Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

update.exe from mozilla probably fake - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

my pc freeze while I playing game so I did some google

got this thing every time I boot up my pc 

https://ibb.co/740dDLn

https://ibb.co/37LmQ31

https://ibb.co/qdsRM2w

I used FRST it's said that I need fixlist.txt ?

thank you in advance for your kindly support 

FRST LOG

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2020
Ran by r_omi (administrator) on DESKTOP-D31LCR7 (Micro-Star International Co., Ltd MS-7C02) (12-04-2020 07:56:43)
Running from D:\Downloads
Loaded Profiles: r_omi (Available Profiles: r_omi)
Platform: Windows 10 Pro Version 1909 18363.752 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Common Files\LaunchpadWeb\update.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Thesycon Software Solutions GmbH & Co. KG) [File not signed] C:\Program Files\FiiO\FiiO_Driver\W10_x64\FiiOCplApp.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Run: [Google Update] => C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2020-04-03] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Run: [firefox] => C:\Program Files (x86)\Common Files\LaunchpadWeb\update.exe [910296 2010-03-31] (Mozilla Corporation -> Mozilla Corporation) <==== ATTENTION
HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Run: [Steam] => D:\Program Files\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FiiO Control Panel Autostart.lnk [2019-12-03]
ShortcutTarget: FiiO Control Panel Autostart.lnk -> C:\Program Files\FiiO\FiiO_Driver\W10_x64\FiiOCplApp.exe (Thesycon Software Solutions GmbH & Co. KG) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {069CF5C0-8104-4D3E-B4DA-2FD21E404F0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13373AB6-C29A-41C8-B3AA-6AB397953203} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {135F4734-8A50-4809-B6CA-F5FC0F282B0B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F6549D4-6E0F-4308-95E0-D26500CC4310} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {626287BC-586E-41A4-8D45-7A328A8A0AD0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71773801-8623-4C23-A98E-BA0DB28E7FF2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80C6365E-DB46-4A1B-8EAA-7DEEE9641358} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97BEEF29-8E6A-4208-BC6E-DF2C9BCC03E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BCD5B38-49F7-49E8-8A77-8353E4F9C4A4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A26BC672-C1DE-422D-8D0E-2DA5C4FCF020} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {A6F70817-3FCB-46D5-8967-B2D524DD0C97} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7F07B37-516D-4567-99BE-AAAD715652EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-173970672-666801694-2624729176-1001UA => C:\Users\r_omi\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-12-03] (Google Inc -> Google LLC)
Task: {B6E67F6F-DE8F-4740-964C-6EE6D86D8516} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA4EED07-06CF-4FD2-8965-A85890BAC4E0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D047C98A-2BA6-46FE-A551-E3E2105B49D9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {E178A057-961C-4FB8-ACDE-93C0664C6D4F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA032502-26F4-4E5C-9FD7-0A701A4C2EB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-173970672-666801694-2624729176-1001Core => C:\Users\r_omi\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-12-03] (Google Inc -> Google LLC)
Task: {EB4407DD-56D0-49D3-AAA6-DE6ED5D7DBC0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 115.178.58.26 115.178.58.10 192.168.1.1
Tcpip\..\Interfaces\{c11f8f76-9e3d-4fd7-bda0-b861e748b28e}: [DhcpNameServer] 115.178.58.26 115.178.58.10 192.168.1.1
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> D:\Program Files\Internet Download Manager\IDMIECC64.dll [2019-10-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-03-09] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> D:\Program Files\Internet Download Manager\IDMIECC.dll [2019-10-19] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
FF DefaultProfile: ru8jgfll.default
FF ProfilePath: C:\Users\r_omi\AppData\Roaming\Mozilla\Firefox\Profiles\ru8jgfll.default [2019-12-03]
FF ProfilePath: C:\Users\r_omi\AppData\Roaming\Mozilla\Firefox\Profiles\wtgd672l.default-release [2020-04-12]
FF Extension: (AdGuard AdBlocker) - C:\Users\r_omi\AppData\Roaming\Mozilla\Firefox\Profiles\wtgd672l.default-release\Extensions\adguardadblocker@adguard.com.xpi [2020-01-27]
FF ProfilePath: C:\Users\r_omi\AppData\Roaming\AMozilla\AFirefox\Profiles\d6zx2kke.default [2020-04-12] <==== ATTENTION
FF HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - D:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - D:\Program Files\Internet Download Manager\idmmzcc3.xpi [2019-09-20] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\r_omi\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\r_omi\AppData\Roaming\IDM\idmmzcc5 [2019-12-04] [Legacy] [not signed]
FF HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - D:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - D:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-09] (Oracle America, Inc. -> Oracle Corporation)
CHR Profile: C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default [2020-04-12]
CHR HomePage: Default -> hxxp://www.google.com/ncr
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-03]
CHR Extension: (Docs) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-03]
CHR Extension: (Google Drive) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-03]
CHR Extension: (AdGuard AdBlocker) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-03-26]
CHR Extension: (YouTube) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-03]
CHR Extension: (uBlock Origin) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-19]
CHR Extension: (Sheets) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-26]
CHR Extension: (Google Docs Offline) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-12-26]
CHR Extension: (UltraWide Video) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngfncacljheahfpahadgipefkbagpdl [2020-04-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-03]
CHR Extension: (Gmail) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\r_omi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - D:\Program Files\Internet Download Manager\IDMGCExt.crx [2019-11-16]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - D:\Program Files\Internet Download Manager\IDMGCExt.crx [2019-11-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-04-04] (BattlEye Innovations e.K. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe [74392 2019-10-24] (Google LLC -> Google Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-03-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [10131080 2020-04-03] (Logitech Inc -> Logitech, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-28] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [46040 2019-10-30] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-04-18] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32520 2019-09-16] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [138064 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV14; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70432 2019-11-22] (Advanced Micro Devices INC. -> Advanced Micro Devices)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
R3 fiio_usbaudio; C:\Windows\System32\drivers\fiio_usbaudio.sys [275104 2017-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 fiio_usbaudioks; C:\Windows\System32\drivers\fiio_usbaudioks.sys [52896 2017-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\47127\driver_cpu_temperature\logi_core_temp.sys [25448 2020-04-03] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2019-12-03] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [20624 2019-12-03] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2019-12-03] (Logitech Inc -> Logitech)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1154336 2019-06-19] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2019-12-04] (ATI Technologies, Inc -> ATI Technologies Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2020-02-17] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-12 07:55 - 2020-04-12 07:56 - 000000000 ____D C:\FRST
2020-04-12 07:45 - 2020-04-12 07:45 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\Process Hacker 2
2020-04-12 07:40 - 2020-04-12 07:40 - 000036192 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2020-04-12 07:29 - 2020-04-12 07:29 - 000007604 _____ C:\Users\r_omi\AppData\Local\Resmon.ResmonCfg
2020-04-12 07:22 - 2020-04-12 07:22 - 000001108 _____ C:\Users\r_omi\Desktop\Resource Monitor.lnk
2020-04-12 06:58 - 2020-04-12 06:58 - 000000080 ___SH C:\bootTel.dat
2020-04-12 05:49 - 2020-04-12 05:49 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 019813376 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 006525424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-12 05:49 - 2020-04-12 05:49 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 001077264 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-04-12 05:49 - 2020-04-12 05:49 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-12 05:49 - 2020-04-12 05:49 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-04-12 05:49 - 2020-04-12 05:49 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-12 05:49 - 2020-04-12 05:49 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-04-12 05:49 - 2020-04-12 05:49 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-04-12 05:49 - 2020-04-12 05:49 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 003977216 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 003586872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 002143232 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000874512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-04-12 05:48 - 2020-04-12 05:48 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-04-12 05:48 - 2020-04-12 05:48 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-04-12 05:48 - 2020-04-12 05:48 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-11 23:41 - 2020-04-11 23:41 - 000000569 _____ C:\Users\Public\Desktop\Play Europa Universalis IV.lnk
2020-04-11 23:41 - 2020-04-11 23:41 - 000000569 _____ C:\ProgramData\Desktop\Play Europa Universalis IV.lnk
2020-04-11 14:14 - 2020-04-12 07:47 - 083886080 _____ C:\Windows\system32\config\SOFTWARE
2020-04-11 14:09 - 2020-04-11 14:14 - 000000000 ____D C:\Windows\Microsoft Antimalware
2020-04-11 07:35 - 2020-04-11 07:35 - 000000000 ____D C:\Users\Public\Documents\Steam
2020-04-11 07:35 - 2020-04-11 07:35 - 000000000 ____D C:\ProgramData\Documents\Steam
2020-04-09 19:35 - 2020-04-09 19:35 - 000000216 _____ C:\Users\r_omi\Desktop\Crusader Kings II.url
2020-04-08 02:29 - 2020-04-08 02:29 - 000000000 ____D C:\Users\r_omi\AppData\Local\Steam
2020-04-08 02:28 - 2020-04-08 02:28 - 000000705 _____ C:\Users\Public\Desktop\Steam.lnk
2020-04-08 02:28 - 2020-04-08 02:28 - 000000705 _____ C:\ProgramData\Desktop\Steam.lnk
2020-04-08 02:28 - 2020-04-08 02:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-07 18:40 - 2020-04-07 18:40 - 000000000 ____D C:\Users\r_omi\Documents\Egosoft
2020-04-07 17:26 - 2020-04-07 17:26 - 000000527 _____ C:\Users\r_omi\Desktop\X4 - Foundations.lnk
2020-04-07 16:52 - 2020-04-07 20:31 - 000011696 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-04-07 04:20 - 2020-04-07 04:20 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\SexGameDevil
2020-04-05 03:01 - 2020-04-06 03:44 - 000002034 _____ C:\Users\r_omi\Desktop\Mount & Blade II Bannerlord Launcher.lnk
2020-04-04 05:01 - 2020-04-04 05:01 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-04-04 05:01 - 2020-04-04 05:01 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-04-04 05:01 - 2020-04-04 05:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-04-04 05:01 - 2020-04-04 05:01 - 000000000 ____D C:\Program Files\LGHUB
2020-04-04 04:25 - 2020-04-04 14:46 - 000001649 _____ C:\Users\r_omi\Desktop\Mount & Blade II Bannerlord.lnk
2020-04-04 04:20 - 2020-04-06 03:46 - 000000000 ____D C:\Users\r_omi\Documents\Mount and Blade II Bannerlord
2020-04-04 04:20 - 2020-04-04 04:20 - 000000000 ____D C:\ProgramData\Mount and Blade II Bannerlord
2020-04-04 00:32 - 2020-04-04 00:32 - 000001012 _____ C:\Users\r_omi\Desktop\µTorrent.lnk
2020-04-04 00:32 - 2020-04-04 00:32 - 000000000 ____D C:\Program Files (x86)\uTorrent
2020-04-04 00:31 - 2020-04-12 05:30 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\uTorrent
2020-04-04 00:31 - 2020-04-04 00:31 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\Output
2020-04-04 00:31 - 2020-04-04 00:31 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\ff2
2020-04-04 00:31 - 2020-04-04 00:31 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\AMozilla
2020-04-04 00:31 - 2020-04-04 00:31 - 000000000 ____D C:\Users\r_omi\AppData\Local\AMozilla
2020-04-04 00:31 - 2020-04-04 00:31 - 000000000 _____ C:\Windows\nsreg.dat
2020-04-04 00:31 - 2018-08-14 02:15 - 000399736 _____ (BitTorrent, Inc.) C:\Users\r_omi\AppData\Roaming\2.2.1.25302_utorrent_2.2.1.25302.exe
2020-03-28 18:52 - 2020-04-02 09:57 - 000116552 _____ C:\Windows\SysWOW64\EXTERNAL_CPS.sys
2020-03-28 16:39 - 2020-03-28 16:39 - 000000709 _____ C:\Users\r_omi\Desktop\Starsector.lnk
2020-03-28 16:39 - 2020-03-28 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starsector
2020-03-24 23:09 - 2020-03-18 16:39 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-24 23:08 - 2020-03-19 06:26 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-03-24 23:08 - 2020-03-19 06:26 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-24 23:08 - 2020-03-19 06:26 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-03-24 23:08 - 2020-03-19 06:26 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 000450464 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-03-24 23:08 - 2020-03-19 06:26 - 000348048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-03-24 23:08 - 2020-03-19 06:25 - 011944864 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-03-24 23:08 - 2020-03-19 06:25 - 010285472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 002073200 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 001565136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 001481144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 001351776 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 001142384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 001022560 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 000817264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 000680048 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 000676240 _____ C:\Windows\system32\nvofapi64.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 000573024 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-03-24 23:08 - 2020-03-19 06:24 - 000546928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-03-24 23:08 - 2020-03-19 06:24 - 000544144 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 017601120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 015157664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 005856864 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 005158512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 001049696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 000849848 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-03-24 23:08 - 2020-03-19 06:23 - 000811632 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 000655472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-03-24 23:08 - 2020-03-19 06:23 - 000445024 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-03-24 23:08 - 2020-03-18 16:39 - 000111058 _____ C:\Windows\system32\nvidia-smi.1.pdf
2020-03-24 23:08 - 2020-03-18 16:39 - 000077314 _____ C:\Windows\system32\nvinfo.pb
2020-03-23 16:41 - 2020-03-23 16:41 - 000000000 ____D C:\Users\r_omi\AppData\Local\Paradox Interactive
2020-03-23 16:33 - 2020-03-23 16:33 - 000000770 _____ C:\Users\r_omi\Desktop\Stellaris.lnk
2020-03-23 16:33 - 2020-03-23 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellaris [GOG.com]
2020-03-14 15:51 - 2020-03-14 15:52 - 000000000 ____D C:\Users\r_omi\Documents\Call of Duty Modern Warfare
2020-03-14 15:48 - 2020-03-14 15:48 - 000000768 _____ C:\Users\r_omi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram.lnk
2020-03-14 15:45 - 2020-03-14 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-03-14 15:10 - 2020-03-14 15:10 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-03-14 15:07 - 2020-04-09 22:01 - 000000000 ____D C:\Users\r_omi\AppData\Local\Battle.net
2020-03-14 15:07 - 2020-03-14 15:10 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\Battle.net
2020-03-14 15:07 - 2020-03-14 15:07 - 000000585 _____ C:\Users\r_omi\Desktop\Battle.net.lnk
2020-03-14 15:07 - 2020-03-14 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-03-14 15:06 - 2020-03-14 15:07 - 000000000 ____D C:\Users\r_omi\AppData\Local\Blizzard Entertainment
2020-03-14 15:06 - 2020-03-14 15:06 - 000000000 ____D C:\ProgramData\Battle.net
2020-03-13 21:31 - 2020-03-13 21:31 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-13 21:31 - 2020-03-13 21:31 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-13 18:44 - 2020-03-13 18:45 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\SmartSteamEmu
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-12 07:53 - 2019-12-03 22:02 - 000841376 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-12 07:53 - 2019-03-19 11:50 - 000000000 ____D C:\Windows\INF
2020-04-12 07:49 - 2019-12-03 22:35 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-12 07:47 - 2019-12-04 13:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-12 07:47 - 2019-12-03 23:00 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\LGHUB
2020-04-12 07:47 - 2019-12-03 23:00 - 000000000 ____D C:\Users\r_omi\AppData\Local\LGHUB
2020-04-12 07:47 - 2019-12-03 22:01 - 000017600 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-04-12 07:47 - 2019-12-03 22:01 - 000017163 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-04-12 07:47 - 2019-03-19 11:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-12 07:47 - 2019-03-19 11:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-04-12 07:46 - 2019-12-04 01:06 - 000003142 _____ C:\Windows\system32\Tasks\MSIAfterburner
2020-04-12 07:46 - 2019-12-03 22:35 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-04-12 07:46 - 2019-12-03 22:01 - 000011370 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-04-12 07:19 - 2019-12-04 13:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-12 07:19 - 2019-12-03 22:02 - 000000000 ____D C:\Users\r_omi
2020-04-12 07:01 - 2019-12-03 23:40 - 000000000 ____D C:\Users\r_omi\AppData\Local\D3DSCache
2020-04-12 06:45 - 2019-12-03 22:13 - 000000000 ____D C:\Users\r_omi\AppData\LocalLow\Mozilla
2020-04-12 06:43 - 2019-12-04 01:03 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-04-12 05:58 - 2019-12-04 13:57 - 000505376 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-12 05:58 - 2019-03-19 13:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\SystemResources
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\Provisioning
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-04-12 05:58 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\bcastdvr
2020-04-12 05:54 - 2019-03-19 11:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-11 23:43 - 2020-02-23 22:32 - 000000000 ____D C:\Users\r_omi\Documents\Paradox Interactive
2020-04-11 23:43 - 2020-02-16 07:23 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\GameSparks
2020-04-11 07:11 - 2019-03-19 11:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-11 07:11 - 2019-03-19 11:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-11 05:23 - 2019-12-03 22:04 - 000011099 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-04-09 20:46 - 2019-12-05 19:05 - 000000000 ____D C:\Users\r_omi\AppData\Local\CrashDumps
2020-04-09 20:23 - 2019-12-04 00:01 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\DMCache
2020-04-09 19:22 - 2020-02-14 21:05 - 000000000 ____D C:\Users\r_omi\AppData\Local\BattlEye
2020-04-09 18:24 - 2019-12-04 13:16 - 000013969 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-04-09 18:21 - 2019-12-03 22:05 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-173970672-666801694-2624729176-1001
2020-04-09 18:21 - 2019-12-03 22:05 - 000000000 ___RD C:\Users\r_omi\OneDrive
2020-04-09 18:21 - 2019-12-03 22:02 - 000002363 _____ C:\Users\r_omi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-08 02:16 - 2019-12-23 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2020-04-08 02:16 - 2019-12-23 15:17 - 000000000 ____D C:\Program Files (x86)\Garena
2020-04-08 02:16 - 2019-12-04 23:35 - 000000000 ____D C:\ProgramData\Garena
2020-04-08 00:59 - 2019-12-03 22:13 - 000002498 _____ C:\Users\r_omi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 18:03 - 2019-12-04 01:04 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-04-07 06:59 - 2020-02-08 14:05 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\Discord
2020-04-07 06:59 - 2019-12-24 03:26 - 000013562 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-04-07 05:27 - 2019-12-25 01:15 - 000000638 _____ C:\Users\r_omi\Documents\ClownfishVoiceChanger.ini
2020-04-07 05:27 - 2019-12-04 21:31 - 000000000 ____D C:\Users\r_omi\AppData\Roaming\audacity
2020-04-05 12:12 - 2019-12-23 03:50 - 000013441 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-04-04 11:53 - 2019-12-21 06:08 - 000011769 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-04-03 14:23 - 2019-12-17 18:03 - 000012880 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-04-02 16:48 - 2019-12-03 23:14 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-03-28 16:40 - 2019-12-03 22:35 - 000000000 ____D C:\Users\r_omi\AppData\Local\NVIDIA
2020-03-28 15:51 - 2019-12-04 23:35 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-03-28 15:34 - 2019-12-04 01:03 - 000002059 _____ C:\Users\r_omi\Desktop\MSI Afterburner.lnk
2020-03-28 15:29 - 2019-12-03 23:40 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-28 15:29 - 2019-12-03 23:39 - 000000000 ____D C:\Program Files\Rockstar Games
2020-03-27 04:54 - 2020-02-21 18:57 - 000000672 _____ C:\Users\r_omi\Documents\Note2.txt
2020-03-27 04:35 - 2019-12-25 20:53 - 000000099 _____ C:\Users\r_omi\Documents\Note.txt
2020-03-25 11:31 - 2019-12-04 13:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-03-22 20:40 - 2019-12-20 02:28 - 000011099 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-03-21 02:53 - 2019-12-03 22:12 - 000003676 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-173970672-666801694-2624729176-1001UA
2020-03-21 02:53 - 2019-12-03 22:12 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-173970672-666801694-2624729176-1001Core
2020-03-19 22:25 - 2020-02-27 18:08 - 000001184 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2020-03-19 09:22 - 2019-12-03 22:31 - 004927048 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-03-19 09:22 - 2019-12-03 22:31 - 004196160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-03-18 16:39 - 2019-12-03 22:01 - 000222112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2020-04-04 00:31 - 2018-08-14 02:15 - 000399736 _____ (BitTorrent, Inc.) C:\Users\r_omi\AppData\Roaming\2.2.1.25302_utorrent_2.2.1.25302.exe
2020-02-22 16:17 - 2020-02-22 16:17 - 000000103 _____ () C:\Users\r_omi\AppData\Roaming\_encryptiondb.grf
2020-01-17 21:28 - 2020-01-17 21:54 - 000001456 _____ () C:\Users\r_omi\AppData\Local\Adobe Save for Web 13.0 Prefs
2020-04-12 07:29 - 2020-04-12 07:29 - 000007604 _____ () C:\Users\r_omi\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition LOG
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2020
Ran by r_omi (12-04-2020 07:57:53)
Running from D:\Downloads
Windows 10 Pro Version 1909 18363.752 (X64) (2019-12-03 14:57:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-173970672-666801694-2624729176-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-173970672-666801694-2624729176-503 - Limited - Disabled)
Guest (S-1-5-21-173970672-666801694-2624729176-501 - Limited - Disabled)
r_omi (S-1-5-21-173970672-666801694-2624729176-1001 - Administrator - Enabled) => C:\Users\r_omi
WDAGUtilityAccount (S-1-5-21-173970672-666801694-2624729176-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
2.1.2.3 (HKLM-x32\...\Setup_is1) (Version:  - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.0.1424 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{81322601-C53F-4D9B-A432-F773DFFE9E43}) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.)
Battle Brothers - Beasts & Exploration (HKLM-x32\...\1262476412_is1) (Version: 1.3.0.25 - GOG.com)
Battle Brothers - Support the Developers & Kraken Banner (HKLM-x32\...\1478596696_is1) (Version: 1.3.0.25 - GOG.com)
Battle Brothers - Support the Developers & Nordic Banner (HKLM-x32\...\1439127300_is1) (Version: 1.3.0.25 - GOG.com)
Battle Brothers - Supporter Edition Upgrade (HKLM-x32\...\1353924604_is1) (Version: 1.3.0.25 - GOG.com)
Battle Brothers - Warriors of the North (HKLM-x32\...\2092450271_is1) (Version: 1.3.0.25 - GOG.com)
Battle Brothers (HKLM-x32\...\1590012242_is1) (Version: 1.3.0.25 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Chrome Remote Desktop Host (HKLM-x32\...\{738276A2-92E7-4313-9E4D-D090F7DA98EC}) (Version: 79.0.3945.10 - Google Inc.)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
Discord (HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Europa Universalis IV Golden Century (HKLM-x32\...\Europa Universalis IV Golden Century_is1) (Version: 0.0.0 - DODI-Repacks)
FiiO Portable High-Res Music Player series v4.13.0 (HKLM-x32\...\Software_FiiO_fiio_usbaudio_Setup) (Version: 4.13.0 - FiiO)
FM Genie Scout 19g FREE version 1.2.1 19.3.6 (HKLM\...\FM Genie Scout 19g FREE_is1) (Version: 1.2.1 19.3.6 - )
Football Manager 2019 (HKLM-x32\...\Football Manager 2019_is1) (Version:  - )
Forza Horizon 4 (HKLM-x32\...\Forza Horizon 4_is1) (Version:  - )
Google Chrome (HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
IDM Crack 6.35 build 11 (HKLM-x32\...\IDM Crack 6.35 build 11) (Version: 6.35 build 11 - Crackingpatching.com Team)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.4.0.3 (HKLM\...\{5DE38E8F-2A6F-44E7-9D24-0C6D056597D6}) (Version: 6.4.0.3 - The Document Foundation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft OneDrive (HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 73.0.1 (x64 en-US)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Paradox Launcher v2 (HKLM\...\{BA8E5744-1CA9-41D1-98D4-09029A919D3B}) (Version: 2.0.2.0 - Paradox Interactive)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Rags Suite (HKLM-x32\...\{7C60776C-C6EA-4C59-926B-BA76703D2608}) (Version: 2.4.16 - RagsGame)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1232.40 - Rockstar Games)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for r_omi (HKU\S-1-5-21-173970672-666801694-2624729176-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
SHOUTcast Source DSP Plug-in v2 (HKLM-x32\...\SHOUTcast Source DSP) (Version: 2.3.5.222 - Radionomy SA)
Starsector by Fractal Softworks LLC (HKLM-x32\...\Starsector) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellaris (HKLM-x32\...\1508702879_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Ancient Relics (HKLM-x32\...\2106739867_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Anniversary Portraits (HKLM-x32\...\1619776270_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Apocalypse (HKLM-x32\...\1988097366_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Arachnoid Portrait Pack (HKLM-x32\...\1897107160_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Distant Stars Story Pack (HKLM-x32\...\1209094315_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Federations (HKLM-x32\...\1790030450_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Horizon Signal (HKLM-x32\...\1490429179_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Humanoids Species Pack (HKLM-x32\...\2062279897_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Leviathans Story Pack (HKLM-x32\...\1122806862_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Lithoids Species Pack (HKLM-x32\...\1420212493_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Megacorp (HKLM-x32\...\1316465607_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Plantoids Species Pack (HKLM-x32\...\1999794856_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Synthetic Dawn Story Pack (HKLM-x32\...\1292954230_is1) (Version: 2.6.1.1 - GOG.com)
Stellaris: Utopia (HKLM-x32\...\1978231244_is1) (Version: 2.6.1.1 - GOG.com)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)
WinRAR 5.80 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.4 - win.rar GmbH)
X4: Foundations (HKLM-x32\...\X4: Foundations_is1) (Version:  - )
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.34.6.0_x86__kgqvnymyfvs32 [2020-04-10] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.34.8.0_x86__kgqvnymyfvs32 [2020-03-18] (king.com)
Forza Horizon 4 -> D:\Games\Forza Horizon 4\FH4 [2020-01-09] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Games\Forza Horizon 4\FH4_FortuneIsland [2020-01-09] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Games\Forza Horizon 4\FH4_Lego [2020-01-09] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-03] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-08] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\r_omi\AppData\Local\Google\Chrome\Application\80.0.3987.163\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-173970672-666801694-2624729176-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\r_omi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => D:\Program Files\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files\Notepad++\NppShell_06.dll [2019-10-28] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-11-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-11-17] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\r_omi\Desktop\Chrome Remote Desktop.lnk -> C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\r_omi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\r_omi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Users\r_omi\AppData\Local\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) =============
2019-10-26 18:04 - 2019-10-26 18:04 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-10-26 18:03 - 2019-10-26 18:03 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-10-26 18:04 - 2019-10-26 18:04 - 000650240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-10-26 18:03 - 2019-10-26 18:03 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-10-26 18:03 - 2019-10-26 18:03 - 000369664 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-12-03 22:55 - 2019-02-21 23:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-12-23 21:16 - 2019-12-23 21:16 - 001655296 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80U.DLL
2019-12-23 21:16 - 2019-12-23 21:16 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_bc1d1e5b0be08790\MFC80ENU.DLL
2020-04-04 00:31 - 2010-03-31 04:56 - 000249856 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Common Files\LaunchpadWeb\freebl3.dll
2020-04-04 00:31 - 2010-03-31 04:56 - 000098304 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Common Files\LaunchpadWeb\nssdbm3.dll
2020-04-04 00:31 - 2010-03-31 04:56 - 000155648 _____ (Mozilla Foundation) [File not signed] C:\Program Files (x86)\Common Files\LaunchpadWeb\softokn3.dll
2019-12-03 22:24 - 2017-07-19 16:02 - 000236032 _____ (Thesycon Software Solutions GmbH & Co. KG) [File not signed] C:\Program Files\FiiO\FiiO_Driver\W10_x64\fiio_usbaudioapi.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\r_omi\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\r_omi\Application Data:ec1be289b1dc3f0834b6b7f0a7240eb6 [362]
AlternateDataStreams: C:\Users\r_omi\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\r_omi\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\r_omi\AppData\Roaming:ec1be289b1dc3f0834b6b7f0a7240eb6 [362]
AlternateDataStreams: C:\Users\r_omi\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 11:49 - 2020-03-19 22:25 - 000001256 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-173970672-666801694-2624729176-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 115.178.58.26 - 115.178.58.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{182CE55F-019F-4262-907C-E0C1C7771434}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A30C73E6-83D5-4D0F-A61D-395D4395AB54}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{021A2972-9A25-4ED9-9D35-E22CEFC3E81B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DC1F45C-180F-42F5-A7FC-5E18C1DAE51A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B5E0D20-1115-479C-96C4-8154A9282247}] => (Allow) D:\Steam\Steam.exe No File
FirewallRules: [{C24CBF5A-F321-441C-923E-2B6F3127A0FA}] => (Allow) D:\Steam\Steam.exe No File
FirewallRules: [{5B6523EE-C208-4DA5-B7D4-A9747EE251AC}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C8098259-EC88-409D-B955-49EE58BA0261}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{106C1A7C-A60F-4458-811C-B68F396B0C60}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{1B89567F-A6A8-4C55-815C-F5A1BB5643DE}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{0EED8287-82A1-4E4D-8BC0-C712CC35DD4E}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe No File
FirewallRules: [{6CEAAD03-63FD-4641-B498-52EEF6DD3001}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe No File
FirewallRules: [TCP Query User{ED2DC4C3-0C3F-424E-951B-39B2685EC8F3}E:\tixati_portable\tixati_windows64bit.exe] => (Allow) E:\tixati_portable\tixati_windows64bit.exe No File
FirewallRules: [UDP Query User{77A18752-F0EA-4DB8-8228-499320E9D16C}E:\tixati_portable\tixati_windows64bit.exe] => (Allow) E:\tixati_portable\tixati_windows64bit.exe No File
FirewallRules: [{BC9E5DAD-5BA0-4CE8-8020-71A62B8D9BF6}] => (Allow) D:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3712BE5E-EA84-491E-8E7C-9B0385202E23}] => (Allow) D:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A825E6D0-B13C-4387-832D-3A84F21686EE}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{670771C6-DDA4-4F1B-B793-B4041F0AAC2A}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{802B797F-A7C2-49C1-B7D9-D98335060497}D:\program files\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\program files\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [UDP Query User{E02A665A-0EC6-4053-B5A2-9E41D46A4438}D:\program files\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\program files\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [TCP Query User{69012A07-3D0F-4128-AC5C-37029F5A64DA}D:\games\star wars jedi - fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\games\star wars jedi - fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe No File
FirewallRules: [UDP Query User{D35DC9E9-3362-4DDA-8A76-C9D79D9B97BA}D:\games\star wars jedi - fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\games\star wars jedi - fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe No File
FirewallRules: [TCP Query User{09E0B52A-76AE-4BD7-AA8E-420BBD02D541}C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{5892BD5E-412C-4194-B75F-EC2AF3CDB647}C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A9DA2324-FCEA-434D-AF4D-42912FBF8C76}D:\program files\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Block) D:\program files\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe No File
FirewallRules: [UDP Query User{AEBF6442-5A28-47C9-BF8F-3BB8D4B95851}D:\program files\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Block) D:\program files\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe No File
FirewallRules: [{745FB8A5-CD28-4694-8C38-D514FBD0E462}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{1651B606-8B81-4E61-89F0-0ED724019ABD}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [TCP Query User{8D8916FF-444D-4604-8383-427E17F8A9CF}D:\games\transport fever 2\transportfever2.exe] => (Block) D:\games\transport fever 2\transportfever2.exe No File
FirewallRules: [UDP Query User{261B334E-2FDB-4D1C-9A2D-D0CC12E1CE54}D:\games\transport fever 2\transportfever2.exe] => (Block) D:\games\transport fever 2\transportfever2.exe No File
FirewallRules: [{41D563CE-5986-4253-B2A6-CB57DC284812}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8BD648CC-D6AD-4177-B1DD-D5DBF4C30D09}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F18FBC2F-5EC9-4F2A-8CEA-44DCE2059AEA}D:\downloads\pandownload\pandata\aria2c.exe] => (Block) D:\downloads\pandownload\pandata\aria2c.exe No File
FirewallRules: [UDP Query User{62DDA1BA-44FC-47AF-B41A-D653D0A7CC77}D:\downloads\pandownload\pandata\aria2c.exe] => (Block) D:\downloads\pandownload\pandata\aria2c.exe No File
FirewallRules: [{3C6DD3FA-ED38-4794-A51D-B2B98399B97A}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe No File
FirewallRules: [TCP Query User{F23D2FB5-747D-4AE8-9004-4A8DD0EC7CA1}D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Block) D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [UDP Query User{CFFA7444-1D27-4D55-8EE6-12FA8F30B259}D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Block) D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [TCP Query User{86040B6C-9658-4674-8D48-C11DD72E1C28}D:\program files\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\program files\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [UDP Query User{F57CEC53-EA5A-4EEA-A27F-AED8DE439BA6}D:\program files\steam\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\program files\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [TCP Query User{AFABE174-4032-47B5-9C4A-04E45FD21DBE}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{DCC6B781-22CD-4DE9-874F-DE2F63DEEDEA}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{B8282D30-5E87-4D00-8B7E-00409070F047}C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{45BD5BA0-35CC-46A7-9471-246313F472E4}C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\r_omi\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3B2F4B9A-1B19-426E-BD9D-E819E323FF93}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{DDB0B5CA-DA6B-4BC2-9E66-204EB88E40B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19415305-8053-47C6-B61B-4A09FBF7B0A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AEF4A5-6BA3-4EC5-B1BC-174EBEFD46D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6EFC342E-CCF4-4CBE-8A7D-B73C26B09174}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49EDD16-0316-4D3C-916A-3075DE25ADB9}] => (Block) D:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File
FirewallRules: [{43073E82-89F4-4DB1-BAB6-F1D202DBD934}] => (Block) D:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File
FirewallRules: [TCP Query User{28982854-2126-4462-8DCF-2FBBD837A024}D:\program files\shoutcast\sc_serv.exe] => (Allow) D:\program files\shoutcast\sc_serv.exe No File
FirewallRules: [UDP Query User{147E9954-8F74-4142-A59C-5531B3DC7738}D:\program files\shoutcast\sc_serv.exe] => (Allow) D:\program files\shoutcast\sc_serv.exe No File
FirewallRules: [{BE1D5FCC-B078-471F-872D-619E25836CDC}] => (Allow) D:\Program Files\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{6C380A3A-ECEC-4B7E-869D-EAC4937CC4A5}] => (Allow) D:\Program Files\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D41B1F86-7B52-4227-B213-64B65A0B562F}] => (Block) D:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File
FirewallRules: [{7038D917-7B99-4643-986D-E65FB9A78110}] => (Block) D:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe No File
FirewallRules: [TCP Query User{22DB1287-4DFA-43EC-BFB6-03E1F21789FB}D:\games\paranoia - happiness is mandatory\paranoia.exe] => (Block) D:\games\paranoia - happiness is mandatory\paranoia.exe No File
FirewallRules: [UDP Query User{CD69CB50-1F32-42D9-B764-D6002A8C9477}D:\games\paranoia - happiness is mandatory\paranoia.exe] => (Block) D:\games\paranoia - happiness is mandatory\paranoia.exe No File
FirewallRules: [TCP Query User{6EE9436F-7FDF-4651-879C-B61D1BDE7B9C}D:\games\football manager 2019\fm.exe] => (Block) D:\games\football manager 2019\fm.exe No File
FirewallRules: [UDP Query User{8BC6CB48-8379-43FA-B136-5E07BC19666F}D:\games\football manager 2019\fm.exe] => (Block) D:\games\football manager 2019\fm.exe No File
FirewallRules: [TCP Query User{19BC9B37-9625-4A39-8F3A-21FE4C9FFE19}C:\games\football manager 2019\fm.exe] => (Block) C:\games\football manager 2019\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [UDP Query User{6490B542-4680-4105-B835-08AF10644B39}C:\games\football manager 2019\fm.exe] => (Block) C:\games\football manager 2019\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [TCP Query User{1DB1A8F5-DD40-4F04-BA46-0CAF70B0D5A9}D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Block) D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [UDP Query User{DB8FC6F9-05D9-4ED7-ABC8-6ABCE8FEF316}D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Block) D:\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File
FirewallRules: [TCP Query User{228E0304-A58B-4C71-A8FB-9BBD5BE52D69}D:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) D:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [UDP Query User{34B86083-7C48-48C5-B50C-ED9D0AE94D0A}D:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) D:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [TCP Query User{0E780369-27D2-4BDB-BC34-83F3D0CAE4D6}D:\games\wolcen lords of mayhem\win_x64\wolcen.exe] => (Block) D:\games\wolcen lords of mayhem\win_x64\wolcen.exe No File
FirewallRules: [UDP Query User{809A1ABE-55A8-441F-875F-66CD3FAAB414}D:\games\wolcen lords of mayhem\win_x64\wolcen.exe] => (Block) D:\games\wolcen lords of mayhem\win_x64\wolcen.exe No File
FirewallRules: [TCP Query User{2B14AB9D-0947-4DD7-9C0B-1C0B7C41A742}D:\games\hearts of iron iv\hoi4.exe] => (Block) D:\games\hearts of iron iv\hoi4.exe No File
FirewallRules: [UDP Query User{092D6AD8-36C2-435F-8396-A730864CC86A}D:\games\hearts of iron iv\hoi4.exe] => (Block) D:\games\hearts of iron iv\hoi4.exe No File
FirewallRules: [TCP Query User{DD6A1276-8C5B-4784-A51C-16B244AA6AF5}D:\program files\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\program files\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{589E3C2B-8788-4B2E-A8F5-DD566B2AD6F1}D:\program files\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\program files\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{E0BBA607-5C59-4FA7-8BFC-280F1B49139F}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe No File
FirewallRules: [UDP Query User{C9FB2236-F752-4DBB-A15D-535236124456}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe No File
FirewallRules: [TCP Query User{D86A3E2B-8881-4CB6-94D9-BA4259473A04}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{F2086C34-917B-4F7F-A9CB-50EED634A08B}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{70A01E57-8DF8-436F-98C4-122E4EEB06BC}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{D48D8C20-C1FB-484A-882F-A252B86B2344}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [TCP Query User{C736D872-A873-4829-AE27-26AABBC33C35}D:\games\call of duty - wwii\s2_sp64_ship.exe] => (Block) D:\games\call of duty - wwii\s2_sp64_ship.exe No File
FirewallRules: [UDP Query User{FE153A75-EA20-43D0-A4F4-565E9BE4D266}D:\games\call of duty - wwii\s2_sp64_ship.exe] => (Block) D:\games\call of duty - wwii\s2_sp64_ship.exe No File
FirewallRules: [TCP Query User{893AB09B-3AB4-4591-933F-42B03D4A8EBE}D:\games\call of duty - wwii\s2_mp64_ship.exe] => (Block) D:\games\call of duty - wwii\s2_mp64_ship.exe No File
FirewallRules: [UDP Query User{C278DA62-943D-4F45-8FA8-BC334072ABCE}D:\games\call of duty - wwii\s2_mp64_ship.exe] => (Block) D:\games\call of duty - wwii\s2_mp64_ship.exe No File
FirewallRules: [TCP Query User{A9FDA9A5-54DD-4180-AAA1-9073F73651A5}D:\games\call of duty modern warfare\modernwarfare.exe] => (Block) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E71D58FE-3DBA-44A6-A03C-0930E3C9C106}D:\games\call of duty modern warfare\modernwarfare.exe] => (Block) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{E84DE7D9-EC52-4A58-93A4-BBB2E782F373}D:\program files\battle.net\battle.net.exe] => (Block) D:\program files\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{ED5215C4-C3A2-4C16-A286-8267BF5D6075}D:\program files\battle.net\battle.net.exe] => (Block) D:\program files\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{4E4A6559-C160-49C4-91F6-DCE9C0282971}D:\games\stellaris\stellaris.exe] => (Block) D:\games\stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [UDP Query User{F04E932A-5831-4314-B165-C863244A9F5A}D:\games\stellaris\stellaris.exe] => (Block) D:\games\stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [TCP Query User{2AABC613-EE66-4D07-B1FA-EBBCFF53C7AD}D:\games\sdgundam\gonline.exe] => (Block) D:\games\sdgundam\gonline.exe () [File not signed]
FirewallRules: [UDP Query User{AE9E55B0-F5C1-4D6A-8BB5-337C02E6333F}D:\games\sdgundam\gonline.exe] => (Block) D:\games\sdgundam\gonline.exe () [File not signed]
FirewallRules: [TCP Query User{CF08189C-E0FC-403C-B98F-C91BB000B308}D:\downloads\tixati_portable\tixati_windows64bit.exe] => (Block) D:\downloads\tixati_portable\tixati_windows64bit.exe No File
FirewallRules: [UDP Query User{678FD92E-3895-4029-A464-79023DA29B03}D:\downloads\tixati_portable\tixati_windows64bit.exe] => (Block) D:\downloads\tixati_portable\tixati_windows64bit.exe No File
FirewallRules: [{3C7B17AA-97DB-4DFC-B2CD-D8006AAE71F7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{0C5277CA-EDD6-4C6C-A4D0-182C6D19A418}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{5DC566CA-A803-4D19-B1B5-0E4F53E39BAA}D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\bannerlord.exe] => (Block) D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\bannerlord.exe (TaleWorlds Entertainment -> ) [File not signed]
FirewallRules: [UDP Query User{EFD2F151-C25B-4597-BAA6-7BDEA6128CC0}D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\bannerlord.exe] => (Block) D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\bannerlord.exe (TaleWorlds Entertainment -> ) [File not signed]
FirewallRules: [TCP Query User{92EFE422-B9DB-4F3E-97BC-075D1D106460}D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Block) D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [UDP Query User{CEDF382F-607C-4716-A039-BA6B046812AF}D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Block) D:\games\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{0B0FAC5E-C836-4404-ADE6-17B95DC4FA74}] => (Allow) D:\Program Files\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{80D5F115-BFAF-4DB0-A29F-3D084F1D21E9}] => (Allow) D:\Program Files\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
==================== Restore Points =========================
12-04-2020 05:43:03 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/10/2020 02:02:27 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 29040 and the required size was 31936.
Error: (04/09/2020 08:46:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x5e3c1a6b
Faulting module name: ntdll.dll, version: 10.0.18362.719, time stamp: 0x64d10ee0
Exception code: 0xc0000374
Fault offset: 0x00000000000f92a9
Faulting process id: 0x35c4
Faulting application start time: 0x01d60e74788bfa9b
Faulting application path: D:\Program Files\Steam\steamapps\common\Crusader Kings II\CK2game.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: f51f4398-7446-47dd-add1-b8bbed37f912
Faulting package full name: 
Faulting package-relative application ID:
Error: (04/09/2020 06:24:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
Error: (04/09/2020 06:24:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
Error: (04/09/2020 12:24:48 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 27992 and the required size was 30648.
Error: (04/08/2020 09:06:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TaleWorlds.MountAndBlade.Launcher.exe, version: 1.0.0.0, time stamp: 0x5e8cab3d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3
Exception code: 0xe0434352
Fault offset: 0x000000000003a859
Faulting process id: 0x1748
Faulting application start time: 0x01d60daeb3bfab3a
Faulting application path: D:\Games\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 4d5f4570-79de-4acb-a9d8-606e81aaaae9
Faulting package full name: 
Faulting package-relative application ID:
Error: (04/08/2020 09:05:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TaleWorlds.MountAndBlade.Launcher.exe, version: 1.0.0.0, time stamp: 0x5e8cab3d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3
Exception code: 0xe0434352
Fault offset: 0x000000000003a859
Faulting process id: 0x2a58
Faulting application start time: 0x01d60dae766d4fc3
Faulting application path: D:\Games\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 19e55e0e-0e3a-4e6b-8bb6-13479fd9541a
Faulting package full name: 
Faulting package-relative application ID:
Error: (04/08/2020 09:03:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TaleWorlds.MountAndBlade.Launcher.exe, version: 1.0.0.0, time stamp: 0x5e8cab3d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3
Exception code: 0xe0434352
Fault offset: 0x000000000003a859
Faulting process id: 0x1824
Faulting application start time: 0x01d60dadc5550f52
Faulting application path: D:\Games\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 2feadc5a-5c17-49af-a7d7-16090330d5b7
Faulting package full name: 
Faulting package-relative application ID:
System errors:
=============
Error: (04/12/2020 07:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Antivirus Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.
Error: (04/12/2020 07:19:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:59:15 AM on ‎4/‎12/‎2020 was unexpected.
Error: (04/12/2020 06:43:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:35:19 AM on ‎4/‎12/‎2020 was unexpected.
Error: (04/12/2020 06:35:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:58:49 AM on ‎4/‎12/‎2020 was unexpected.
Error: (04/12/2020 05:57:25 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Update Orchestrator Service service did not shut down properly after receiving a preshutdown control.
Error: (04/12/2020 05:32:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:55:45 AM on ‎4/‎12/‎2020 was unexpected.
Error: (04/11/2020 09:19:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The LGHUB Updater Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (04/11/2020 08:00:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:42:19 PM on ‎4/‎11/‎2020 was unexpected.
Windows Defender:
===================================
Date: 2020-04-12 07:55:15.397
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\FRST.exe; webfile:_D:\Downloads\FRST.exe|about:internet|pid:10520,ProcessStart:132311260636866298
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Security intelligence Version: AV: 1.313.1321.0, AS: 1.313.1321.0, NIS: 1.313.1321.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-12 07:54:35.808
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\FRST.exe; webfile:_D:\Downloads\FRST.exe|about:internet|pid:10520,ProcessStart:132311260636866298
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.313.1321.0, AS: 1.313.1321.0, NIS: 1.313.1321.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-12 07:54:35.517
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\FRST.exe; webfile:_D:\Downloads\FRST.exe|about:internet|pid:10520,ProcessStart:132311260636866298
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: D:\Downloads\FRST.exe
Security intelligence Version: AV: 1.313.1321.0, AS: 1.313.1321.0, NIS: 1.313.1321.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-12 07:54:34.833
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\FRST.exe; webfile:_D:\Downloads\FRST.exe|about:internet|pid:10520,ProcessStart:132311260636866298
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.313.1321.0, AS: 1.313.1321.0, NIS: 1.313.1321.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-12 07:54:34.475
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Medium
Category: Potentially Unwanted Software
Path: file:_D:\Downloads\FRST.exe; webfile:_D:\Downloads\FRST.exe|about:internet|pid:10520,ProcessStart:132311260636866298
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.313.1321.0, AS: 1.313.1321.0, NIS: 1.313.1321.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
==================== Memory info =========================== 
BIOS: American Megatrends Inc. 3.50 11/07/2019
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processor: AMD Ryzen 5 3600 6-Core Processor 
Percentage of memory in use: 27%
Total physical RAM: 16334.44 MB
Available physical RAM: 11863.13 MB
Total Virtual: 19022.44 MB
Available Virtual: 13526.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.57 GB) (Free:39.79 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:931.51 GB) (Free:638.82 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:128.76 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8522A168)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6D9C3561)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 041837E3)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================

Attached Files

Edited by rom1u2, Yesterday, 09:25 PM.



https://ift.tt/2y4dRAf

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US