDD-8DE1-7B531A08380E} -
System32\Tasks\Avira_Security_Systray => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1664960
2022-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {62B5C476-03E5-4981-A306-A5360A85CB19} - System32\Tasks\EPSON ET-2750
Series Update {12E20AF9-1E15-4778-A72F-B4258576C7E5} =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
Task: {64232545-E6D6-4E51-BF15-6DDCCDA038CC} -
System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {68E8E45E-E911-4869-9A11-F59BB4FC2E0A} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\3 => C:\Program Files (x86)\Toolkit\Toolkit.exe
[1596776 2022-02-23] (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
Task: {6F13FD98-A019-4A25-AA74-7187CC64C04F} -
System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-05] (Google LLC -> Google
LLC)
Task: {6FFC17E4-B325-4679-9167-BDE6E3C17DA1} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\4 => C:\Program Files (x86)\EPSON
Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08]
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7160E23C-B144-4E0F-ACC4-8A8A1989E8B3} -
System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7E191E81-A500-492E-8B35-695DC5C9890C} - System32\Tasks\StartCN =>
C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-03-28] (Advanced Micro
Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8018F7EC-A962-4AD3-8037-BADF33DA558C} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\1 => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp
"C:\ProgramData\Avira\Security\Delay Load for ALL\FxSound.lnk"
Task: {8382B301-BB3A-4C56-B212-395C94DB381C} - System32\Tasks\Avira\System
Speedup\SecurityTestScheduler => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {83A8FA77-C6DF-4769-A530-1CB1D82A590D} -
System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {83BF2A49-F6E2-487A-972A-D7B8BD9471BF} -
System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files
(x86)\Microsoft\Edge\Application\99.0.1150.55\Installer\setup.exe [3192224
2022-03-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {872BFB90-8ACE-4981-B163-4D30EEDC05DD} - System32\Tasks\ModifyLinkUpdate
=> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {87FA17CC-72DC-4272-A580-A12DF7D2F5A9} -
System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-05] (Google LLC -> Google
LLC)
Task: {8E8B0658-6650-4D18-801D-78DF798436CD} -
System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple
Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple
Inc.)
Task: {98AAA7D9-2C8D-4ACC-92B2-ED6FC6BE580A} - System32\Tasks\Mozilla\Firefox
Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla
Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {9A16C663-506F-442A-9926-60819003B31C} -
System32\Tasks\AMDRyzenMasterSDKTask => C:\Program
Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-22] (Advanced Micro
Devices, Inc.) [File not signed]
Task: {9A33768C-57F0-4739-AE53-82BADFCF2C54} -
System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
=> C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872
2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program
Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f
C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9A33C71D-5039-40A9-8170-1DAAB85F39CD} -
System32\Tasks\AviraSystemSpeedupUpdate =>
C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe
[32790416 2022-03-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {9EE10A20-D84D-45E4-A1E4-1DB089214F70} - System32\Tasks\Opera GX scheduled
Autoupdate 1633140646 => C:\Users\acbou\AppData\Local\Programs\Opera
GX\launcher.exe [2406096 2022-03-29] (Opera Software AS -> Opera Software)
Task: {A447043A-3407-4312-8019-49007C4A2658} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\6 => C:\Program Files\Adobe\Elements 2020
Organizer\Elements Auto Creations 2020.exe [3560048 2022-03-02] (Adobe Inc. ->
Adobe Systems Incorporated)
Task: {AD575BEB-2BAC-47F5-87EB-B56649869689} - System32\Tasks\AMDInstallLauncher
=> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-22]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B4B6E848-451D-4C71-A6FE-FE29C564FED4} -
System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {BD14DA08-336D-448C-A79C-5B05B58A0188} -
System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program
Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696
2022-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {D5790208-3B1C-4B3F-8209-1944D437E9B4} -
System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {D681F8C3-D582-40CE-98EB-2C1E6B842CF8} - System32\Tasks\Avira\System
Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Adobe\Adobe
Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
Task: {DB1CD4C8-87EE-4087-8706-6D25B95DDE4F} -
System32\Tasks\BlueStacksHelper_nxt => C:\Program
Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-03-16] (Bluestack
Systems, Inc -> BlueStack Systems, Inc.)
Task: {DF70C2E3-EB3C-4DF9-AD75-5AF485D63BDC} -
System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program
Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696
2022-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {EADC1D38-758C-4A3B-BFAD-E261263121E9} - System32\Tasks\Avira\System
Speedup\Delayed Startup\acbou\2 => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp
"C:\Users\acbou\AppData\Local\Avira\Security\Delay Load for Current\FxSound.exe
- Shortcut.lnk"
Task: {EF7BF987-589D-4A36-AF18-E536BE1AE855} -
System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {FB58BE88-4485-44B9-AC9E-D68A2EC00DE7} -
System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [252256 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FC07EC3A-CA62-45D9-A69D-C1C62E336984} -
System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28]
(Nvidia Corporation -> NVIDIA Corporation)
Task: {FD5F1AEE-5FD1-4F1B-B203-EFE32417B81E} -
System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} =>
C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752
2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
C:\windows\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{12E20AF9-1E15-4778-A72F-B4258576C7E5}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{12E20AF9-1E15-4778-A72F-B4258576C7E5}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{644AE659-9338-489E-B817-872ACB4EED3B}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{644AE659-9338-489E-B817-872ACB4EED3B}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-2750 Series Update
{EC215EFA-8B57-4AF5-87DF-40E256C6D985}.job =>
C:\windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{EC215EFA-8B57-4AF5-87DF-40E256C6D985}
/F:UpdateWORKGROUP\SPECCY-JUEVOS$ĊSearches for EPSON software updates, and
notifies you when updates are available.If this task is disabled or stopped,
your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be
removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c115bd5-8bb7-4e99-843e-d0a36ac35840}: [DhcpNameServer]
192.168.1.1
Tcpip\..\Interfaces\{84947340-df33-430b-8115-4653929cdb32}: [DhcpNameServer]
192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\acbou\AppData\Local\Microsoft\Edge\User Data\Default
[2022-04-02]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: q3vihob9.default
FF ProfilePath:
C:\Users\acbou\AppData\Roaming\Mozilla\Firefox\Profiles\q3vihob9.default
[2022-03-02]
FF ProfilePath:
C:\Users\acbou\AppData\Roaming\Mozilla\Firefox\Profiles\f1cxyzxa.default-release
[2022-03-21]
FF Session Restore: Mozilla\Firefox\Profiles\f1cxyzxa.default-release -> is
enabled.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files
(x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web
Print\Firefox Add-on [2022-03-09] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation ->
Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program
Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program
Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe
Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-03-02] (Adobe Inc. -> Adobe
Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program
Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files
(x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe
Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-03-02] (Adobe Inc. -> Adobe
Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files
(x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not
signed]
Chrome:
=======
CHR Profile: C:\Users\acbou\AppData\Local\Google\Chrome\User Data\Default
[2022-03-20]
CHR Extension: (Slides) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-05]
CHR Extension: (Safe Torrent Scanner) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-02-22]
CHR Extension: (Docs) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-05]
CHR Extension: (Google Drive) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-05]
CHR Extension: (YouTube) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-05]
CHR Extension: (Sheets) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-05]
CHR Extension: (Google Docs Offline) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-22]
CHR Extension: (AdBlock — best ad blocker) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26]
CHR Extension: (Zoom) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-01-05]
CHR Extension: (Kindle Cloud Reader) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2022-01-05]
CHR Extension: (Chrome Remote Desktop) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-01-05]
CHR Extension: (Google Keep Chrome Extension) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-02-23]
CHR Extension: (Ghostery – Privacy Ad Blocker) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-02-27]
CHR Extension: (Chrome Web Store Payments) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-05]
CHR Extension: (vidIQ Vision for YouTube) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2022-02-27]
CHR Extension: (Mass Effect 3 1920x1080) -
C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pbajkfcoapbkccklekmjkhikfdcciojo [2022-01-05]
CHR Extension: (Gmail) - C:\Users\acbou\AppData\Local\Google\Chrome\User
Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-05]
CHR
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension:
[lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1828491354-875682740-3383768496-1001) Opera
GXStable - "C:\Users\acbou\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop
Common\ElevationManager\AdobeUpdateService.exe [844528 2022-03-02] (Adobe Inc.
-> Adobe Inc.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
[1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AntivirProtectedService; C:\Program Files
(x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe
[485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048
2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832
2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile
Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. ->
Apple Inc.)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer
Host\Avira.OptimizerHost.exe [3000232 2022-02-18] (Avira Operations GmbH & Co.
KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
[386864 2022-03-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH &
Co. KG)
R2 AviraSecurity; C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Service.exe [265096 2022-03-18] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files
(x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [264288 2022-03-18]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
[8901968 2021-10-19] (BattlEye Innovations e.K. -> )
R2 CAMService; C:\Program Files\NZXT
CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe
[524480 2022-02-08] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft
Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520
2022-03-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files
(x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595944 2021-10-28] (EasyAntiCheat
Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online
Services\service\EpicOnlineServicesHost.exe [16029472 2021-11-24] (Epic Games
Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO
EPSON CORPORATION -> Seiko Epson Corporation)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [8344720
2022-01-27] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG
Galaxy\GalaxyClientService.exe [1959776 2022-02-15] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication;
C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832
2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11099200
2022-03-22] (Logitech Inc -> Logitech, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe
[2563288 2022-03-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files
(x86)\Origin\OriginWebHelperService.exe [3481824 2022-03-07] (Electronic Arts,
Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540888
2022-03-21] (Overwolf Ltd -> Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat
Protection\MsSense.exe [6254864 2022-03-30] (Microsoft Windows Publisher ->
Microsoft Corporation)
R2 sherpa_service; C:\Program Files\Blue Sherpa\sherpa_service.exe [351136
2021-07-29] (Logitech Inc -> Logitech, Inc.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [337112
2021-10-16] (Twitch Interactive, Inc. -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common
Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-29] (Wellbia.com
Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows
Defender\platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-03-02] (Microsoft
Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows
Defender\platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-03-02] (Microsoft
Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-29]
(PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem;
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe
-s NVDisplay.ContainerLocalSystem -f
%ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\plugins\LocalSystem
-r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
S3 ALSysIO; C:\Users\acbou\AppData\Local\Temp\ALSysIO64.sys [47240 2022-03-30]
(ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33728 2021-12-13]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\windows\system32\AMDRyzenMasterDriver.sys [43336
2022-03-17] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD;
C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys
[109520 2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 amdwddmg;
C:\WINDOWS\System32\DriverStore\FileRepositoryͷ867.inf_amd64_755c7326c73377da\B377789\amdkmdag.sys
[90150488 2022-03-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices,
Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced
Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032
2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AsrDrv103; C:\windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2021-10-01]
(ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07]
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft
Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira
Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728
2022-03-16] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power
Technology -> Windows ® Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power
Technology -> Windows ® Win 7 DDK provider)
R1 ElRawDisk; C:\windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS
Corporation -> EldoS Corporation)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft
Windows Hardware Compatibility Publisher -> )
S3 EQU8_HELPER_36; C:\windows\system32\DRIVERS\EQU8_HELPER_36.sys [38032
2022-01-22] (Int3 Software AB -> )
R3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [324072 2021-09-29] (Microsoft
Windows Hardware Compatibility Publisher -> FxSound LLC)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456
2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys
[44488 2021-12-25] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [33528
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [21704
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [62904
2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
S3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [17424
2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS
Technology Co., LTd)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552
2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA
Corporation)
R3 SteamStreamingMicrophone;
C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01]
(Valve Corp. -> )
R3 SteamStreamingSpeakers;
C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve
Corp. -> )
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05]
(Valve Corp. -> Valve Corporation)
R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft
Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-01-12]
(VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware,
Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-03-02]
(Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-03-02]
(Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-02]
(Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\windows\xhunter1.sys [2522256 2022-01-29] (Wellbia.com Co., Ltd.
-> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-02 19:40 - 2022-04-02 19:41 - 000058516 _____
C:\Users\acbou\Downloads\Addition.txt
2022-04-02 18:19 - 2022-04-02 18:19 - 000000000 ____D
C:\Users\acbou\Downloads\RevoUninstaller_Portable
2022-04-02 18:12 - 2022-04-02 18:12 - 009682073 _____
C:\Users\acbou\Downloads\RevoUninstaller_Portable.zip
2022-04-01 22:47 - 2022-04-01 22:47 - 000000000 ____D C:\Users\acbou\curseforge
2022-04-01 22:46 - 2022-04-03 14:09 - 000002324 _____
C:\Users\acbou\Desktop\CurseForge.lnk
2022-04-01 22:46 - 2022-04-01 22:46 - 000004380 _____
C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2022-04-01 22:46 - 2022-04-01 22:46 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2022-04-01 22:46 - 2022-04-01 22:46 - 000000000 ____D C:\ProgramData\Overwolf
2022-04-01 22:46 - 2022-04-01 22:46 - 000000000 ____D C:\Program Files
(x86)\Overwolf
2022-04-01 22:45 - 2022-04-01 22:45 - 000000000 ____D
C:\Users\acbou\Downloads\BT_21.10.1.1_HF
2022-04-01 22:44 - 2022-04-03 14:09 - 000000000 ____D
C:\Users\acbou\AppData\Local\Overwolf
2022-04-01 22:43 - 2022-04-01 22:43 - 000000000 ____D
C:\Users\acbou\Downloads\forge-1.12.2-14.23.5.2859-installer
2022-04-01 22:41 - 2022-04-01 22:41 - 000000000 ____D
C:\Users\acbou\Downloads\forge-1.18.2-40.0.35-installer
2022-04-01 22:32 - 2022-04-01 22:32 - 000002043 _____
C:\Users\Public\Desktop\FxSound (2).lnk
2022-04-01 22:22 - 2022-04-01 22:22 - 000004476 _____
C:\Users\acbou\Downloads\Fixlog.txt
2022-04-01 22:21 - 2022-04-01 22:21 - 000000000 ____D
C:\Users\acbou\Downloads\FRST-OlderVersion
2022-04-01 22:19 - 2022-04-01 22:49 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\.minecraft
2022-04-01 20:32 - 2022-04-01 20:32 - 000000000 ____D
C:\Users\acbou\AppData\Local\Foxhole
2022-04-01 19:46 - 2022-04-02 20:43 - 000000000 ____D C:\Users\acbou\Zomboid
2022-04-01 15:46 - 2022-04-01 22:46 - 000000000 ____D C:\ProgramData\Intel
2022-04-01 15:46 - 2022-04-01 15:46 - 000000000 ___HD
C:\WINDOWS\system32\WLANProfiles
2022-04-01 15:46 - 2022-04-01 15:46 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Intel
2022-04-01 15:46 - 2022-04-01 15:46 - 000000000 ____D C:\Program Files\Intel
2022-04-01 15:46 - 2022-04-01 15:46 - 000000000 ____D C:\Program Files\Common
Files\Intel
2022-04-01 15:43 - 2022-04-01 15:43 - 000000000 ____D
C:\Users\acbou\Downloads\WiFi_21.10.1.2_HF
2022-04-01 15:38 - 2022-04-01 15:39 - 544632594 _____
C:\Users\acbou\Downloads\WiFi_21.10.1.2_HF.zip
2022-04-01 15:38 - 2022-04-01 15:38 - 155243964 _____
C:\Users\acbou\Downloads\BT_21.10.1.1_HF.zip
2022-04-01 05:37 - 2022-04-01 05:37 - 000000000 ___HD C:\$WinREAgent
2022-03-31 00:56 - 2022-03-31 00:56 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\KmCrashHandler
2022-03-30 23:21 - 2022-04-03 14:13 - 000048071 _____
C:\Users\acbou\Downloads\FRST.txt
2022-03-30 23:21 - 2022-04-03 14:13 - 000000000 ____D C:\FRST
2022-03-30 23:20 - 2022-04-01 22:21 - 002365440 _____ (Farbar)
C:\Users\acbou\Downloads\FRST64.exe
2022-03-30 22:58 - 2022-03-30 22:58 - 000000000 ____D C:\Users\acbou\ansel
2022-03-30 22:36 - 2022-03-30 22:36 - 000017671 _____
C:\Users\acbou\Downloads\MemTest.zip
2022-03-30 21:53 - 2022-03-30 21:53 - 000000000 ____D
C:\Users\acbou\AppData\LocalLow\Creepy Jar
2022-03-30 18:01 - 2022-03-30 18:01 - 000162816 _____
C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-03-30 18:01 - 2022-03-30 18:01 - 000048640 _____ (Adobe Systems)
C:\WINDOWS\system32\atmlib.dll
2022-03-30 18:01 - 2022-03-30 18:01 - 000039936 _____ (Adobe Systems)
C:\WINDOWS\SysWOW64\atmlib.dll
2022-03-30 18:01 - 2022-03-30 18:01 - 000011791 _____
C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-30 17:56 - 2022-02-02 23:30 - 004915304 _____ (Intel Corporation)
C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-03-30 17:56 - 2022-02-02 23:30 - 001626216 _____ (Intel Corporation)
C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-03-30 17:56 - 2022-02-02 22:51 - 043866808 _____
C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-03-29 21:01 - 2022-03-29 21:02 - 000000000 ____D
C:\Users\acbou\Documents\Assassin's Creed IV Black Flag
2022-03-29 20:06 - 2022-03-29 20:06 - 000000000 ____D C:\ProgramData\X360CE
2022-03-29 20:05 - 2022-03-29 20:05 - 000000000 ____D
C:\Users\acbou\Downloads\x360ce
2022-03-29 20:03 - 2022-03-29 20:03 - 001700319 _____
C:\Users\acbou\Downloads\x360ce.zip
2022-03-29 19:54 - 2022-03-29 19:54 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Ubisoft
2022-03-28 22:55 - 2022-03-28 22:55 - 002084440 _____ (CPUID, Inc. )
C:\Users\acbou\Downloads\cpu-z_2.00-en.exe
2022-03-28 22:23 - 2022-04-03 14:08 - 000003114 _____
C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-03-28 22:23 - 2022-04-03 14:08 - 000003078 _____
C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-03-28 22:23 - 2022-03-28 22:23 - 000003488 _____
C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-03-28 22:23 - 2022-03-28 22:23 - 000003160 _____
C:\WINDOWS\system32\Tasks\StartCN
2022-03-28 22:23 - 2022-03-28 22:23 - 000003080 _____
C:\WINDOWS\system32\Tasks\StartDVR
2022-03-28 22:23 - 2022-03-28 22:23 - 000002620 _____
C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2022-03-28 22:23 - 2022-03-28 22:23 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin
Edition
2022-03-28 22:23 - 2022-03-28 22:23 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-03-28 22:23 - 2022-03-22 15:36 - 002901560 _____ (AMD Inc.)
C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2022-03-28 22:22 - 2022-03-28 22:25 - 000000000 ____D C:\ProgramData\AMD
2022-03-28 22:19 - 2022-03-28 22:19 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\ATI
2022-03-28 22:15 - 2022-03-28 22:15 - 090032216 _____
C:\WINDOWS\system32\amd_comgr.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 074244696 _____
C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 069194840 _____ (Advanced Micro Devices
Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 056704640 _____
C:\WINDOWS\system32\amdxc64.so
2022-03-28 22:15 - 2022-03-28 22:15 - 003471376 _____
C:\WINDOWS\SysWOW64\atiumdva.cap
2022-03-28 22:15 - 2022-03-28 22:15 - 003437632 _____
C:\WINDOWS\system32\atiumd6a.cap
2022-03-28 22:15 - 2022-03-28 22:15 - 001963608 _____
C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 001963608 _____
C:\WINDOWS\system32\vulkaninfo.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 001874008 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\atiadlxx.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001690456 _____ (AMD)
C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001528920 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\atiacm64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001520216 _____
C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 001520216 _____
C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 001434232 _____
C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001434232 _____
C:\WINDOWS\system32\vulkan-1.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001406552 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001406552 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001368784 _____ (AMD)
C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001145808 _____
C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 001145808 _____
C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000934488 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000883264 _____ (AMD)
C:\WINDOWS\system32\atieclxx.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000789592 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000761944 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000666712 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000571400 _____
C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-03-28 22:15 - 2022-03-28 22:15 - 000571400 _____
C:\WINDOWS\system32\atiapfxx.blb
2022-03-28 22:15 - 2022-03-28 22:15 - 000551000 _____
C:\WINDOWS\system32\amdgfxinfo64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000550464 _____
C:\WINDOWS\system32\GameManager64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000538136 _____
C:\WINDOWS\system32\amdmiracast.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000518232 _____
C:\WINDOWS\system32\atieah64.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000493144 _____
C:\WINDOWS\system32\dgtrayicon.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000484952 _____
C:\WINDOWS\system32\EEURestart.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000461400 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000459352 _____
C:\WINDOWS\system32\amdlogum.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000414296 _____
C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000411712 _____
C:\WINDOWS\SysWOW64\GameManager32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000386136 _____
C:\WINDOWS\SysWOW64\atieah32.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000336984 _____
C:\WINDOWS\system32\clinfo.exe
2022-03-28 22:15 - 2022-03-28 22:15 - 000253504 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000212544 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000202720 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\amdihk64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000194504 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000186944 _____
C:\WINDOWS\system32\mantle64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000171096 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000170048 _____
C:\WINDOWS\system32\mantleaxl64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000169248 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000159296 _____ (AMD)
C:\WINDOWS\system32\atimuixx.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000158936 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000151648 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000148032 _____
C:\WINDOWS\SysWOW64\mantle32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000142936 _____ (Khronos Group)
C:\WINDOWS\system32\OpenCL.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000141264 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000141264 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000133720 _____
C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000133720 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000132184 _____
C:\WINDOWS\system32\atidxx64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000130648 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\amfrt64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000126648 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000126040 _____
C:\WINDOWS\system32\amdxc64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000123480 _____ (Khronos Group)
C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000112648 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000112624 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000106584 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000106072 _____
C:\WINDOWS\SysWOW64\atidxx32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000100952 _____
C:\WINDOWS\SysWOW64\amdxc32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000083544 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\system32\mcl64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000068184 _____ (Advanced Micro Devices,
Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000063064 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000039512 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000036440 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000020984 _____ (Microsoft Corporation)
C:\WINDOWS\SysWOW64\detoured.dll
2022-03-28 22:15 - 2022-03-28 22:15 - 000020984 _____ (Microsoft Corporation)
C:\WINDOWS\system32\detoured.dll
2022-03-28 22:15 - 2022-03-15 19:16 - 000204952 _____
C:\WINDOWS\SysWOW64\ativvsvl.dat
2022-03-28 22:15 - 2022-03-15 19:16 - 000204952 _____
C:\WINDOWS\system32\ativvsvl.dat
2022-03-28 22:15 - 2022-03-15 19:16 - 000157144 _____
C:\WINDOWS\SysWOW64\ativvsva.dat
2022-03-28 22:15 - 2022-03-15 19:16 - 000157144 _____
C:\WINDOWS\system32\ativvsva.dat
2022-03-28 22:15 - 2022-03-15 19:16 - 000154384 _____
C:\WINDOWS\system32\samu_krnl_ci.sbin
2022-03-28 22:15 - 2022-03-15 19:16 - 000138832 _____
C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2022-03-28 22:15 - 2022-03-15 19:16 - 000128048 _____
C:\WINDOWS\system32\kapp_ci.sbin
2022-03-28 22:15 - 2022-03-15 19:16 - 000121168 _____
C:\WINDOWS\system32\kapp_si.sbin
2022-03-28 22:15 - 2022-03-15 19:16 - 000076237 _____
C:\WINDOWS\system32\AMDKernelEvents.man
2022-03-28 22:15 - 2022-03-15 19:16 - 000012344 _____
C:\WINDOWS\system32\brandingWS_RSX.bmp
2022-03-28 22:15 - 2022-03-15 19:16 - 000012344 _____
C:\WINDOWS\system32\brandingRSX.bmp
2022-03-28 22:15 - 2022-03-15 19:16 - 000010702 _____
C:\WINDOWS\system32\atiacmLocalisation.ini
2022-03-28 22:15 - 2022-03-15 19:16 - 000000822 _____
C:\WINDOWS\system32\branding.bmp
2022-03-28 22:15 - 2021-12-13 13:01 - 000591792 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2022-03-28 22:15 - 2021-12-13 13:01 - 000164800 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2022-03-28 22:15 - 2021-12-13 13:01 - 000033728 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2022-03-28 22:15 - 2021-10-31 23:12 - 000246176 _____ (Advanced Micro Devices)
C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2022-03-28 22:15 - 2021-08-17 10:34 - 000065168 _____ (Advanced Micro Devices,
Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2022-03-28 21:13 - 2022-03-28 21:13 - 001354504 _____ (Electronic Arts)
C:\Users\acbou\Downloads\EAappInstaller.exe
2022-03-28 21:06 - 2022-03-28 19:10 - 000000000 ____D C:\Windows.old
2022-03-28 21:04 - 2022-03-28 21:06 - 000000000 ____D
C:\WINDOWS\system32\config\bbimigrate
2022-03-28 21:03 - 2022-03-28 21:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-03-28 21:03 - 2022-03-28 21:03 - 000008192 _____
C:\WINDOWS\system32\config\userdiff
2022-03-28 21:03 - 2022-03-28 21:03 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-28 21:01 - 2022-03-28 21:01 - 002260992 _____
C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-28 21:01 - 2022-03-28 21:01 - 002254336 _____
C:\WINDOWS\system32\dwmscene.dll
2022-03-28 21:01 - 2022-03-28 21:01 - 000523776 _____ (curl, hxxps://curl.se/)
C:\WINDOWS\system32\curl.exe
2022-03-28 21:01 - 2022-03-28 21:01 - 000464384 _____ (curl, hxxps://curl.se/)
C:\WINDOWS\SysWOW64\curl.exe
2022-03-28 21:01 - 2022-03-28 21:01 - 000288768 _____
C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-03-28 21:01 - 2022-03-28 21:01 - 000272896 _____
C:\WINDOWS\system32\TpmTool.exe
2022-03-28 21:01 - 2022-03-28 21:01 - 000223744 _____
C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-28 21:01 - 2022-03-28 21:01 - 000195584 _____
C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-28 21:01 - 2022-03-28 21:01 - 000060928 _____
C:\WINDOWS\system32\runexehelper.exe
2022-03-28 20:57 - 2022-03-28 20:57 - 000000000 ____D C:\Program Files\Reference
Assemblies
2022-03-28 20:57 - 2022-03-28 20:57 - 000000000 ____D C:\Program Files\MSBuild
2022-03-28 20:57 - 2022-03-28 20:57 - 000000000 ____D C:\Program Files
(x86)\Reference Assemblies
2022-03-28 20:57 - 2022-03-28 20:57 - 000000000 ____D C:\Program Files
(x86)\MSBuild
2022-03-28 19:12 - 2022-03-28 19:12 - 000000000 ____D C:\ProgramData\Microsoft
OneDrive
2022-03-28 19:10 - 2022-04-03 14:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-28 19:10 - 2022-04-02 20:36 - 000004162 _____
C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AB1161A3-D954-499C-8DB4-717A5E31B648}
2022-03-28 19:10 - 2022-03-29 19:36 - 000004206 _____
C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1633140646
2022-03-28 19:10 - 2022-03-28 19:10 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2022-03-28 19:10 - 2022-03-28 19:10 - 000007623 _____ C:\WINDOWS\diagerr.xml
2022-03-28 19:10 - 2022-03-28 19:10 - 000003864 _____
C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-03-28 19:10 - 2022-03-28 19:10 - 000003500 _____
C:\WINDOWS\system32\Tasks\EPSON ET-2750 Series Update
{EC215EFA-8B57-4AF5-87DF-40E256C6D985}
2022-03-28 19:10 - 2022-03-28 19:10 - 000003500 _____
C:\WINDOWS\system32\Tasks\EPSON ET-2750 Series Update
{644AE659-9338-489E-B817-872ACB4EED3B}
2022-03-28 19:10 - 2022-03-28 19:10 - 000003500 _____
C:\WINDOWS\system32\Tasks\EPSON ET-2750 Series Update
{12E20AF9-1E15-4778-A72F-B4258576C7E5}
2022-03-28 19:10 - 2022-03-28 19:10 - 000003408 _____
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-28 19:10 - 2022-03-28 19:10 - 000003398 _____
C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000003348 _____
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-28 19:10 - 2022-03-28 19:10 - 000003322 _____
C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-03-28 19:10 - 2022-03-28 19:10 - 000003184 _____
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-28 19:10 - 2022-03-28 19:10 - 000003152 _____
C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience
SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000003124 _____
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-28 19:10 - 2022-03-28 19:10 - 000003062 _____
C:\WINDOWS\system32\Tasks\OneDrive Reporting
Task-S-1-5-21-1828491354-875682740-3383768496-1001
2022-03-28 19:10 - 2022-03-28 19:10 - 000002984 _____
C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002956 _____
C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2022-03-28 19:10 - 2022-03-28 19:10 - 000002948 _____
C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002948 _____
C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002948 _____
C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002948 _____
C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002914 _____
C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002858 _____
C:\WINDOWS\system32\Tasks\OneDrive Standalone Update
Task-S-1-5-21-1828491354-875682740-3383768496-1001
2022-03-28 19:10 - 2022-03-28 19:10 - 000002854 _____
C:\WINDOWS\system32\Tasks\OneDrive Standalone Update
Task-S-1-5-21-1828491354-875682740-3383768496-500
2022-03-28 19:10 - 2022-03-28 19:10 - 000002850 _____
C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2022-03-28 19:10 - 2022-03-28 19:10 - 000002814 _____
C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-03-28 19:10 - 2022-03-28 19:10 - 000002748 _____
C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-03-28 19:10 - 2022-03-28 19:10 - 000002744 _____
C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-28 19:10 - 2022-03-28 19:10 - 000002566 _____
C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2022-03-28 19:10 - 2022-03-28 19:10 - 000002028 _____
C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-03-28 19:10 - 2022-03-28 19:10 - 000000020 ___SH C:\Users\acbou\ntuser.ini
2022-03-28 19:10 - 2022-03-28 19:10 - 000000000 ____D
C:\WINDOWS\system32\Tasks\Mozilla
2022-03-28 19:10 - 2022-03-28 19:10 - 000000000 ____D
C:\WINDOWS\system32\Tasks\FxSound
2022-03-28 19:10 - 2022-03-28 19:10 - 000000000 ____D
C:\WINDOWS\system32\Tasks\Avira
2022-03-28 19:10 - 2022-03-28 19:10 - 000000000 ____D
C:\WINDOWS\system32\Tasks\Apple
2022-03-28 19:10 - 2022-03-28 19:10 - 000000000 ____D
C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-03-28 19:10 - 2021-08-16 08:33 - 000003394 _____
C:\WINDOWS\system32\Tasks\OneDrive Standalone Update
Task-S-1-5-21-1700774981-4227035309-4167666744-500
2022-03-28 19:08 - 2022-04-02 19:45 - 000844810 _____
C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-28 19:07 - 2022-04-01 22:47 - 000000000 ____D C:\Users\acbou
2022-03-28 19:07 - 2022-03-28 19:07 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-03-28 19:07 - 2019-12-07 03:10 - 000001105 _____
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\OneDrive.lnk
2022-03-28 19:06 - 2022-04-01 19:42 - 000000000 ____D
C:\WINDOWS\system32\SleepStudy
2022-03-28 19:06 - 2022-03-30 21:07 - 000443536 _____
C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-28 18:30 - 2022-03-28 18:30 - 000000000 ____H
C:\$WINRE_BACKUP_PARTITION.MARKER
2022-03-28 18:15 - 2022-03-28 22:18 - 000000000 ___DC C:\WINDOWS\Panther
2022-03-28 18:08 - 2022-03-28 18:08 - 000000000 ___HD C:\$Windows.~WS
2022-03-28 18:07 - 2022-03-28 18:07 - 000279560 _____
C:\Users\acbou\Downloads\CrucialScan.exe
2022-03-27 16:39 - 2022-03-27 16:39 - 000002316 _____
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Local.lnk
2022-03-27 16:39 - 2022-03-27 16:39 - 000002308 _____
C:\Users\acbou\Desktop\Local.lnk
2022-03-27 16:19 - 2022-03-27 16:19 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Composer
2022-03-27 16:19 - 2022-03-27 16:19 - 000000000 ____D
C:\Users\acbou\AppData\Local\Composer
2022-03-27 16:16 - 2022-03-27 16:40 - 000000000 ____D C:\Users\acbou\Local Sites
2022-03-27 16:12 - 2022-03-27 16:12 - 000000000 ____D
C:\Users\acbou\AppData\Local\local-updater
2022-03-27 16:08 - 2022-03-27 16:12 - 631782960 _____ (WPEngine, Inc.)
C:\Users\acbou\Downloads\local-6.3.1-windows.exe
2022-03-24 21:31 - 2022-03-24 21:31 - 000001632 _____
C:\Users\acbou\Desktop\remote - Shortcut.lnk
2022-03-24 18:45 - 2022-03-24 18:45 - 000000000 ____D
C:\Users\acbou\Desktop\bluestacks
2022-03-24 18:41 - 2022-03-24 18:45 - 000000000 ____D
C:\ProgramData\BlueStacks_nxt
2022-03-24 18:41 - 2022-03-24 18:41 - 000002100 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk
2022-03-24 18:41 - 2022-03-24 18:41 - 000002098 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance
Manager.lnk
2022-03-24 18:41 - 2022-03-24 18:41 - 000000000 ____D C:\Program
Files\BlueStacks_nxt
2022-03-24 18:40 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2022-03-24 18:40 - 2022-03-24 18:42 - 000000000 ____D
C:\Users\acbou\AppData\Local\BlueStacksSetup
2022-03-24 18:40 - 2022-03-24 18:41 - 000000000 ____D
C:\Users\acbou\AppData\Local\BlueStacks
2022-03-24 18:40 - 2022-03-24 18:40 - 000000000 ____D C:\Users\Public\BlueStacks
2022-03-24 18:40 - 2022-03-24 18:40 - 000000000 ____D C:\Program Files
(x86)\BlueStacks X
2022-03-24 18:39 - 2022-03-24 18:39 - 000801216 _____ (BlueStack Systems Inc.)
C:\Users\acbou\Downloads\BlueStacksInstaller_5.6.100.1026_native_c979e5ed062221d4f081eea91ced3f0b_0.exe
2022-03-24 17:10 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2022-03-24 17:10 - 2022-03-24 17:10 - 000002063 _____
C:\Users\Public\Desktop\Vortex.lnk
2022-03-24 17:09 - 2022-03-24 17:10 - 107671408 _____ (Black Tree Gaming Ltd.)
C:\Users\acbou\Downloads\Vortex-1-1-5-7-1647333183.exe
2022-03-23 17:54 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-03-23 17:54 - 2022-03-23 17:55 - 000000000 ____D C:\Program Files\LGHUB
2022-03-23 17:54 - 2022-03-23 17:54 - 000062904 _____ (Logitech)
C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2022-03-23 17:54 - 2022-03-23 17:54 - 000033528 _____ (Logitech)
C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2022-03-23 17:54 - 2022-03-23 17:54 - 000021704 _____ (Logitech)
C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2022-03-23 17:54 - 2022-03-23 17:54 - 000000650 _____
C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-03-22 22:03 - 2022-03-17 10:33 - 000134832 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-03-22 22:03 - 2022-03-17 10:33 - 000047792 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-03-22 21:40 - 2022-03-17 23:40 - 000795704 _____
C:\WINDOWS\system32\nvofapi64.dll
2022-03-22 21:40 - 2022-03-17 23:40 - 000715944 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvml.dll
2022-03-22 21:40 - 2022-03-17 23:40 - 000636480 _____
C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 002121688 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\NvFBC64.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 001600680 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 001529936 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\NvIFR64.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 001175696 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 000981648 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 000792208 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-22 21:40 - 2022-03-17 23:39 - 000712664 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvidia-smi.exe
2022-03-22 21:40 - 2022-03-17 23:38 - 008610472 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvcuvid.dll
2022-03-22 21:40 - 2022-03-17 23:38 - 007713872 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-22 21:40 - 2022-03-17 23:38 - 005729752 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvcpl.dll
2022-03-22 21:40 - 2022-03-17 23:38 - 005101528 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-22 21:40 - 2022-03-17 23:38 - 002931856 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvcuda.dll
2022-03-22 21:40 - 2022-03-17 23:38 - 000456872 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvdebugdump.exe
2022-03-22 21:40 - 2022-03-17 23:36 - 000850088 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\MCU.exe
2022-03-22 21:40 - 2022-03-17 23:35 - 007611808 _____ (NVIDIA Corporation)
C:\WINDOWS\system32\nvapi64.dll
2022-03-22 21:40 - 2022-03-17 23:35 - 006458872 _____ (NVIDIA Corporation)
C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-22 21:40 - 2022-03-17 10:33 - 000089337 _____
C:\WINDOWS\system32\nvinfo.pb
2022-03-22 13:39 - 2022-03-22 13:39 - 000683520 _____ (Advanced Micro Devices)
C:\WINDOWS\system32\Device.dll
2022-03-22 13:39 - 2022-03-22 13:39 - 000065024 _____ (Advanced Micro Devices)
C:\WINDOWS\system32\Platform.dll
2022-03-21 18:51 - 2022-03-21 18:51 - 000000000 ____D
C:\Users\acbou\AppData\Local\AMDSoftwareInstaller
2022-03-21 18:15 - 2022-04-01 20:18 - 000000000 ____D
C:\Users\acbou\AppData\Local\WeMod
2022-03-21 17:37 - 2022-03-21 17:37 - 000000214 _____
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-03-21 17:36 - 2022-03-21 17:37 - 000530654 _____ C:\WINDOWS\ntbtlog.txt
2022-03-20 23:26 - 2022-03-20 23:26 - 000000000 ____D
C:\Users\acbou\AppData\Local\AviraWebView2Cache
2022-03-20 23:23 - 2022-03-20 23:23 - 000000000 ____D
C:\Users\acbou\AppData\Local\AviraSpeedup
2022-03-17 23:18 - 2022-03-17 23:18 - 000000000 ____D
C:\Users\acbou\Documents\Electronic Arts
2022-03-17 22:43 - 2022-03-17 22:44 - 000000000 ____D
C:\Users\acbou\Documents\FIFA 21
2022-03-17 22:34 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2022-03-17 22:34 - 2014-09-16 18:45 - 000447752 _____ (On2.com)
C:\WINDOWS\SysWOW64\vp6vfw.dll
2022-03-17 09:27 - 2022-03-17 09:27 - 000043336 _____ (Advanced Micro Devices)
C:\WINDOWS\system32\AMDRyzenMasterDriver.sys
2022-03-16 22:03 - 2022-03-16 22:03 - 000001182 _____
C:\Users\acbou\Desktop\ForgerPatches - Shortcut.lnk
2022-03-16 18:56 - 2022-03-16 18:58 - 000000000 ____D
C:\Users\acbou\Documents\Need for Speed Heat
2022-03-16 18:38 - 2022-03-16 18:38 - 000001252 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Chat Overlay.lnk
2022-03-16 18:38 - 2022-03-16 18:38 - 000001240 _____
C:\Users\Public\Desktop\Twitch Chat Overlay.lnk
2022-03-16 18:21 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-03-16 18:21 - 2022-03-16 18:21 - 000001823 _____
C:\Users\Public\Desktop\iTunes.lnk
2022-03-16 18:21 - 2022-03-16 18:21 - 000000000 ____D
C:\Users\Default\AppData\Roaming\Apple Computer
2022-03-16 18:21 - 2022-03-16 18:21 - 000000000 ____D C:\Program Files\iTunes
2022-03-16 18:17 - 2022-04-03 14:09 - 000000000 ____D C:\Users\Public\Security
Sessions
2022-03-16 18:17 - 2022-03-28 21:06 - 000000000 ____D
C:\WINDOWS\SysWOW64\statReporter
2022-03-16 18:16 - 2022-03-16 18:17 - 000000000 ____D
C:\Users\acbou\AppData\Local\Avira
2022-03-16 18:16 - 2022-03-16 18:16 - 000000000 ____H
C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-03-16 18:16 - 2022-03-16 18:16 - 000000000 ____D C:\Users\Public\Speedup
Sessions
2022-03-16 18:16 - 2021-10-22 09:45 - 000209088 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2022-03-16 18:16 - 2021-06-25 14:59 - 000022848 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2022-03-16 18:16 - 2021-02-09 19:03 - 000199312 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2022-03-16 18:16 - 2019-06-07 15:09 - 000078936 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2022-03-16 18:16 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2022-03-16 18:16 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2022-03-16 18:16 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH &
Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2022-03-16 18:15 - 2022-03-17 14:28 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-03-16 18:15 - 2022-03-16 18:17 - 000000000 ____D C:\ProgramData\Avira
2022-03-16 18:15 - 2022-03-16 18:16 - 000000000 ____D C:\Program Files
(x86)\Avira
2022-03-16 12:30 - 2022-03-16 13:25 - 3812845896 _____
C:\Users\acbou\Downloads\1426935904-83072210-f2835685-99ca-4cda-b722-f96ce9701eaf.mp4
2022-03-16 12:25 - 2022-03-16 13:24 - 016302303 _____
C:\Users\acbou\Downloads\1426810092-83072210-9512ece4-2063-48e4-9775-d42d00647fb8.mp4
2022-03-14 18:13 - 2022-03-14 18:13 - 000024552 _____ (EasyAntiCheat Oy)
C:\WINDOWS\system32\eac_usermode_1538058149632.dll
2022-03-13 21:51 - 2022-03-13 21:51 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\SimsNetwork
2022-03-13 21:20 - 2022-03-13 21:20 - 000000000 ____D
C:\Users\Public\Documents\EA Games
2022-03-13 21:16 - 2022-03-28 19:07 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2022-03-13 21:16 - 2011-07-28 05:26 - 000000000 ____D
C:\Users\acbou\Documents\EA Games
2022-03-13 20:11 - 2022-03-28 21:06 - 000000000 ___RD
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-03-13 20:11 - 2022-03-20 23:25 - 000000000 ____D C:\Program Files
(x86)\SamsungPrinterLiveUpdate
2022-03-13 20:11 - 2022-03-13 20:13 - 000000000 ____D C:\Program Files
(x86)\Samsung
2022-03-13 20:11 - 2022-03-13 20:11 - 000000000 ____D C:\Program Files
(x86)\SamsungPrinterLiveUpdateInstaller
2022-03-13 20:11 - 2015-05-27 23:17 - 002086912 _____
C:\WINDOWS\system32\eed_ec.dll
2022-03-13 20:11 - 2015-05-27 23:17 - 000685336 _____ (Samsung Electronics)
C:\WINDOWS\system32\eed_sl.exe
2022-03-13 20:11 - 2015-05-26 11:52 - 000158040 _____ (SS)
C:\WINDOWS\system32\sst8cci.exe
2022-03-13 20:11 - 2015-05-26 11:52 - 000000273 _____
C:\WINDOWS\system32\eed_sl.exe.config
2022-03-13 20:11 - 2015-05-26 11:51 - 000089600 _____ (SS)
C:\WINDOWS\system32\sst8cci.dll
2022-03-13 20:11 - 2015-05-26 11:51 - 000022528 _____ ()
C:\WINDOWS\system32\sst8clm.dll
2022-03-13 20:11 - 2015-05-26 03:16 - 000094208 _____
C:\WINDOWS\SysWOW64\ssdevm.dll
2022-03-13 20:11 - 2015-05-26 03:16 - 000087552 _____
C:\WINDOWS\system32\ssdevm64.dll
2022-03-13 20:11 - 2013-04-22 04:27 - 002813855 _____ C:\WINDOWS\sst8cLTR.prn
2022-03-13 20:11 - 2013-04-22 04:26 - 003091615 _____ C:\WINDOWS\sst8cA4.prn
2022-03-13 19:46 - 2013-04-17 20:46 - 000011576 _____ (Samsung Electronics)
C:\WINDOWS\system32\Drivers\SSPORT.SYS
2022-03-11 22:12 - 2022-03-11 22:25 - 000000000 ____D
C:\Users\acbou\AppData\Local\enlisted
2022-03-11 22:12 - 2022-03-11 22:12 - 000000000 ____D C:\ProgramData\enlisted
2022-03-11 10:16 - 2022-03-16 22:04 - 000000000 ____D
C:\Users\acbou\Documents\Forger file downloads
2022-03-09 23:39 - 2022-03-10 02:34 - 000001009 _____
C:\Users\acbou\Desktop\Forger.exe - Shortcut.lnk
2022-03-09 21:17 - 2022-03-18 18:26 - 000000000 ____D
C:\Users\acbou\AppData\Local\vortex-updater
2022-03-09 21:17 - 2022-03-10 00:39 - 000000000 ____D
C:\Users\acbou\AppData\Local\Forger
2022-03-09 16:14 - 2022-03-09 16:14 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\slobs-plugins
2022-03-09 16:13 - 2022-03-25 18:26 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\slobs-client
2022-03-09 15:02 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxSound
2022-03-09 15:02 - 2022-03-09 15:02 - 000000000 ____D C:\Program Files\FxSound
LLC
2022-03-09 14:10 - 2022-03-11 18:28 - 000000947 _____ C:\WINDOWS\Tasks\EPSON
ET-2750 Series Update {644AE659-9338-489E-B817-872ACB4EED3B}.job
2022-03-09 14:09 - 2022-03-11 18:28 - 000000947 _____ C:\WINDOWS\Tasks\EPSON
ET-2750 Series Update {EC215EFA-8B57-4AF5-87DF-40E256C6D985}.job
2022-03-09 14:09 - 2022-03-11 18:28 - 000000947 _____ C:\WINDOWS\Tasks\EPSON
ET-2750 Series Update {12E20AF9-1E15-4778-A72F-B4258576C7E5}.job
2022-03-09 14:09 - 2017-07-14 06:13 - 000184832 _____ (Seiko Epson Corporation)
C:\WINDOWS\system32\E_YLMBSLE.DLL
2022-03-09 14:09 - 2011-03-15 05:03 - 000083968 _____ (SEIKO EPSON CORPORATION)
C:\WINDOWS\system32\E_YD4BSLE.DLL
2022-03-08 13:42 - 2022-03-28 21:06 - 000000000 ____D
C:\WINDOWS\system32\appmgmt
2022-03-06 23:58 - 2022-03-06 23:58 - 000000000 ____D
C:\Users\acbou\AppData\LocalLow\Atari Inc_
2022-03-06 14:20 - 2022-03-06 14:20 - 305856512 _____
C:\Users\acbou\Downloads\Windows.iso
2022-03-05 00:29 - 2022-03-28 21:06 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Workshop
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-03 14:13 - 2021-12-25 16:21 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Toolkit
2022-04-03 14:10 - 2022-03-02 17:33 - 000000000 ___RD C:\Users\acbou\Creative
Cloud Files
2022-04-03 14:10 - 2022-01-05 23:53 - 000000000 ____D C:\Program Files
(x86)\Google
2022-04-03 14:09 - 2021-10-02 17:45 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\LGHUB
2022-04-03 14:09 - 2021-10-02 17:45 - 000000000 ____D
C:\Users\acbou\AppData\Local\LGHUB
2022-04-03 14:09 - 2021-08-16 08:35 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-03 14:08 - 2022-01-22 23:00 - 000000000 ____D C:\ProgramData\VMware
2022-04-03 14:08 - 2021-08-16 08:30 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-03 14:08 - 2019-12-07 03:14 - 000000000 ____D
C:\ProgramData\regid.1991-06.com.microsoft
2022-04-02 20:44 - 2019-12-07 03:03 - 000524288 _____
C:\WINDOWS\system32\config\BBI
2022-04-02 20:43 - 2021-10-02 21:14 - 000000000 ____D
C:\Users\acbou\AppData\Local\CrashDumps
2022-04-02 20:43 - 2021-10-01 21:08 - 000000000 ____D C:\Program Files
(x86)\Steam
2022-04-02 19:45 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-02 19:34 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-02 19:19 - 2022-01-21 04:27 - 000000000 ____D
C:\Users\acbou\AppData\LocalLow\Mozilla
2022-04-01 23:59 - 2021-10-01 21:02 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\discord
2022-04-01 23:23 - 2021-10-01 21:02 - 000000000 ____D
C:\Users\acbou\AppData\Local\Discord
2022-04-01 22:46 - 2021-10-01 19:40 - 000000000 ____D
C:\Users\acbou\AppData\Local\D3DSCache
2022-04-01 22:26 - 2021-12-15 22:55 - 000000000 ____D C:\Users\acbou\Desktop\USB
Backup
2022-04-01 22:24 - 2022-02-24 21:28 - 000000000 ___RD
C:\Users\acbou\Desktop\Tools
2022-04-01 22:22 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-01 22:19 - 2021-10-01 19:42 - 000000000 ____D
C:\Users\acbou\AppData\Local\PlaceholderTileLogoFolder
2022-04-01 22:19 - 2021-10-01 19:40 - 000000000 ____D
C:\Users\acbou\AppData\Local\Packages
2022-04-01 22:19 - 2021-08-16 08:31 - 000000000 ____D C:\ProgramData\Packages
2022-04-01 22:19 - 2019-12-07 03:14 - 000000000 ___HD C:\Program
Files\WindowsApps
2022-04-01 20:32 - 2021-10-03 12:43 - 000000000 ____D
C:\Users\acbou\AppData\Local\UnrealEngine
2022-04-01 20:18 - 2021-10-03 20:21 - 000002178 _____
C:\Users\acbou\Desktop\WeMod.lnk
2022-04-01 20:18 - 2021-10-03 20:21 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\WeMod
2022-04-01 20:18 - 2021-10-03 20:21 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2022-04-01 20:18 - 2021-10-01 21:02 - 000000000 ____D
C:\Users\acbou\AppData\Local\SquirrelTemp
2022-04-01 15:46 - 2021-10-03 19:01 - 000000000 ____D
C:\Users\WDAGUtilityAccount
2022-04-01 15:46 - 2021-10-03 19:01 - 000000000 ____D C:\Users\Guest
2022-04-01 15:46 - 2021-10-03 19:01 - 000000000 ____D C:\Users\DefaultAccount
2022-04-01 15:46 - 2021-10-03 19:01 - 000000000 ____D C:\Users\Administrator
2022-04-01 15:46 - 2021-08-16 08:37 - 000000000 ____D C:\Program Files
(x86)\Intel
2022-04-01 15:46 - 2021-08-16 08:35 - 000000000 ____D C:\ProgramData\Package
Cache
2022-03-30 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-30 23:02 - 2021-10-02 19:32 - 000006656 _____
C:\WINDOWS\system32\lpcio.dll
2022-03-30 22:13 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-30 22:03 - 2021-10-10 15:30 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-03-30 22:03 - 2021-10-10 15:30 - 000000000 ____D C:\Program Files\CPUID
2022-03-30 21:07 - 2019-12-07 03:54 - 000000000 ____D C:\Program Files\Windows
Defender Advanced Threat Protection
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ___RD
C:\WINDOWS\ImmersiveControlPanel
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\ShellExperiences
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\PolicyDefinitions
2022-03-30 21:07 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-30 18:03 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-30 16:32 - 2021-10-07 12:03 - 000000000 ____D
C:\Users\acbou\AppData\Local\Ubisoft Game Launcher
2022-03-29 19:54 - 2021-10-07 12:03 - 000000000 ____D C:\ProgramData\Ubisoft
2022-03-29 19:36 - 2021-10-01 20:10 - 000001441 _____
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX
Browser.lnk
2022-03-29 18:04 - 2022-01-05 23:54 - 000002254 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-29 18:04 - 2022-01-05 23:54 - 000002213 _____
C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-29 12:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-03-28 23:34 - 2021-10-10 15:04 - 000000000 ____D
C:\Users\acbou\AppData\Local\AMD_Common
2022-03-28 22:30 - 2021-10-01 19:41 - 000000000 ____D
C:\Users\acbou\AppData\Local\AMD
2022-03-28 22:23 - 2021-08-16 08:40 - 000000000 ____D C:\Program Files\AMD
2022-03-28 22:20 - 2022-02-07 19:56 - 000000000 ____D
C:\Users\acbou\AppData\Local\ElevatedDiagnostics
2022-03-28 22:20 - 2021-10-10 03:12 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Origin
2022-03-28 22:20 - 2021-10-10 03:12 - 000000000 ____D C:\ProgramData\Origin
2022-03-28 22:19 - 2021-06-05 09:32 - 000000000 ___HD C:\$WINDOWS.~BT
2022-03-28 22:16 - 2022-02-23 18:39 - 000000000 ____D C:\Program Files\UNP
2022-03-28 22:15 - 2021-08-16 08:34 - 000000000 ____D C:\AMD
2022-03-28 22:10 - 2021-10-03 12:52 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Vortex
2022-03-28 21:13 - 2021-10-10 03:18 - 000000000 ____D C:\Program Files
(x86)\Origin Games
2022-03-28 21:12 - 2021-10-10 03:12 - 000000000 ____D
C:\Users\acbou\AppData\Local\Origin
2022-03-28 21:06 - 2022-02-27 20:20 - 000000000 ___RD
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2022-03-28 21:06 - 2022-02-22 17:16 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WicReset
2022-03-28 21:06 - 2022-02-22 16:54 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2022-03-28 21:06 - 2022-02-04 19:27 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins
2022-03-28 21:06 - 2022-02-04 19:15 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II
2022-03-28 21:06 - 2022-02-04 00:40 - 000000000 ____D C:\WINDOWS\ShellNew
2022-03-28 21:06 - 2022-02-04 00:40 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2022-03-28 21:06 - 2022-01-29 17:17 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2022-03-28 21:06 - 2022-01-22 23:01 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-28 21:06 - 2022-01-22 23:00 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2022-03-28 21:06 - 2022-01-11 00:49 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2022-03-28 21:06 - 2022-01-11 00:40 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-03-28 21:06 - 2022-01-09 14:01 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
2022-03-28 21:06 - 2021-12-25 16:56 - 000000000 ____D
C:\ProgramData\regid.2018-06.com.bluedesigns
2022-03-28 21:06 - 2021-12-25 16:56 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Sherpa
2022-03-28 21:06 - 2021-12-19 17:38 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-03-28 21:06 - 2021-10-30 12:12 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2022-03-28 21:06 - 2021-10-10 13:30 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2022-03-28 21:06 - 2021-10-10 03:12 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-03-28 21:06 - 2021-10-07 16:52 - 000000000 ____D C:\Program Files\Common
Files\logishrd
2022-03-28 21:06 - 2021-10-02 20:26 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2022-03-28 21:06 - 2021-10-01 21:08 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-03-28 21:06 - 2021-10-01 21:06 - 000000000 ____D
C:\WINDOWS\system32\elambkup
2022-03-28 21:06 - 2021-08-16 08:41 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-03-28 21:06 - 2021-08-16 08:35 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-03-28 21:06 - 2021-08-16 08:32 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-03-28 21:06 - 2021-06-16 11:10 - 000000000 ____D C:\WINDOWS\OEM
2022-03-28 21:06 - 2019-12-07 03:18 - 000000000 ____D C:\WINDOWS\Setup
2022-03-28 21:06 - 2019-12-07 03:14 - 000028672 _____
C:\WINDOWS\system32\config\BCD-Template
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ___HD
C:\WINDOWS\system32\GroupPolicy
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\system32\WinBioDatabase
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\system32\Tasks_Migrated
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\LiveKernelReports
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-28 21:06 - 2019-12-07 03:14 - 000000000 ____D C:\Program Files\Common
Files\microsoft shared
2022-03-28 21:04 - 2022-02-22 16:53 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2022-03-28 21:04 - 2022-01-20 02:47 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2022-03-28 21:04 - 2022-01-18 01:49 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone
2022-03-28 21:04 - 2021-10-02 17:56 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-03-28 21:04 - 2021-08-16 08:37 - 000000000 ____D
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2022-03-28 21:03 - 2019-12-07 03:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ___SD
C:\WINDOWS\system32\DiagSvcs
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\system32\WinBioPlugIns
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-03-28 21:03 - 2019-12-07 03:14 - 000000000 ____D
C:\WINDOWS\system32\appraiser
2022-03-28 19:27 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-03-28 19:15 - 2021-10-03 18:46 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\FxSound
2022-03-28 19:11 - 2021-10-01 19:40 - 000000000 ___RD C:\Users\acbou\3D Objects
2022-03-28 19:11 - 2021-08-16 08:32 - 000000000 __RHD
C:\Users\Public\AccountPictures
2022-03-28 19:10 - 2022-02-28 16:32 - 000000400 __RSH C:\ProgramData\ntuser.pol
2022-03-28 19:10 - 2019-12-07 03:14 - 000000000 ____D C:\Program Files\Windows
Defender
2022-03-28 19:10 - 2019-12-07 03:03 - 000032768 _____
C:\WINDOWS\system32\config\ELAM
2022-03-28 19:09 - 2019-12-07 03:14 - 000000000 __RSD C:\WINDOWS\Media
2022-03-28 19:07 - 2022-02-28 15:24 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7
USB DVD Download Tool
2022-03-28 19:07 - 2022-02-27 19:09 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Legend
of Pirates Online
2022-03-28 19:07 - 2022-02-19 21:56 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enlisted
2022-03-28 19:07 - 2022-01-27 17:55 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-03-28 19:07 - 2022-01-22 23:01 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-28 19:07 - 2022-01-05 23:54 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2022-03-28 19:07 - 2021-12-04 19:45 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kotor Tool
2022-03-28 19:07 - 2021-12-04 19:40 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamBG IE
MOD Tools
2022-03-28 19:07 - 2021-10-07 12:03 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2022-03-28 19:07 - 2021-10-02 19:25 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-03-28 19:07 - 2021-10-01 21:02 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-03-28 19:07 - 2021-08-16 08:35 - 000000000 ____D
C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-03-28 18:15 - 2021-12-15 22:57 - 000000000 ____D C:\ESD
2022-03-28 17:03 - 2021-08-16 08:30 - 000002445 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-25 19:44 - 2021-11-19 18:59 - 000120296 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gamelaunchhelper.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 002258408 _____ (Microsoft Corporation)
C:\WINDOWS\system32\xgameruntime.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 000337384 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gameplatformservices.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 000218600 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gamingservicesproxy.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 000198120 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gameconfighelper.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 000131072 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-03-25 19:44 - 2021-08-16 08:32 - 000062952 _____ (Microsoft Corporation)
C:\WINDOWS\system32\gamemodcontrol.exe
2022-03-25 16:56 - 2021-11-08 20:02 - 000002152 _____
C:\Users\Public\Desktop\Streamlabs OBS.lnk
2022-03-25 16:53 - 2021-11-08 20:02 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\obs-studio-node-server
2022-03-24 17:07 - 2021-10-03 19:56 - 000000000 ____D
C:\Users\acbou\AppData\Local\REDEngine
2022-03-23 19:18 - 2022-02-11 19:38 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Mr.Mine
2022-03-23 17:58 - 2021-10-01 19:41 - 000000000 ____D
C:\Users\acbou\AppData\Local\NVIDIA
2022-03-23 17:56 - 2022-03-02 17:31 - 000000000 ____D C:\Program Files\Common
Files\Adobe
2022-03-22 16:40 - 2022-02-24 21:27 - 000000000 ____D
C:\Users\acbou\Desktop\Games
2022-03-21 18:49 - 2022-01-18 02:08 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\uTorrent
2022-03-20 23:25 - 2022-02-28 16:44 - 000000000 ____D
C:\Users\acbou\AppData\Local\Rufus
2022-03-20 23:25 - 2022-02-17 21:27 - 000000000 ____D C:\Program Files\Mozilla
Firefox
2022-03-20 23:25 - 2022-02-07 01:06 - 000000000 ____D
C:\Users\acbou\AppData\Local\LOOT
2022-03-20 23:25 - 2022-01-29 19:02 - 000000000 ____D
C:\Users\acbou\AppData\Local\WELLBIA
2022-03-20 23:25 - 2022-01-18 02:09 - 000000000 ____D
C:\Users\acbou\AppData\Local\BitTorrentHelper
2022-03-20 23:25 - 2021-12-25 16:57 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\BlueSherpa
2022-03-20 23:25 - 2021-11-26 08:16 - 000000000 ____D
C:\Users\acbou\AppData\Local\Persona
2022-03-20 23:25 - 2021-10-16 12:00 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Twitch Studio
2022-03-20 23:25 - 2021-10-10 15:33 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\NZXT CAM
2022-03-20 23:25 - 2021-10-10 03:12 - 000000000 ____D C:\Program Files
(x86)\Origin
2022-03-20 23:25 - 2021-10-03 12:43 - 000000000 ____D C:\ProgramData\EQU8
2022-03-20 23:25 - 2021-10-02 17:54 - 000000000 ____D C:\Program Files
(x86)\VulkanRT
2022-03-20 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-03-20 23:23 - 2022-01-09 14:29 - 000000000 ____D
C:\Users\acbou\AppData\Local\enchant
2022-03-20 23:23 - 2021-12-07 23:23 - 000000000 ____D
C:\Users\acbou\AppData\Local\FalloutNV
2022-03-20 23:23 - 2021-10-07 16:50 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\Zoom
2022-03-18 20:42 - 2022-01-14 20:44 - 000000000 ____D
C:\Users\acbou\AppData\Local\Fallout4
2022-03-16 18:27 - 2022-01-21 04:27 - 000000000 ____D C:\Program Files
(x86)\Mozilla Maintenance Service
2022-03-16 18:23 - 2022-01-21 04:27 - 000001012 _____
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-16 18:23 - 2022-01-21 04:27 - 000001000 _____
C:\Users\Public\Desktop\Firefox.lnk
2022-03-14 20:39 - 2022-01-26 01:38 - 000000000 ____D
C:\Users\acbou\AppData\Local\CAPCOM
2022-03-14 20:13 - 2021-10-10 15:33 - 000001791 _____
C:\Users\Public\Desktop\NZXT CAM.lnk
2022-03-14 20:13 - 2021-10-10 15:33 - 000000000 ____D C:\Program Files\NZXT CAM
2022-03-13 17:05 - 2022-01-22 23:01 - 000000000 ____D C:\Program Files\WinRAR
2022-03-12 01:29 - 2021-08-16 08:31 - 000000000 ____D C:\Program Files\Microsoft
Office
2022-03-11 22:11 - 2021-12-13 18:20 - 000000000 ____D
C:\Users\acbou\AppData\Roaming\EasyAntiCheat
2022-03-10 00:49 - 2021-12-04 20:33 - 000000000 ____D
C:\Users\acbou\AppData\Local\babl-0.1
2022-03-09 16:14 - 2021-11-08 20:02 - 000000000 ____D C:\Program
Files\Streamlabs OBS
2022-03-09 15:02 - 2022-02-24 21:13 - 000002043 _____
C:\Users\Public\Desktop\FxSound.lnk
2022-03-09 15:02 - 2021-10-03 19:05 - 000000000 ____D C:\ProgramData\FxSound
2022-03-09 14:15 - 2022-02-22 16:54 - 000000000 ____D C:\Program Files
(x86)\EPSON Software
2022-03-08 21:09 - 2021-10-02 21:33 - 000000000 ____D C:\Program Files\Microsoft
Update Health Tools
2022-03-08 21:09 - 2021-10-02 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-08 21:07 - 2021-10-02 18:50 - 145666720 ____C (Microsoft Corporation)
C:\WINDOWS\system32\MRT.exe
2022-03-06 13:54 - 2022-02-28 15:24 - 000000000 ____D
C:\Users\acbou\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2022-03-05 22:07 - 2022-01-18 03:08 - 000000000 ____D
C:\Users\acbou\AppData\LocalLow\uTorrent
2022-03-04 16:34 - 2022-02-01 17:27 - 001191607 _____
C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip
==================== Files in the root of some directories ========
2022-02-04 00:44 - 2022-02-04 17:51 - 000000063 _____ ()
C:\Users\acbou\AppData\Local\Autosofted License.txt
2021-10-14 21:26 - 2021-10-14 21:26 - 000007598 _____ ()
C:\Users\acbou\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2022
Ran by acbou (03-04-2022 14:14:12)
Running from C:\Users\acbou\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) (2022-03-29 01:10:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
acbou (S-1-5-21-1828491354-875682740-3383768496-1001 - Administrator - Enabled)
=> C:\Users\acbou
Administrator (S-1-5-21-1828491354-875682740-3383768496-500 - Administrator -
Disabled)
DefaultAccount (S-1-5-21-1828491354-875682740-3383768496-503 - Limited -
Disabled)
Guest (S-1-5-21-1828491354-875682740-3383768496-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1828491354-875682740-3383768496-504 - Limited -
Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Avira Antivirus (Enabled - Up to date)
{8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date)
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 -
Adobe Inc.)
Adobe Premiere Elements 2020 (HKLM-x32\...\PRE_18_2) (Version: 18.0 - Adobe
Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_3) (Version: 2.3 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506
- Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.3.2 - Advanced
Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2})
(Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E})
(Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44})
(Version: 2.6.3.1 - Apple Inc.)
ASRRGBLED v1.0.85 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.85 - ASRock
Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: -
Ubisoft)
AutoHotkey 1.1.33.10 (HKLM\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira
Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.40.2.32087 -
Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.63.27634 - Avira
Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira
Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version:
6.17.0.11380 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1)
(Version: 1.82.0 - Bethesda Softworks)
Blue Sherpa (HKLM-x32\...\Blue Sherpa) (Version: - Blue Microphones)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.6.100.1026 - BlueStack
Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\BlueStacks
X) (Version: 0.14.3.5 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 -
Apple Inc.)
Brackets (HKLM-x32\...\{4F3B6E8C-401B-4EDE-A423-6481C239D6FF}) (Version: 2.0.1 -
brackets.io) Hidden
Brackets (HKLM-x32\...\Brackets 2.0.1) (Version: 2.0.1 - brackets.io)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009
- Advanced Micro Devices, Inc.) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version:
1.17.1 - ALCPU)
CPUID CPU-Z 2.00 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.00 - CPUID, Inc.)
CPUID HWMonitor Pro 1.46 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.46 -
CPUID, Inc.)
Creation Kit: Fallout 4 (HKLM-x32\...\Creation Kit: Fallout 4) (Version: -
Bethesda Softworks)
CurseForge
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj)
(Version: 0.194.2.1 - Overwolf app)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.52 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Discord)
(Version: 1.0.9003 - Discord Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3})
(Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version:
1.04.8524.0 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version:
1.0.2.1 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{5ca4886b-7bc8-477c-8576-901b1e8f0586}) (Version:
1.0.2.1 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version:
1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version:
1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version:
1.00.00 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{b00e47a4-d642-402c-a060-8d959a0537db}) (Version:
1.00.00 - ENE TECHNOLOGY INC.) Hidden
Enlisted Launcher 1.0.3.80
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1)
(Version: - Gaijin Network)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E})
(Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8})
(Version: 2.0.28.0 - Epic Games, Inc.)
EPSON ET-2750 Series Printer Uninstall (HKLM\...\EPSON ET-2750 Series)
(Version: - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570})
(Version: 3.11.0053 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D})
(Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker
(HKLM-x32\...\{C4D8E138-C67B-41D5-B493-F54BB72B43E0}) (Version: 3.3.0.0 - Seiko
Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson ScanSmart (HKLM-x32\...\{D310BDCC-D4B4-4DC1-B9DF-D1D7367CAC4F}) (Version:
3.6.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639})
(Version: 4.6.3 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version:
3.1.4.0 - SEIKO EPSON Corporation)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
FxSound (HKLM\...\{2A810962-B8B5-4838-8D65-246E0B25ED8E}) (Version: 1.1.15.0 -
FxSound LLC) Hidden
FxSound (HKLM\...\FxSound 1.1.15.0) (Version: 1.1.15.0 - FxSound LLC)
Ghost Recon Breakpoint (HKLM-x32\...\Uplay Install 11903) (Version: - Ubisoft)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:
- GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version:
55.0.3.0 - Google LLC)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.1- - Inkscape)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000040-0220-1033-84C8-B8D95FA3C8C3})
(Version: 22.40.0.2 - Intel Corporation)
Intel® PROSet/Wireless Software
(HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel
Corporation)
iTunes (HKLM\...\{781FFA26-A8FF-47B7-9BFB-5F4FB3A72315}) (Version: 12.12.3.5 -
Apple Inc.)
Kotor Tool (HKLM-x32\...\Kotor Tool) (Version: - )
Launcher Prerequisites (x64)
(HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic
Games, Inc.) Hidden
Local 6.3.1
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\db9b6d64-7ad2-556e-893c-24e21cb471e1)
(Version: 6.3.1 - WPEngine, Inc.)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:
2022.3.242300 - Logitech)
LOOT version 0.17.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1)
(Version: 0.17.0 - LOOT Team)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version:
16.0.14931.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.55 - Microsoft
Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version:
99.0.1150.55 - Microsoft Corporation)
Microsoft OneDrive
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\OneDriveSetup.exe)
(Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9})
(Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable
(HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 -
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable
(HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
(HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
(HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
(HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
(HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
(HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
(HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
(HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
(HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 -
Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
(HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 -
Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
(HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
(HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664
(HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
(HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 -
Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664
(HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 -
Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139
(HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 -
Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704
(HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 -
Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh
(HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 -
Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 98.0.1 (x64 en-US))
(Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version:
98.0.1 - Mozilla)
NVIDIA FrameView SDK 1.2.7321.30900954
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version:
1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version:
3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.15
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version:
512.15 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version:
1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version:
9.21.0713 - NVIDIA Corporation)
NZXT CAM 4.33.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.33.2
- NZXT, Inc.)
Office 16 Click-to-Run Extensibility Component
(HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 -
Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component
(HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 -
Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component
(HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 -
Microsoft Corporation) Hidden
Opera GX Stable 84.0.4316.52
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\Opera GX 84.0.4316.52)
(Version: 84.0.4316.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.194.0.15 - Overwolf Ltd.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
(Version: 6.0.9079.1 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version:
2.0.9.3 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{27555A81-EED9-4B96-8721-900AE920D662}) (Version:
1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung C410 Series (HKLM-x32\...\Samsung C410 Series) (Version: 1.15
(6/12/2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version:
1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:
1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 1.5.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version:
1.5.2 - General Workings, Inc.)
The Legend of Pirates Online
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\The Legend of Pirates
Online) (Version: 1.4.1 - The TLOPO Team)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version:
1.85.203.1030 - Electronic Arts Inc.)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version:
- Ubisoft)
Tom Clancys Rainbow Six Extraction (HKLM-x32\...\Uplay Install 5271) (Version:
- Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: -
Ubisoft Montreal)
Toolkit (HKLM-x32\...\Toolkit) (Version: 1.30.0.23 - Seagate)
Twitch Chat Overlay version 0.9.1
(HKLM-x32\...\{8849A0F2-CED5-4007-ACA9-A4AF88B6D126}_is1) (Version: 0.9.1 -
baffler)
Twitch Studio
(HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0})
(Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51})
(Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339})
(Version: 1.0.14.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.7 - Black
Tree Gaming Ltd.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version: - Ubisoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet
Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer
and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WeMod (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\WeMod) (Version:
8.0.11 - WeMod)
WicReset version 5.60.0.0
(HKLM-x32\...\{20379D3A-321B-4830-96A6-37183B713AE8}_is1) (Version: 5.60.0.0 -
WWW.WIC.SUPPORT)
Windows 7 USB/DVD Download Tool
(HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 -
Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91})
(Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\ZoomUMX) (Version:
5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program
Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc
[2022-03-02] (Adobe Systems Incorporated)
Aliens: Fireteam Elite -> C:\Program
Files\WindowsApps\ColdIronStudiosLLC.AliensFireteam_1.0.55.0_x64__r52mqvf2yh3da
[2022-03-25] (Cold Iron Studios LLC)
Amazon Prime Video for Windows -> C:\Program
Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.94.0_x64__pwbj9vvecjh7j
[2022-04-01] (Amazon Development Centre (London) Ltd)
AMD Link -> C:\Program
Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.21.50009.0_x64__0a9344xs7nr4m
[2022-03-28] (Advanced Micro Devices Inc.)
Audiobooks from Audible -> C:\Program
Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2
[2022-01-27] (Audible Inc)
Cinebench -> C:\Program
Files\WindowsApps\MAXONComputerGmbH.Cinebench_23.2.0.0_x64__rsne5bsk8s7tj
[2021-10-23] (MAXON Computer GmbH)
Disney+ -> C:\Program
Files\WindowsApps\Disney.37853FC22B2CE_1.25.5.0_x64__6rarf9sa4v8jt [2022-03-22]
(Disney)
Fallout 76 -> C:\Program
Files\WindowsApps\Mutable\BethesdaSoftworks.Fallout76-PC_1.0.47.0_x64__3275kfvn8vcwc
[2022-03-01] (Bethesda Softworks)
FlowPad -> C:\Program
Files\WindowsApps\2505FireCubeStudios.FlowPad_5.2.18.0_x64__k45w5yt88e21j
[2022-03-06] (FireCubeStudios)
Halo: The Master Chief Collection -> C:\Program
Files\WindowsApps\Mutable\Microsoft.Chelan_1.2645.0.0_x64__8wekyb3d8bbwe
[2022-01-08] (Microsoft Studios)
Hulu -> C:\Program
Files\WindowsApps\HULULLC.HULUPLUS_3.7.0.0_neutral__fphbd361v8tya [2022-03-30]
(Hulu.)
Instagram -> C:\Program
Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt
[2022-02-28] (Instagram)
Messenger -> C:\Program
Files\WindowsApps\FACEBOOK.317180B0BB486_1420.6.106.0_x64__8xx8rvfyw5nnt
[2022-03-02] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program
Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
[2022-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program
Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
[2022-03-28] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program
Files\WindowsApps\Microsoft.4297127D64EC6_1.0.159.0_x64__8wekyb3d8bbwe
[2022-04-01] (Microsoft Studios)
Netflix -> C:\Program
Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-12]
(Netflix, Inc.)
Newsflow -> C:\Program
Files\WindowsApps\6958MaxN.Newsflow_2.1.12.1000_x64__5jrsa023thkzc [2022-02-01]
(MaxN)
NVIDIA Control Panel -> C:\Program
Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj
[2022-03-28] (NVIDIA Corp.)
Paramount+ -> C:\Program
Files\WindowsApps\2BDFC20A.CBS_1.0.1.0_neutral__bd059sf7kn2rm [2022-01-11] (CBS
Interactive Inc.)
Photos Add-on -> C:\Program
Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe
[2022-01-19] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program
Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe
[2021-10-27] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program
Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g
[2021-10-20] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0
[2022-03-22] (Spotify AB) [Startup Task]
Subnautica -> C:\Program
Files\WindowsApps\UnknownWorldsEntertainmen.GAMEPREVIEWSubnautica_1.0.7.0_x64__bh1f6rvenfkm2
[2022-01-08] (Unknown Worlds Entertainment)
TikTok -> C:\Program
Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se
[2022-03-02] (Bytedance Pte. Ltd.)
Twitter -> C:\Program
Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2022-03-28]
(Twitter Inc.)
WhatsApp Desktop -> C:\Program
Files\WindowsApps\5319275A.WhatsAppDesktop_2.2208.15.0_x64__cv1g1gvanyjgm
[2022-03-25] (WhatsApp Inc.)
XboxInsiderHub -> C:\Program
Files\WindowsApps\Microsoft.XboxInsider_1.2203.11001.0_x64__8wekyb3d8bbwe
[2022-03-25] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32
-> C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations
2020.exe (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DA4B190409FF}
-> [Creative Cloud Files] => C:\Users\acbou\Creative Cloud Files [2022-03-02
17:33]
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32
-> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe
Inc. -> Adobe Inc.)
CustomCLSID:
HKU\S-1-5-21-1828491354-875682740-3383768496-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32
-> C:\Program Files (x86)\Adobe\Adobe Creative
Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] ->
{A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [
GoogleDriveMirrorBlacklistedOverlayIconHandler] ->
{51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] ->
{CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] ->
{C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] ->
{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] ->
{853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] ->
{42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common
Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
[2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] ->
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files
(x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG
-> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] ->
{14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
=> C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] ->
{700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>
C:\WINDOWS\System32\atiacm64.dll [2022-03-28] (Advanced Micro Devices Inc. ->
Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] ->
{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File
Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] ->
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} =>
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\nvshext.dll
[2022-03-17] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] ->
{0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System
Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-02-28] (Avira Operations
GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} =>
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
[2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers6: [Shell Extension for Malware scanning] ->
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files
(x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG
-> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>
C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
=> C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander
Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752
2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752
2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\acbou\Desktop\Google Drive.lnk -> C:\Program
Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\acbou\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program
Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->
--profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
==================== Loaded Modules (Whitelisted) =============
2022-03-23 17:55 - 2022-03-22 16:39 - 000151040 _____ () [File not signed]
\\?\C:\Program
Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-04-21 02:29 - 2021-04-21 02:29 - 000017920 _____ () [File not signed]
C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003567616 _____ () [File not signed]
C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-03-22 13:39 - 2022-03-22 13:39 - 000683520 _____ (Advanced Micro Devices)
[File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-03-22 13:39 - 2022-03-22 13:39 - 000065024 _____ (Advanced Micro Devices)
[File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation)
[File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2020-02-07 18:20 - 2020-02-07 18:20 - 000132096 _____ (Seiko Epson Corporation)
[File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2018-03-05 17:41 - 2018-03-05 17:41 - 000057856 _____ (Seiko Epson Corporation)
[File not signed] C:\Program Files (x86)\EPSON Software\Event
Manager\EPNWPSHDevFinder.DLL
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION)
[File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION)
[File not signed] C:\WINDOWS\System32\enppmon.dll
2021-10-10 03:12 - 2022-03-07 21:45 - 001282048 _____ (The OpenSSL Project,
hxxp://www.openssl.org/) [File not signed] C:\Program Files
(x86)\Origin\LIBEAY32.dll
2021-10-10 03:12 - 2022-03-07 21:45 - 000279040 _____ (The OpenSSL Project,
hxxp://www.openssl.org/) [File not signed] C:\Program Files
(x86)\Origin\ssleay32.dll
2021-10-10 03:12 - 2022-03-07 21:45 - 001611264 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 005487104 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 005841920 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 001179136 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 000146432 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 005089792 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-07 21:45 - 2022-03-07 21:45 - 000184832 _____ (The Qt Company Ltd) [File
not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-04-21 02:30 - 2021-04-21 02:30 - 001227776 _____ (The Qt Company Ltd.)
[File not signed] C:\Program
Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006270976 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 006947328 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000740352 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 001110528 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000326656 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 003798528 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000440832 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 004255744 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000206336 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000133120 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000396800 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 102854656 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 005611008 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000463360 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 000210432 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 02:29 - 2021-04-21 02:29 - 002877440 _____ (The Qt Company Ltd.)
[File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6212]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Software\Microsoft\Internet
Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Software\Microsoft\Internet
Explorer\Main,Secondary Start Pages = www.microcentertech.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program
Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON
CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft
Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
[2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -
C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27]
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -
C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04]
(Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -
C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -
C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft
Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft
Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft
Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 03:14 - 2022-03-27 16:40 - 000001040 _____
C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 tlcdenver.local #Local Site
127.0.0.1 www.tlcdenver.local #Local Site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path ->
C:\Program Files (x86)\VMware\VMware
Player\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program
Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA
Corporation\NVIDIA
NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program
Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Control
Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled:
)
Windows Firewall is enabled.
Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge
(disabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge
(disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Wi-Fi 2: VMware Bridge Protocol -> vmware_bridge (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"GalaxyClient"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"EpicGamesLauncher"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"GogGalaxy"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"OneDrive"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"EADM"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Steam"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Bethesda.net"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Opera GX Browser Assistant"
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\StartupApproved\Run: =>
"Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry.
The file will not be moved unless listed separately.)
FirewallRules: [TCP Query
User{337C43CE-457B-44D1-9D9D-8149D1E3CDD8}C:\users\acbou\appdata\local\programs\opera
gx\opera.exe] => (Allow) C:\users\acbou\appdata\local\programs\opera
gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query
User{93BF74BE-CAC7-4C86-99BF-4409F1CCB064}C:\users\acbou\appdata\local\programs\opera
gx\opera.exe] => (Allow) C:\users\acbou\appdata\local\programs\opera
gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{FC75BD09-0109-4FE8-8983-DB4723450770}C:\program
files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files
(x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{82E73098-ADA2-4D0B-A133-06DAFD1ABCF1}C:\program
files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files
(x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [TCP Query User{43D5A2AD-9B3D-4F82-B067-CFE623DCED2C}C:\program
files\windowsapps\spotifyab.spotifymusic_1.181.604.0_x86__zpdnekdrzrea0\spotify.exe]
=> (Allow) C:\program
files\windowsapps\spotifyab.spotifymusic_1.181.604.0_x86__zpdnekdrzrea0\spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0EF71C48-88EA-49DF-A788-CC140C224356}C:\program
files\windowsapps\spotifyab.spotifymusic_1.181.604.0_x86__zpdnekdrzrea0\spotify.exe]
=> (Allow) C:\program
files\windowsapps\spotifyab.spotifymusic_1.181.604.0_x86__zpdnekdrzrea0\spotify.exe
(Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
28-03-2022 21:58:48 Windows Update
30-03-2022 17:57:40 Windows Modules Installer
01-04-2022 15:45:56 Intel® PROSet/Wireless Software
==================== Faulty Device Manager Devices ============
Name: AMD Radeon™ Graphics
Description: AMD Radeon™ Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdwddmg
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device".
This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/02/2022 08:43:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID
{4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started.
[0x8007045b, A system shutdown is in progress.
]
Error: (04/02/2022 08:43:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (04/02/2022 08:43:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID
{4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started.
[0x8007045b, A system shutdown is in progress.
]
Error: (04/02/2022 08:43:38 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Faulting application name: opera.exe, version: 84.0.4316.52, time
stamp: 0x6242e1e4
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp:
0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x401c
Faulting application start time: 0x01d846fb8de1b1d2
Faulting application path: C:\Users\acbou\AppData\Local\Programs\Opera
GX\opera.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 9da1c800-fb02-4237-a0db-8d0bc161d12f
Faulting package full name:
Faulting package-relative application ID:
Error: (04/02/2022 07:37:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (04/02/2022 07:37:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID
{4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started.
[0x8007045b, A system shutdown is in progress.
]
Error: (04/02/2022 07:30:53 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.19041.546,
time stamp: 0x5da7ab91
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x80131623
Fault offset: 0x00007ffbbddd200f
Faulting process id: 0x2484
Faulting application start time: 0x01d846fa74e8b528
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: unknown
Report Id: dabc08a0-71a8-44e6-a78a-59163eeb0878
Faulting package full name:
Faulting package-relative application ID:
Error: (04/02/2022 07:30:52 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through
System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0,
Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at
Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at
WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String,
Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
System errors:
=============
Error: (04/01/2022 10:22:20 PM) (Source: Service Control Manager) (EventID:
7001) (User: )
Description: The VMware USB Arbitration Service service depends on the Windows
Management Instrumentation service which failed to start because of the
following error:
The service did not start due to a logon failure.
Error: (04/01/2022 10:22:20 PM) (Source: Service Control Manager) (EventID:
7038) (User: )
Description: The Winmgmt service was unable to log on as NT AUTHORITY\SYSTEM
with the currently configured password due to the following error:
The request is not supported.
To ensure that the service is configured properly, use the Services snap-in in
Microsoft Management Console (MMC).
Error: (04/01/2022 10:22:15 PM) (Source: Service Control Manager) (EventID:
7000) (User: )
Description: The LGHUB Updater Service service failed to start due to the
following error:
The service did not respond to the start or control request in a timely fashion.
Error: (04/01/2022 10:22:13 PM) (Source: DCOM) (EventID: 10010) (User:
SPECCY-JUEVOS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register
with DCOM within the required timeout.
Error: (04/01/2022 10:22:13 PM) (Source: DCOM) (EventID: 10010) (User:
SPECCY-JUEVOS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register
with DCOM within the required timeout.
Error: (04/01/2022 10:22:13 PM) (Source: DCOM) (EventID: 10010) (User:
SPECCY-JUEVOS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register
with DCOM within the required timeout.
Error: (04/01/2022 10:22:13 PM) (Source: DCOM) (EventID: 10010) (User:
SPECCY-JUEVOS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register
with DCOM within the required timeout.
Error: (04/01/2022 10:22:13 PM) (Source: DCOM) (EventID: 10010) (User:
SPECCY-JUEVOS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register
with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-04-02 19:31:17
Description:
Windows is unable to verify the image integrity of the file
\Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file
hash could not be found on the system. A recent hardware or software change
might have installed a file that is signed incorrectly or damaged, or that might
be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P4.20B 08/24/2021
Motherboard: ASRock X570 Pro4
Processor: AMD Ryzen 7 5700G with Radeon Graphics
Percentage of memory in use: 23%
Total physical RAM: 32129.9 MB
Available physical RAM: 24534.72 MB
Total Virtual: 36993.9 MB
Available Virtual: 26312.16 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.2 GB) (Free:612.81 GB) NTFS
Drive e: (8TB Desktop Drive) (Fixed) (Total:7451.91 GB) (Free:4864.33 GB) NTFS
\\?\Volume{779627b8-97f5-496b-aa2d-18ebd6a00d0a}\ () (Fixed) (Total:0.55 GB)
(Free:0.08 GB) NTFS
\\?\Volume{67ce21bd-ea39-40ec-a7c3-648d619f9950}\ (Windows RE tools) (Fixed)
(Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{cf02573b-0693-7de9-e359-a3275eedf517}\ () (Fixed) (Total:86.04 GB)
(Free:0 GB) NTFS
\\?\Volume{f9d41cbe-ddbd-ce38-2c4a-09133a04a90c}\ () (Fixed) (Total:132.35 GB)
(Free:0 GB) NTFS
\\?\Volume{322d3815-67c9-c392-dea1-61e7c430f987}\ () (Fixed) (Total:0.01 GB)
(Free:0 GB) NTFS
\\?\Volume{0d037e5b-4da2-74c0-2a47-9fe073757179}\ () (Fixed) (Total:18.05 GB)
(Free:0 GB) NTFS
\\?\Volume{b4393a9c-834c-d101-9a5e-3964c1378851}\ () (Fixed) (Total:7.81 GB)
(Free:0 GB) NTFS
\\?\Volume{cb8f2677-b5b3-4dea-9fc4-64301303fc14}\ (SYSTEM) (Fixed) (Total:0.25
GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C3EC0F00)
Partition: GPT.
==========================================================
Disk: 1 (Size: 7452 GB) (Disk ID: 233478D3)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.
==================== End of Addition.txt =======================
* Back to top
--------------------------------------------------------------------------------
#8 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted 03 April 2022 - 08:14 PM
Thank you.
Please do this.
===================================================
Farbar Recovery Scan Tool Fix
--------------------
* Right click on the FRST icon and select Run as administrator
* Highlight the below information then hit the Ctrl + C keys at the same time
and the text will be copied
* There is no need to paste the information anywhere, FRST will do it for you
Start::
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --app-fallback-url=hxxps://www.hulu.com/app/?utm_source=a2hs --app-id=epffkfffophpagfbbklffindaiconkmc --display-mode=standalone --ip-aumi (the data entry has 178 more characters).
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider
End::
* Click Fix
* When completed the tool will create a log on the desktop called Fixlog.txt.
Please copy and paste the contents of the file in your reply.
===================================================
Things I would like to see in your next reply. Please be sure to copy and paste
any requested log information unless you are asked to attach it.
* Fixlog
Edited by Oh My!, 03 April 2022 - 08:17 PM.
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
#9 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted 03 April 2022 - 10:30 PM
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2022
Ran by acbou (03-04-2022 21:29:43) Run:2
Running from C:\Users\acbou\Downloads
Loaded Profiles: acbou
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-1828491354-875682740-3383768496-1001\...\RunOnce: [Application
Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
--app-fallback-url=hxxps://www.hulu.com/app/?utm_source=a2hs
--app-id=epffkfffophpagfbbklffindaiconkmc --display-mode=standalone --ip-aumi
(the data entry has 178 more characters).
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider
*****************
"HKU\S-1-5-21-1828491354-875682740-3383768496-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application
Restart #2" => removed successfully
"AV: ESET Security (Enabled - Up to date)
{89B55CC4-3881-78B2-11E2-479AE0371896}" => removed successfully
"FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}" => removed
successfully
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated"="1"
[HKLM\SOFTWARE\Microsoft\Security
Center\Provider\Av\{8A154ED8-4428-DB2D-0E3F-BD82C448FD94}]
"GUID"="{8A154ED8-4428-DB2D-0E3F-BD82C448FD94}"
"DISPLAYNAME"="Avira Antivirus"
"STATE"="266240"
"PRODUCTEXE"="C:\Program Files
(x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe"
"REPORTINGEXE"="C:\Program Files
(x86)\Avira\Antivirus\avirasecuritycenteragent.exe"
[HKLM\SOFTWARE\Microsoft\Security
Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID"="{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}"
"DISPLAYNAME"="Microsoft Defender Antivirus"
"STATE"="393472"
"PRODUCTEXE"="windowsdefender://"
"REPORTINGEXE"="%ProgramFiles%\Windows Defender\MsMpeng.exe"
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\CBP]
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\DPA]
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated"="1"
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
[HKLM\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
=== End of ExportKey ===
==== End of Fixlog 21:29:43 ====
* Back to top
--------------------------------------------------------------------------------
#10 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted 03 April 2022 - 10:35 PM
It lloks like that worked! FRST.txt no longer shows ESET! I'll let you know
tomorrow if the firewall remains on.
* Back to top
--------------------------------------------------------------------------------
#11 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted Yesterday, 07:51 AM
Very good. I await your report.
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
#12 CHRONICTYRO
chronictyro
* Topic Starter
*
* Members
* 9 posts
* OFFLINE
Posted Yesterday, 02:23 PM
Grrr. My Firewall was turned off when I turned on my pc this afternoon.
* Back to top
--------------------------------------------------------------------------------
#13 OH MY!
Oh My!
Adware and Spyware and Malware
*
* Malware Response Instructor
* 49,718 posts
* ONLINE
* Gender:Male
* Location:California
* Local time:06:29 AM
Posted Yesterday, 07:04 PM
Did you attempt to turn on the Windows Firewall?
If so, please download and run the Windows Firewall Troubleshooter.
Gary
"Lord, to whom would we go? You have the words that give eternal life. We
believe, and we know you are the Holy One of God." Where to Start
* Back to top
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Back to Virus, Trojan, Spyware, and Malware Removal Help
*
*
*
*
*
*
*
*
*
*
0 USER(S) ARE READING THIS TOPIC
0 members, 0 guests, 0 anonymous users
Reply to quoted posts Clear
1. BleepingComputer.com
2. → Security
3. → Virus, Trojan, Spyware, and Malware Removal Help
4. Privacy Policy
5. Rules ·
*
* Help
Advertise | About Us | Terms of Use | Privacy Policy | Sitemap
| Chat | RSS Feeds | Contact Us Tech Support Forums | Virus
Removal Guides | Downloads | Tutorials | The Computer Glossary |
Uninstall List | Startups | The File Database
© 2004-2022 All Rights Reserved Bleeping Computer LLC .
Site Changelog
Community Forum Software by IP.Board
SIGN IN
* Use Twitter
* Need an account? Register now!
* Username
* Forum Password
I've forgotten my password
* Remember me
This is not recommended for shared computers
* Sign in anonymously
Don't add me to the active users list
* Privacy Policy