tap provider v9 for private tunnel – Virus, Trojan, Spyware, and Malware Removal Help
Posted 23 May 2022 – 10:53 PM
Recently I got a pop up window that asked if i wanted to install tap provider. Instinctly I declined to install. After declining, it asked me several other times. After a few declines it stopped asking. Then the next day i ended up starting up my PC again and it asked again if i wanted to install. I’m not sure if its really a virus but i wanted to rule this out and maybe someone can help me remove this? Below i pasted what is required. Let me know if you need anything else from me.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by tonyprime (administrator) on TONYPRIME (23-05-2022 21:45:43)
Running from C:\Users\tonyprime\Downloads
Loaded Profiles: tonyprime
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\installshield installation information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(A-Volute SAS -> A-Volute) C:\Users\tonyprime\AppData\Local\NhNotifSys\sonicstudio\asusns.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7779\Agent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\148.4.4519\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe ->) (NETGEAR TAIWAN CO., LTD -> NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
(C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Curtains\Curtains64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\sonar\SteelSeriesSonar.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(explorer.exe ->) (File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.10.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe <6>
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.65.8001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.65.8001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Plex, Inc. -> Plex, Inc.) D:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot – Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot – Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Software by KeloCube -> ) C:\Program Files\SuperDisplay\MirrorService.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe
(services.exe ->) (StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
(svchost.exe ->) () [File not signed] C:\Users\tonyprime\Downloads\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitor.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <5>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe <2>
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe <2>
(svchost.exe ->) (gputemp.com) [File not signed] C:\Program Files (x86)\GPU Temp\GPUTemp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\…\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [245176 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\…\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\…\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\…\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12690768 2022-03-28] (SteelSeries ApS -> SteelSeries ApS)
HKLM-x32\…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710776 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\…\Run: [SDTray] => C:\Program Files (x86)\Spybot – Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\…\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\…\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\…\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\…\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-05-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-05-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1088456 2022-05-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [Discord] => C:\Users\tonyprime\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2707104 2022-01-30] (Skutta, Kristjan -> )
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [Plex Media Server] => D:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24234664 2022-02-18] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [18012288 2020-10-28] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\MountPoints2: E – “E:\setup.exe”
HKLM\…\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-05-03] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00960BC0-420A-4CFD-940F-F7DD62D67F8A} – System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8377848 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {009A9582-79F0-47AB-B8BB-9F7DDD9EA66B} – System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe /apply /silent /atlogon (No File)
Task: {0371132A-6016-49BF-A6D6-8B5CE59694AC} – System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4957624 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0563A4CD-5C40-40A4-B43B-E824D96A6F72} – System32\Tasks\Core Temp Autostart tonyprime => C:\Program Files\Core Temp\Core Temp.exe (No File)
Task: {0DF26A29-C3AF-4A21-8216-4009B532A54A} – System32\Tasks\Safer-Networking\Spybot – Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot – Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {1301E2B5-F8B2-4F39-BB59-A5010D0AF55B} – System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {14C2D974-50CC-4605-9710-27DA1AB527EC} – System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D445687-BA39-46DB-8762-A040B9A11371} – System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D860390-9A96-450B-8A05-ACE090DB49DF} – System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe (No File)
Task: {2129CA1D-C60D-4B1B-BFD1-E49CD2516D65} – System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe [1032192 2011-10-01] (gputemp.com) [File not signed]
Task: {230D03F2-16E9-4CAD-8A5E-743BF6EE209D} – System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {234FC284-6CED-4DA7-85E0-621C66898674} – System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C759F67-97BC-43BB-A61F-5FDFC3D7E3BD} – System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2022-04-08] (Stanislav Zinukhov -> www.startisback.com)
Task: {2E7AD9CC-9C78-4DDA-B9AB-2DC98F8E27C8} – System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-10-24] (Google Inc -> Google LLC)
Task: {2F94A0A8-BD27-4A99-A8CE-960E48096F42} – System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe -open (No File)
Task: {3A10CF91-8179-4238-8ED6-878227899234} – System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (No File)
Task: {3BFBFDEA-35C0-4E8F-8EAF-CE40D83E183E} – System32\Tasks\Safer-Networking\Spybot – Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot – Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {3C32FB49-8AE7-4DDA-B56C-2AFCBD0161AA} – System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit.exe (No File)
Task: {3D535AA6-2D6C-4D2C-BB43-9D10F3BC56C0} – System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe (No File)
Task: {4464A1A3-8753-42D7-AD9F-58EC9C192143} – System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8377848 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4903C858-78CB-40EC-AC08-63AE43CDCB0C} – System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {494B9053-7368-4847-9459-465C3AD86D4D} – System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {4B9D30CA-F5F9-4349-8AD2-F7498502B241} – System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4C836DB0-F9FB-4FDD-8B81-5A8E8098199D} – System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [833688 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {5952CE05-EE48-48F3-923A-381C8C2C469A} – System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B6A064C-1F6B-47B2-B619-EE2953614462} – System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Spybot Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe /apply /silent /atlogon (No File)
Task: {5FDD400F-DB93-4B70-8CA4-6C1EE9C95167} – System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2015-08-10] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
Task: {6EC09FE2-9633-4CCD-9F0E-72990CEE19A5} – System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe (No File)
Task: {73AD225E-3447-4484-AC0C-3914BFBA75C8} – System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {753CA829-1249-4D0F-811C-7CC20881ACE1} – System32\Tasks\PCIeBusQueue => “wevtutil.exe” cl System
Task: {76428F81-0910-4099-87FD-DBA83D7D1185} – System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV24:{} /WakeupRun (No File)
Task: {78A8DC0F-3943-4285-A9E5-E83969F250B4} – System32\Tasks\CCleanerSkipUAC – tonyprime => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {793319D2-7C41-47D9-9A68-8E218FE90124} – System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1094808 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {7DB3FCAF-FC42-4176-9208-99E712ED1864} – System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2248120 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {839F43E8-8182-40EC-A543-D9EE7EAF2E66} – System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-02-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {85502047-04A3-48CE-9A4A-5DF94DCAF824} – System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {85A2EB11-3C09-4065-9B5A-3A77C00C0259} – System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {871CA35D-A406-46B4-849C-C9819459333E} – System32\Tasks\PCIeBus => “wevtutil.exe” cl Application
Task: {8915ED39-A20F-496B-A749-81F345C036FF} – System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44443608 2021-12-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {900CA631-453B-4CB9-B1B9-01A19CE18186} – System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {91B342CE-E0A2-4F20-A483-4B3B7AE227C4} – System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV24:{} /CalendarRun (No File)
Task: {9549517F-A83E-4C4B-B647-EAF6737AB053} – System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {956E2029-C1B9-4D99-BA7A-85B7269E2D7A} – System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {964C7015-3986-4A17-847E-F8C470FA3F69} – System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe -delay (No File)
Task: {99FCEF7B-26D9-4334-AF7F-2B9738070F3D} – System32\Tasks\ContentManagement => C:\Users\tonyprime\AppData\Roaming\Unarchiver\Unarchiver.exe (No File) <==== ATTENTION
Task: {9B7FC42B-2704-4F4F-90C6-FD31C179F41A} – System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9C83CB34-9449-4FDE-AD88-B40BBE67D43B} – System32\Tasks\Uninstaller_SkipUac_tonyprime => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-09-22] (IObit Information Technology -> IObit)
Task: {9C9E4915-60B7-4CAF-B73C-07AD853CE908} – System32\Tasks\MSI Task Host – LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [1951568 2021-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.)
Task: {9CF496F1-85B2-46F2-93EC-1EA6FC26851C} – System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [833688 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {A435C586-1759-46A9-B3CC-438935513CFC} – System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A77AC35F-2BBD-4E6E-968C-9B783383EF69} – System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {A9CE211A-6E4C-4DBB-8146-3E74DDE182DE} – System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-04-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AACD2FB6-215E-4F26-A0BB-389572ECD0C5} – System32\Tasks\Safer-Networking\Spybot – Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {ADEF93CB-5B53-4E59-BE37-69E2F69401EA} – System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {B26B8283-7E12-441D-8EF6-98AD15E3D467} – System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV24:{} (No File)
Task: {B92B0B68-FDB3-4103-A546-3380BC9DFC38} – System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-02-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0642835-FB17-4768-AF84-8E1DFC36DFBA} – System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1094808 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {C571E951-94BC-458B-9EF9-834FA72565C3} – System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-20] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D17EE239-C46F-45F4-89EA-A9C10CE52C07} – System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D194ECE1-50F9-4619-8DF6-9132AF4C0262} – System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {D35905B3-68B9-4C80-9D86-EDACE77EC012} – System32\Tasks\Driver Booster SkipUAC (tonyprime) => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\DriverBooster.exe [8075024 2020-10-12] (IObit Information Technology -> IObit)
Task: {D9CA84A0-2098-4400-984A-6EF7CAB9269A} – System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV24:{} /AllUsersRun (No File)
Task: {DA52EE70-68E5-4CCD-A196-005768DBCC32} – System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [115464 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {E2AFBF52-E372-40A1-B313-F3F3E604DC9C} – System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe (No File)
Task: {E9530D9D-39C7-4C7C-829C-86FCD5A8B799} – System32\Tasks\Open Hardware Monitor\Startup => C:\Users\tonyprime\Downloads\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [File not signed]
Task: {EF136FFD-C7F4-4B4A-B206-1C0C8BF3B519} – System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-04-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F9765045-E864-4EF7-8731-CDFBCED2D3D2} – System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-10-24] (Google Inc -> Google LLC)
Task: {F9B2EEFB-5494-45DD-86B4-F7CF4CE912E3} – System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F9F86C94-1D01-4F24-BCCB-0AF4B1163B13} – System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241960 2021-11-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {FAADD6A4-4F1B-4B11-89FB-D4479F66668A} – System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe -onlytray (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aab09d63-3660-4b48-804d-6aac5d943f12}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c5859b22-e9d5-45f4-8259-e5036a798b21}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{cc2408e1-5fef-4b78-b2b4-efe243e6bc19}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF HKLM\…\Firefox\Extensions: [[email protected]] – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-03]
FF HKLM-x32\…\Firefox\Extensions: [[email protected]] – C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default [2022-05-23]
CHR HomePage: Default -> hxxps://www.facebook.com/
CHR StartupUrls: Default -> “hxxp://www.facebook.com/”,”hxxp://www.mcisd.net/”,”hxxps://www.google.com/”
CHR Extension: (Adblock Plus – free ad blocker) – C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-12]
CHR Extension: (Google Docs Offline) – C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18]
CHR Extension: (Slickdeals: Automatic Coupons and Deals) – C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpdapbcmfllbpojmkefcikllfeoahglb [2022-04-21]
CHR Extension: (Chrome Web Store Payments) – C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) – C:\Users\tonyprime\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2020-10-24]
CHR Extension: (Themer Dark) – C:\Users\tonyprime\Documents\Theme Modding\Themes\Tokyo Night for Windows by niivu.deviantart – April 1 2022\chrome\Chrome\Themer Dark [2022-04-07]
CHR HKLM-x32\…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [372456 2022-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2022-04-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2020-11-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2020-11-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-04-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2021-12-25] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe [2216264 2022-04-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-04-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [655728 2021-12-31] (ASUSTeK Computer Inc. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [838760 2022-05-21] (ASUSTeK Computer Inc. -> )
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [608184 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2059192 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [608184 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8471208 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11762616 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
R2 Curtains; C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe [430360 2021-11-10] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-05-07] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595888 2021-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [396520 2022-01-20] (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int’l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3477728 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; D:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [569000 2022-02-18] (Plex, Inc. -> Plex, Inc.)
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (NETGEAR -> Realtek Semiconductor Corp.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6304432 2022-03-21] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot – Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot – Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-09-24] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-09-24] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [31568 2022-03-28] (SteelSeries ApS -> )
R2 SuperDisplay; C:\Program Files\SuperDisplay\MirrorService.exe [692944 2020-09-20] (Software by KeloCube -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [7957584 2016-01-17] (NETGEAR TAIWAN CO., LTD -> Realtek Semiconductor Corporation)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2021-12-25] (ASUSTeK Computer Inc. -> )
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [232784 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [381680 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [255192 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [102616 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [44704 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [271752 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [549120 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111200 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [86272 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [857632 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [558912 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [218240 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317960 2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows ® Win 7 DDK provider)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [31808 2022-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\WINDOWS\system32\drivers\ctiio64.sys [30728 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [42472 2020-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-10-24] (Martin Malik – REALiX -> REALiX)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2013-02-21] (Realtek Semiconductor Corp -> NT Kernel Resources)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [29576 2021-11-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2020-10-25] (Razer USA Ltd. -> Razer Inc)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [25832 2021-12-30] (WHIRLWIND VIRTUAL REALITIES INC. -> )
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows ® Win 7 DDK provider)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-12-21] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [43424 2022-05-03] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_6f6e907eca1efa31\SteelSeries-Sonar-VAD.sys [89568 2022-03-23] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R3 superdisplay_hidbus; C:\WINDOWS\System32\drivers\superdisplay_hidbus.sys [27448 2020-09-08] (Software by KeloCube -> )
S3 superdisplay_wpdfilter_2; C:\WINDOWS\system32\drivers\superdisplay_wpdfilter_2.sys [32568 2020-09-10] (Software by KeloCube -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Users\tonyprime\Downloads\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2022-05-21] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: “C:\Users\tonyprime\{d49c1935-bfba-45a9-8be0-93873d77e289}.dll”
2022-05-23 21:45 – 2022-05-23 21:46 – 000053024 _____ C:\Users\tonyprime\Downloads\FRST.txt
2022-05-23 21:45 – 2022-05-23 21:46 – 000000000 ____D C:\FRST
2022-05-23 21:44 – 2022-05-23 21:44 – 002367488 _____ (Farbar) C:\Users\tonyprime\Downloads\FRST64.exe
2022-05-23 21:38 – 2022-05-23 21:46 – 000000000 ____D C:\WINDOWS\SysWOW64\lock.lock
2022-05-21 17:32 – 2022-05-21 17:32 – 000003865 _____ C:\Users\tonyprime\Downloads\5623_Bayonetta.zip
2022-05-21 16:39 – 2022-05-21 16:39 – 000000000 ____D C:\Users\tonyprime\Documents\Bayonetta
2022-05-21 10:57 – 2022-05-21 11:01 – 4057929877 _____ C:\Users\tonyprime\Downloads\Top.Chef.S19E01.Primal.Instincts.1080p.AMZN.WEB-DL.DDP2.0.H.264-NTb[eztv.re].mkv
2022-05-21 10:34 – 2022-05-21 10:36 – 2487844831 _____ C:\Users\tonyprime\Downloads\Idiocracy (2006).mkv
2022-05-21 10:34 – 2022-05-21 10:35 – 787566522 _____ C:\Users\tonyprime\Downloads\Super Mario Bros 1993.mp4
2022-05-19 22:23 – 2022-05-19 22:23 – 000282552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2022-05-19 22:23 – 2022-05-19 22:23 – 000218240 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2022-05-15 21:09 – 2022-05-16 18:05 – 000000000 ____D C:\Users\tonyprime\Desktop\Watch Stuff
2022-05-13 23:08 – 2022-05-13 23:08 – 000000028 ____H C:\.GamingRoot
2022-05-13 23:08 – 2022-05-13 23:08 – 000000000 ____D C:\XboxGames
2022-05-12 21:02 – 2022-05-12 21:02 – 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-05-12 21:01 – 2022-05-12 21:01 – 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-12 21:01 – 2022-05-12 21:01 – 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-12 21:01 – 2022-05-12 21:01 – 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-12 20:57 – 2022-05-12 20:57 – 000000000 ___HD C:\$WinREAgent
2022-05-11 20:45 – 2022-05-11 20:45 – 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-05-07 20:08 – 2022-05-07 20:08 – 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-05-07 20:08 – 2022-05-07 20:08 – 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-05-07 20:08 – 2022-05-07 20:08 – 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-05-07 20:08 – 2022-05-07 20:08 – 000045408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-04-30 23:02 – 2022-04-30 23:02 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Dust
2022-04-30 22:55 – 2022-04-30 22:55 – 000000755 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Gunk.lnk
2022-04-30 22:38 – 2022-04-30 22:38 – 000000000 ____D C:\Users\tonyprime\AppData\LocalLow\MisterMorrisGames
2022-04-28 19:45 – 2022-05-11 20:45 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\DropboxElectron
2022-04-27 21:46 – 2022-04-27 21:46 – 000001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-27 21:46 – 2022-04-27 21:46 – 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-26 20:23 – 2022-04-21 13:37 – 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-04-26 20:23 – 2022-04-21 13:37 – 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-04-26 20:23 – 2022-04-21 13:37 – 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-26 20:23 – 2022-04-21 13:37 – 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-26 20:23 – 2022-04-21 13:37 – 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-04-26 20:23 – 2022-04-21 13:37 – 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-04-26 20:23 – 2022-04-21 13:37 – 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-26 20:23 – 2022-04-21 13:37 – 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-26 20:23 – 2022-04-21 13:36 – 001467992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-04-26 20:23 – 2022-04-21 13:36 – 001209432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-26 20:23 – 2022-04-21 13:34 – 000586464 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-04-26 20:23 – 2022-04-21 13:34 – 000461400 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-04-26 20:23 – 2022-04-21 13:33 – 001530432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-04-26 20:23 – 2022-04-21 13:33 – 001177288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-04-26 20:23 – 2022-04-21 13:33 – 000712392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-04-26 20:23 – 2022-04-21 13:32 – 002120928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-04-26 20:23 – 2022-04-21 13:32 – 001603152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-04-26 20:23 – 2022-04-21 13:32 – 000730328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-04-26 20:23 – 2022-04-21 13:32 – 000581848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 006963912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 006226632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 005729856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 005100744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 002932936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-04-26 20:23 – 2022-04-21 13:31 – 000457928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-04-26 20:23 – 2022-04-21 13:30 – 000852048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-04-26 20:23 – 2022-04-20 21:16 – 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-04-26 20:15 – 2022-04-26 20:18 – 000000000 ____D C:\AdwCleaner
2022-04-26 19:39 – 2014-05-24 19:36 – 000015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll
2022-04-26 19:39 – 2014-05-24 19:36 – 000004608 _____ C:\WINDOWS\system32\SppExtComObjPatcher.exe
2022-04-23 23:26 – 2022-04-23 23:26 – 000000000 ____D C:\Users\tonyprime\Documents\DARKSiDERS
2022-04-23 23:26 – 2022-04-23 23:26 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\Godot
2022-04-23 19:17 – 2022-04-23 19:20 – 2525798748 _____ C:\Users\tonyprime\Downloads\Run (2020).mkv
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-23 21:46 – 2020-10-24 17:32 – 000000000 ____D C:\Program Files (x86)\Google
2022-05-23 21:40 – 2020-10-24 19:51 – 000000000 ____D C:\ProgramData\NVIDIA
2022-05-23 21:40 – 2020-10-24 17:46 – 000000000 ____D C:\Program Files\CCleaner
2022-05-23 21:39 – 2020-10-24 20:08 – 000000000 ____D C:\Program Files (x86)\Steam
2022-05-23 21:38 – 2021-01-26 20:26 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Dropbox
2022-05-23 21:38 – 2020-10-24 21:48 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Battle.net
2022-05-23 21:38 – 2019-12-07 04:14 – 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-22 18:57 – 2022-04-18 18:25 – 000003108 _____ C:\WINDOWS\system32\Tasks\KMSAutoNet
2022-05-22 18:57 – 2022-04-08 20:21 – 000002546 _____ C:\WINDOWS\system32\Tasks\StartIsBack health check
2022-05-22 18:57 – 2022-04-08 20:16 – 000002586 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-05-22 18:57 – 2022-01-27 19:35 – 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-22 18:57 – 2022-01-27 19:35 – 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-05-22 18:57 – 2022-01-03 20:53 – 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-05-22 18:57 – 2022-01-03 20:53 – 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-05-22 18:57 – 2022-01-03 20:53 – 000003044 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-05-22 18:57 – 2022-01-03 20:53 – 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-05-22 18:57 – 2022-01-03 20:53 – 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-05-22 18:57 – 2022-01-03 20:53 – 000002578 _____ C:\WINDOWS\system32\Tasks\AMDAutoUpdate
2022-05-22 18:57 – 2022-01-03 20:53 – 000002414 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_tonyprime
2022-05-22 18:57 – 2022-01-03 20:53 – 000002410 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (tonyprime)
2022-05-22 18:57 – 2022-01-03 20:53 – 000002302 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-05-22 18:57 – 2022-01-03 20:53 – 000002282 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-05-22 18:57 – 2022-01-03 20:53 – 000002266 _____ C:\WINDOWS\system32\Tasks\MSI Task Host – LEDKeeper2_Host
2022-05-22 18:57 – 2022-01-03 20:53 – 000002258 _____ C:\WINDOWS\system32\Tasks\UMonitor Task
2022-05-22 18:57 – 2022-01-03 20:53 – 000002258 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC – tonyprime
2022-05-22 18:57 – 2022-01-03 20:53 – 000002218 _____ C:\WINDOWS\system32\Tasks\Core Temp Autostart tonyprime
2022-05-22 18:57 – 2022-01-03 20:53 – 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-05-22 18:06 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-22 18:02 – 2020-11-24 19:16 – 000000000 ____D C:\Users\tonyprime\AppData\Local\CrashDumps
2022-05-22 17:56 – 2019-12-07 04:14 – 000000000 ___HD C:\Program Files\WindowsApps
2022-05-21 17:35 – 2021-07-30 22:24 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\WeMod
2022-05-21 17:32 – 2021-12-24 01:18 – 000000000 ____D C:\Program Files\Cheat Engine 7.3
2022-05-21 17:29 – 2020-11-03 19:52 – 000000000 ____D C:\Users\tonyprime\Documents\My Cheat Tables
2022-05-21 17:07 – 2021-09-20 23:25 – 000000000 ____D C:\Users\tonyprime\AppData\Local\WeMod
2022-05-21 17:07 – 2020-11-08 17:22 – 000000000 ____D C:\Users\tonyprime\AppData\Local\SquirrelTemp
2022-05-21 16:31 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\ServiceState
2022-05-21 15:19 – 2021-10-16 21:23 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\steelseries-gg-client
2022-05-21 11:03 – 2020-10-25 13:18 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\vlc
2022-05-21 08:25 – 2022-01-03 20:56 – 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-21 08:25 – 2019-12-07 04:13 – 000000000 ____D C:\WINDOWS\INF
2022-05-21 08:23 – 2020-10-24 19:30 – 000000000 ____D C:\ProgramData\ProductData
2022-05-21 08:18 – 2022-01-03 20:53 – 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-21 08:18 – 2022-01-03 20:46 – 000008192 ___SH C:\DumpStack.log.tmp
2022-05-21 08:18 – 2021-10-23 16:34 – 000000000 ____D C:\ProgramData\SuperDisplay
2022-05-21 08:18 – 2021-04-08 14:29 – 000877320 _____ C:\WINDOWS\system32\wpbbin.exe
2022-05-21 08:18 – 2021-04-08 14:29 – 000838760 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-05-21 08:18 – 2020-10-24 17:48 – 000000000 ____D C:\Program Files (x86)\Spybot – Search & Destroy 2
2022-05-21 08:18 – 2020-10-24 17:30 – 000000000 ____D C:\ProgramData\AVG
2022-05-21 08:18 – 2019-12-07 04:03 – 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-21 08:17 – 2022-04-06 18:24 – 000000000 ____D C:\Program Files (x86)\7tsp
2022-05-21 08:17 – 2022-01-03 20:46 – 005031776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-21 08:17 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\SystemResources
2022-05-20 20:21 – 2020-10-31 16:12 – 000000000 ____D C:\Users\tonyprime\AppData\Local\PlaceholderTileLogoFolder
2022-05-20 20:21 – 2020-10-24 21:15 – 000000000 ____D C:\ProgramData\Packages
2022-05-20 20:21 – 2016-01-17 22:28 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Packages
2022-05-20 20:01 – 2022-04-18 21:14 – 000000000 ____D C:\Program Files\Microsoft Office
2022-05-19 22:24 – 2020-10-24 17:31 – 000381680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000857632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000558912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000549120 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000317960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000271752 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000255192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000232784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000111200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000102616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000086272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2022-05-19 22:23 – 2020-10-24 17:31 – 000044704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2022-05-19 22:23 – 2019-12-07 04:14 – 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-19 18:22 – 2021-01-26 20:28 – 000000000 ___RD C:\Users\tonyprime\Dropbox
2022-05-17 21:50 – 2020-10-24 21:17 – 000000000 ____D C:\ProgramData\SteelSeries
2022-05-16 18:08 – 2022-04-18 18:25 – 000000000 ____D C:\ProgramData\KMSAutoS
2022-05-15 21:10 – 2020-11-24 11:17 – 000000000 ____D C:\Users\tonyprime\GearWatchDesigner
2022-05-15 21:02 – 2020-12-27 13:59 – 000001456 _____ C:\Users\tonyprime\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-05-13 23:08 – 2022-02-01 22:01 – 002274768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000394704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000222672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000132560 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-05-13 23:08 – 2022-02-01 22:01 – 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-05-12 22:23 – 2019-12-07 04:54 – 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-05-12 22:23 – 2019-12-07 04:14 – 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-12 22:23 – 2019-12-07 04:14 – 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-12 22:23 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-12 22:23 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-12 22:23 – 2019-12-07 04:14 – 000000000 ____D C:\Program Files\Common Files\System
2022-05-12 21:03 – 2019-12-07 04:03 – 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-12 19:33 – 2020-10-24 18:01 – 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-12 19:31 – 2020-10-24 19:04 – 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-12 19:30 – 2020-10-24 21:47 – 000000000 ____D C:\Program Files (x86)\Battle.net
2022-05-11 20:45 – 2021-01-26 20:26 – 000000000 ____D C:\Program Files (x86)\Dropbox
2022-05-09 20:27 – 2019-12-07 04:14 – 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-06 22:15 – 2016-01-17 22:39 – 000000000 ___HD C:\Program Files (x86)\installshield installation information
2022-05-03 21:52 – 2016-01-17 22:35 – 000000000 ____D C:\Users\tonyprime\Documents\Games
2022-05-03 21:51 – 2021-10-16 21:15 – 000000000 ____D C:\Users\tonyprime\Downloads\GAMES
2022-05-03 03:39 – 2021-09-03 12:10 – 000043424 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2022-04-30 23:06 – 2021-05-24 21:07 – 000000000 ____D C:\Users\tonyprime\AppData\Roaming\FLT
2022-04-30 22:54 – 2022-02-10 20:06 – 000000000 ____D C:\Games
2022-04-28 19:45 – 2020-10-24 22:01 – 000000000 ____D C:\Users\tonyprime\AppData\Local\D3DSCache
2022-04-26 20:52 – 2020-10-24 19:52 – 000000000 ____D C:\Users\tonyprime\AppData\Local\NVIDIA
2022-04-24 14:18 – 2021-04-03 09:36 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Plex
2022-04-24 14:17 – 2021-04-03 09:38 – 000000000 ____D C:\Users\tonyprime\AppData\Local\Plex Media Server
2022-04-24 11:04 – 2020-10-24 17:35 – 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories ========
2020-12-27 13:55 – 2020-12-27 21:38 – 000000132 _____ () C:\Users\tonyprime\AppData\Roaming\Adobe GIF Format CS6 Prefs
2020-12-27 13:57 – 2020-12-27 13:57 – 000000132 _____ () C:\Users\tonyprime\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-12-27 13:59 – 2022-05-15 21:02 – 000001456 _____ () C:\Users\tonyprime\AppData\Local\Adobe Save for Web 13.0 Prefs
2020-12-08 20:49 – 2021-04-29 09:00 – 000000410 _____ () C:\Users\tonyprime\AppData\Local\oobelibMkey.log
2020-10-26 19:20 – 2021-12-31 10:45 – 000007605 _____ () C:\Users\tonyprime\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022
Ran by tonyprime (23-05-2022 21:47:15)
Running from C:\Users\tonyprime\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1706 (X64) (2022-01-04 01:53:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4062664596-36545718-2419474602-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-4062664596-36545718-2419474602-503 – Limited – Disabled)
Guest (S-1-5-21-4062664596-36545718-2419474602-501 – Limited – Disabled)
tonyprime (S-1-5-21-4062664596-36545718-2419474602-1002 – Administrator – Enabled) => C:\Users\tonyprime
WDAGUtilityAccount (S-1-5-21-4062664596-36545718-2419474602-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled – Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Spybot – Search and Destroy (Enabled – Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: AVG Antivirus (Enabled – Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD_Chipset_Drivers (HKLM-x32\…\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 – Advanced Micro Devices, Inc.) Hidden
ANNO: Mutationem (HKLM-x32\…\ANNO: Mutationem_is1) (Version: – )
ARMOURY CRATE Lite Service (HKLM-x32\…\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.1.4 – ASUS)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\…\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 – Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\…\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 – Asmedia Technology)
ASUS AIOFan HAL (HKLM-x32\…\{e040e3dd-d66c-4bca-bc40-f9eac8080fee}) (Version: 1.1.45.0 – ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\…\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.45.0 – ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\…\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 – ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\…\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 – ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\…\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.8.0 – ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\…\{c289ca16-807e-4373-92c3-29ef5dc2119a}) (Version: 1.2.8.0 – ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM-x32\…\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 – ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM-x32\…\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 – ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\…\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 – ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\…\{cf5b2f79-6f67-4543-b5d5-6f1fb9ad6d06}) (Version: 2.1.2.3 – ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\…\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.2.3 – ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\…\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.00.10 – ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\…\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 – ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM-x32\…\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.18 – ASUS) Hidden
AURA DRAM Component (HKLM-x32\…\{c3ae9104-ed9b-4ab5-9eb1-569697f4514b}) (Version: 1.1.18 – ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\…\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 – ASUS)
AURA lighting effect add-on x64 (HKLM-x32\…\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 – ASUS)
AURA Service (HKLM-x32\…\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 – ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\…\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 – ASUSTeK Computer Inc.)
AVG Internet Security (HKLM-x32\…\AVG Antivirus) (Version: 22.4.3231 – AVG Technologies)
Battle.net (HKLM-x32\…\Battle.net) (Version: – Blizzard Entertainment)
CCleaner (HKLM-x32\…\CCleaner) (Version: 5.92 – Piriform)
Cheat Engine 7.3 (HKLM-x32\…\Cheat Engine_is1) (Version: – Cheat Engine)
Detroit: Become Human (HKLM-x32\…\Detroit: Become Human_is1) (Version: – )
Discord (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Discord) (Version: 0.0.309 – Discord Inc.)
Driver Booster 8 (HKLM-x32\…\Driver Booster_is1) (Version: 8.0.2 – IObit)
Dropbox (HKLM-x32\…\Dropbox) (Version: 148.4.4519 – Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\…\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 – Dropbox, Inc.) Hidden
Eastward (HKLM-x32\…\Eastward_is1) (Version: – )
ENE RGB HAL (HKLM-x32\…\{135617a1-0191-4ed9-a0f7-2786a4739018}) (Version: 1.1.39.15 – Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\…\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.15 – Ene Tech.) Hidden
ENE_DRAM_GSKILL_SE (HKLM-x32\…\{5A6AC577-F8F8-4B6A-B684-13FD7E306CA2}) (Version: 1.0.1.0 – Ene Tech.) Hidden
ENE_DRAM_GSKILL_SE (HKLM-x32\…\{bf49eb2f-f2fb-4631-a95a-1f0cadd21eac}) (Version: 1.0.1.0 – Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\…\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.19 – Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\…\{948ed02d-9a82-4149-9dc2-722cf617dd1b}) (Version: 1.0.3.19 – Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\…\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 – Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\…\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 – Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\…\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 – ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\…\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 – ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\…\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 – ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\…\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 – ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM-x32\…\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 – ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\…\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 – ENE Tech) Hidden
GameSDK Service (HKLM-x32\…\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 – ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\…\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 – ASUSTek COMPUTER INC.) Hidden
Ghostwire: Tokyo (HKLM-x32\…\Ghostwire: Tokyo_is1) (Version: – )
Google Chrome (HKLM-x32\…\Google Chrome) (Version: 101.0.4951.67 – Google LLC)
Guitar Pro 7 – Soundbanks (HKLM-x32\…\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 – Arobas Music)
Guitar Pro 7 (HKLM-x32\…\Guitar Pro_is1) (Version: 7.5.4.1798 – )
Heroes of the Storm (HKLM-x32\…\Heroes of the Storm) (Version: – Blizzard Entertainment)
IObit Uninstaller 10 (HKLM-x32\…\IObitUninstall) (Version: 10.0.2.23 – IObit)
IrfanView 4.56 (64-bit) (HKLM-x32\…\IrfanView64) (Version: 4.56 – Irfan Skiljan)
ITORAH (HKLM-x32\…\ITORAH_is1) (Version: – )
Kingston AURA DRAM Component (HKLM-x32\…\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 – KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\…\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 – KINGSTON COMPONENTS INC.) Hidden
Mega Man Zero – ZX Legacy Collection (HKLM-x32\…\SKIDROW – Mega Man Zero – ZX Legacy Collection) (Version: – SKIDROW)
Messenger (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 134.0.338090230 – Facebook, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\OneDriveSetup.exe) (Version: 21.030.0211.0002 – Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM-x32\…\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: – MiniTool Software Limited)
MSI Center SDK (HKLM-x32\…\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2021.1126.01 – MSI)
NETGEAR A6100 Genie (HKLM-x32\…\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.36 – NETGEAR)
Nexus (HKLM-x32\…\Winstep Xtreme_is1) (Version: – )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\…\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM-x32\…\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20248 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\…\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13328.20278 – Microsoft Corporation) Hidden
OpenAL (HKLM-x32\…\OpenAL) (Version: – )
Origin (HKLM-x32\…\Origin) (Version: 10.5.108.49699 – Electronic Arts, Inc.)
osrss (HKLM-x32\…\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 – Microsoft Corporation) Hidden
Overwatch (HKLM-x32\…\Overwatch) (Version: – Blizzard Entertainment)
Patriot Viper DRAM RGB (HKLM-x32\…\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 – Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\…\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 – Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM-x32\…\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 – Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM-x32\…\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 – Patriot Memory) Hidden
PHISON HAL (HKLM-x32\…\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 – PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\…\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 – PHISON Electronics Corp.) Hidden
Plex (HKLM-x32\…\Plex) (Version: 1.43.4 – Plex, Inc.)
Plex Media Server (HKLM-x32\…\{1d51367a-702c-4076-9f4e-a5ed670a83ca}) (Version: 1.25.6.5577 – Plex, Inc.)
Plex Media Server (HKLM-x32\…\{880EDFDA-89F4-4E22-BA0D-2069A65C9CF5}) (Version: 1.25.6577 – Plex, Inc.) Hidden
PowerISO (HKLM-x32\…\PowerISO) (Version: 7.6 – Power Software Ltd)
Promontory_GPIO Driver (HKLM-x32\…\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden
ROG FAN XPERT 4 (HKLM-x32\…\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 1.00.10 – ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32\…\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.5.0 – ASUSTek COMPUTER INC.)
Samsung USB Driver for Mobile Phones (HKLM-x32\…\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.48.0 – Samsung Electronics Co., Ltd.)
Spotify (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\Spotify) (Version: 1.1.80.699.gc3dac750 – Spotify AB)
Spybot – Search & Destroy (HKLM-x32\…\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 – Safer-Networking Ltd.)
StartIsBack++ (HKLM-x32\…\StartIsBack) (Version: 2.9.17 – startisback.com)
Steam (HKLM-x32\…\Steam) (Version: 2.10.91.91 – Valve Corporation)
SteelSeries GG 18.1.0 (HKLM-x32\…\SteelSeries GG) (Version: 18.1.0 – SteelSeries ApS)
Stopping Plex (HKLM-x32\…\{9E24A532-2EDB-43A1-87CB-A86FE1480587}) (Version: 1.25.6577 – Plex, Inc.) Hidden
SuperDisplay (HKLM-x32\…\{E06E4B59-F551-41C6-9E9E-4650C1538114}) (Version: 1.1.10 – Software by KeloCube) Hidden
SuperDisplay (HKLM-x32\…\SuperDisplay 1.1.10) (Version: 1.1.10 – Software by KeloCube)
The Gunk (HKLM-x32\…\FLT_The_Gunk) (Version: – )
TUNIC (HKLM-x32\…\DOGE_TUNIC) (Version: – )
UltraUXThemePatcher (HKLM-x32\…\UltraUXThemePatcher) (Version: 4.3.2.0 – Manuel Hoefs (Zottel))
Universal Holtek RGB DRAM (HKLM-x32\…\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 – PD)
Universal Holtek RGB DRAM (HKLM-x32\…\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 – PD) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM-x32\…\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 – Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM-x32\…\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 – Microsoft Corporation)
UpdateAssistant (HKLM-x32\…\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 – Microsoft Corporation) Hidden
USBHelperLauncher (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\USBHelperLauncher) (Version: 0.17d – FailedShack)
VLC media player (HKLM-x32\…\VLC media player) (Version: 3.0.12 – VideoLAN)
WD_BLACK AN1500 (HKLM-x32\…\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 – ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\…\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 – ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\…\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 – ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\…\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 – ENE TECHNOLOGY INC.) Hidden
WeMod (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\WeMod) (Version: 8.1.0 – WeMod)
Winaero Tweaker (HKLM-x32\…\Winaero Tweaker_is1) (Version: 1.33.0.0 – Winaero)
WinDirStat 1.1.2 (HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\WinDirStat) (Version: – )
WinRAR 5.91 (64-bit) (HKLM-x32\…\WinRAR archiver) (Version: 5.91.0 – win.rar GmbH)
Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-04-08] (ASUSTeK COMPUTER INC.)
AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.4.1.0_x64__qmba6cd70vzyy [2022-05-21] (ASUSTeK COMPUTER INC.)
Duplicates Cleaner -> C:\Program Files\WindowsApps\6655kaeros.DuplicatesCleaner_3.70.36.0_x64__wbzechdf9an1w [2022-05-20] (kaeros)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.10.0_x86__1sdd7yawvg6ne [2022-05-20] (File-New-Project) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-05-22] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-18] (Microsoft Studios) [MS Ad]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.45.0_x64__kzh8wxbdkxb8p [2022-05-18] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2022-04-08] (Realtek Semiconductor Corp)
Sonic Radar 3 -> C:\Program Files\WindowsApps\A-Volute.28054DF1F58B4_3.16.21.0_x64__w2gh52qy24etm [2022-04-08] (A-Volute)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.21.0_x64__w2gh52qy24etm [2022-04-08] (A-Volute)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2202.25001.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4062664596-36545718-2419474602-1002_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\tonyprime\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-4062664596-36545718-2419474602-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\tonyprime\Dropbox [2021-01-26 20:28]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-05-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-12-23 16:51 – 2021-12-23 16:51 – 000477696 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-12-23 16:51 – 2021-12-23 16:51 – 000471040 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-12-23 16:51 – 2021-12-23 16:51 – 000454656 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2022-02-02 22:41 – 2021-12-10 18:55 – 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-23 16:51 – 2021-12-23 16:51 – 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 104871424 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\libcef.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000332288 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\swiftshader\libegl.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 003011584 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\swiftshader\libglesv2.dll
2020-10-25 13:43 – 2011-09-30 09:33 – 000146432 _____ () [File not signed] C:\Program Files (x86)\GPU Temp\Aga.Controls.dll
2012-11-06 09:47 – 2012-11-06 09:47 – 000114688 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll
2018-03-07 10:56 – 2018-03-07 10:56 – 000094208 _____ () [File not signed] C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
2020-10-24 21:35 – 2022-03-03 21:23 – 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-10-24 21:35 – 2021-11-17 06:38 – 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-10-24 21:35 – 2021-11-17 06:38 – 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-11-06 15:09 – 2019-11-06 15:09 – 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-10-30 15:06 – 2019-10-30 15:06 – 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\SB_SMBUS_SDK.dll
2020-06-24 01:32 – 2020-06-24 01:32 – 000211456 _____ () [File not signed] C:\Program Files\SuperDisplay\sentry_native.dll
2020-05-26 17:08 – 2020-05-26 17:08 – 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2020-11-09 11:53 – 2010-08-09 22:33 – 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2021-10-11 22:39 – 2022-05-21 08:18 – 000041728 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.02.06\PEbiosinterface32.dll
2021-12-29 00:41 – 2018-11-15 15:08 – 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\IcMSIDll.dll
2021-07-27 10:54 – 2021-07-27 10:54 – 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-07-27 10:54 – 2021-07-27 10:54 – 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2022-03-10 21:32 – 2022-04-08 20:04 – 000116224 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\uxinit.dll
2021-12-29 00:41 – 2018-08-31 08:26 – 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\MsIo32_Galax.dll
2013-07-03 18:05 – 2013-07-03 18:05 – 000524288 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlLib.dll
2012-09-13 09:25 – 2012-09-13 09:25 – 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\IpLib.dll
2013-07-04 10:35 – 2013-07-04 10:35 – 000290816 _____ (Realtek) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\RtlIhvOid.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\chrome_elf.dll
2020-10-24 21:35 – 2022-03-03 21:23 – 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-02-02 22:41 – 2021-12-10 18:55 – 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-02-02 22:41 – 2021-12-10 18:55 – 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-02-02 22:42 – 2021-10-22 12:27 – 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2022-02-02 22:42 – 2021-10-22 12:27 – 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2009-07-23 17:32 – 2009-07-23 17:32 – 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR\A6100\LIBEAY32.dll
2020-11-06 21:52 – 2020-11-06 21:52 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-11-06 21:52 – 2020-11-06 21:52 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-11-06 21:52 – 2020-11-06 21:52 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-01-18 22:58 – 2020-11-06 21:52 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\audio\qtaudio_windows.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qgif.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qico.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qjpeg.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qmng.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qsvg.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\imageformats\qtiff.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\platforms\qwindows.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Core.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Gui.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Multimedia.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Network.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Qml.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Quick.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Svg.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Widgets.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5WinExtras.dll
2022-05-12 18:23 – 2022-05-12 18:23 – 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13500\Qt5Xml.dll
2022-04-08 20:30 – 2017-11-24 17:43 – 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2022-04-08 19:46 – 2019-09-23 23:51 – 000255488 _____ (www.startisback.com) [File not signed] C:\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer32.dll
2022-04-08 19:46 – 2019-09-23 23:51 – 000261632 _____ (www.startisback.com) [File not signed] C:\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => “”=”Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => “”=”Driver”
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [File not signed]
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer32.dll [2019-09-23] (www.startisback.com) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM – Adobe Acrobat Create PDF Toolbar – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 – Adobe Acrobat Create PDF Toolbar – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\sharepoint.com -> hxxps://livemcisd-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\123simsen.com -> www.123simsen.com
There are 7940 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 02:24 – 2022-04-08 19:40 – 000455216 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15620 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\tonyprime\Documents\Theme Modding\Themes\Tokyo Night for Windows by niivu.deviantart – April 1 2022\Wallpapers\bkg2 tri.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\…\StartupApproved\Run: => “Logitech Download Assistant”
HKLM\…\StartupApproved\Run: => “MTPW”
HKLM\…\StartupApproved\Run32: => “SunJavaUpdateSched”
HKLM\…\StartupApproved\Run32: => “SDTray”
HKLM\…\StartupApproved\Run32: => “PWRISOVM.EXE”
HKLM\…\StartupApproved\Run32: => “Acrobat Assistant 8.0”
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\StartupApproved\StartupFolder: => “bitport.lnk”
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\StartupApproved\Run: => “CCleaner Smart Cleaning”
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\StartupApproved\Run: => “Discord”
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\StartupApproved\Run: => “CCXProcess”
HKU\S-1-5-21-4062664596-36545718-2419474602-1002\…\StartupApproved\Run: => “Plex Media Server”
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{D709760A-F08E-4C7C-879D-D67E27557E3E}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{66780607-73D6-438C-AA4C-E81ADE8229BA}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{7C2DC367-0042-489A-AAF8-D13323CFDCF6}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{F5502A66-2F03-4AF8-9C53-F9BD2F70DD46}] => (Allow) LPort=26822
FirewallRules: [{0B94F2CA-82D4-4330-8DAC-0F2323B3878A}] => (Allow) LPort=26820
FirewallRules: [{1706DA17-F950-460A-9E03-77083DA2629A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WoolfeTRHD\WoolfeLauncher.exe (GRIN) [File not signed]
FirewallRules: [{347D32FC-B2F4-4A1F-9D44-9ACDCB6B6C2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WoolfeTRHD\WoolfeLauncher.exe (GRIN) [File not signed]
FirewallRules: [{2FB20705-1530-4913-B1E3-EFCF60C9B218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{AA4ED7D4-EFC7-41D9-8602-4D0881D78589}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{B44FBA6F-ED46-4B8B-992F-0D575F8E8E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{14D9AF57-55CF-48EF-AAAA-4664E091D5F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{E6DF5E7F-097A-4BC0-929B-49F5E76C9EF8}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{39032E33-078E-480A-BC9F-AEB06A659405}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{03B88F51-BBAA-4C13-818A-E25F26F22B1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{CE153DD5-71F0-49E8-9E8D-637934D8C999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4907CE8F-8789-4177-83CB-0E2B396F4A37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{65C10474-7661-44E4-A016-04BC519D6215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{89198683-876B-44A1-822F-8AA8D4C5B776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{469EC151-B2B6-40DA-BC04-0F88139C554C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{C3310223-8D6E-4C06-8DC6-DE0AA31B1F76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{CF534757-4FC9-4107-9714-F3A531CA044E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{5A95C23E-910A-410B-9CE7-A2E3945362D3}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{9E857F78-2D3A-4493-B563-C7363AAE7B9C}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5D3241AA-FF99-47AC-BFF3-7FBB2A8180C5}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3546F54F-73C7-4EC1-BF5E-E26833D68725}] => (Allow) D:\SteamLibrary\steamapps\common\CrossCode\CrossCode.exe (The NW.js Community) [File not signed]
FirewallRules: [{43C03CA6-57C1-466E-8D9A-2806E7090B98}] => (Allow) D:\SteamLibrary\steamapps\common\CrossCode\CrossCode.exe (The NW.js Community) [File not signed]
FirewallRules: [{6EF36F82-5380-4472-A602-23A597C2DF3F}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5C95D548-70C5-4FF1-B76F-5838EB090047}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{24484E2D-2E3A-43FB-A862-42B66A330E6F}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{051CD0C9-DA8D-430B-AEAD-AA058B5A9A99}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{11C93DE6-5662-4DB2-8F57-99A36043B5D3}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{035D2EE4-DFA1-4B2D-A4A0-81170B1C4D82}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [UDP Query User{63D4A2AF-3640-48D3-8BE7-1F8826B3521D}C:\program files\avg\antivirus\avgui.exe] => (Allow) C:\program files\avg\antivirus\avgui.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{B470AD1E-68DF-400F-BB1F-3AEBBEE4DA97}C:\program files\avg\antivirus\avgui.exe] => (Allow) C:\program files\avg\antivirus\avgui.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [UDP Query User{DA6EAF65-5279-487D-B36A-D24ADBACDA0D}C:\program files (x86)\steam\steamapps\common\shift quantum\shiftquantum\binaries\win64\shiftquantum-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shift quantum\shiftquantum\binaries\win64\shiftquantum-win64-shipping.exe (Fishing Cactus) [File not signed]
FirewallRules: [TCP Query User{EB6CF3A1-101E-4BF7-AB37-657E070029F9}C:\program files (x86)\steam\steamapps\common\shift quantum\shiftquantum\binaries\win64\shiftquantum-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shift quantum\shiftquantum\binaries\win64\shiftquantum-win64-shipping.exe (Fishing Cactus) [File not signed]
FirewallRules: [{AAEACC64-E8EB-4E7F-9469-364CE19299A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizard of Legend\WizardOfLegend.exe () [File not signed]
FirewallRules: [{6D2CBEB5-C068-46A0-AC2A-FD95851FE8B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizard of Legend\WizardOfLegend.exe () [File not signed]
FirewallRules: [{9974497D-26DD-4E9B-845C-B5A5EF9F0107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Jurassic World\LEGOJurassicWorld.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{EE162F88-7CD0-4275-BD37-785196A1FA09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Jurassic World\LEGOJurassicWorld.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{D16B35DE-9406-4ECA-B7E5-66C931FC6BAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aseprite\Aseprite.exe (Igara Studio S.A. -> Igara Studio S.A.)
FirewallRules: [{056A0F68-1163-4215-9238-01F45FD4B583}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aseprite\Aseprite.exe (Igara Studio S.A. -> Igara Studio S.A.)
FirewallRules: [{EB1096C4-60F1-4918-93A2-A71747E18826}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{6721BD98-88C4-4BE4-ADA8-537D8CD8D91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{D1365CB8-7764-4BA9-AE0F-84C400D66057}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{BBF008D8-FB3E-4575-8E65-4D1B9AEC024A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{ECBA5E01-17B1-4664-ACF2-17346DDC5EA0}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{9D207D66-11D4-4310-8242-8430D8E40CBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Shinobi Nine demons of Mamoru\PSNDOM.exe (Ametist studio) [File not signed]
FirewallRules: [{4E84D698-D59C-4726-8DE8-D5334B50D13B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Shinobi Nine demons of Mamoru\PSNDOM.exe (Ametist studio) [File not signed]
FirewallRules: [{CD710B4D-53C7-430D-9CD9-9B6C144722AC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{A464240E-60B6-454A-914E-E34B307FC7EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skul\Skul.exe () [File not signed]
FirewallRules: [{275E2632-8E5D-4147-8654-F59B26A73828}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skul\Skul.exe () [File not signed]
FirewallRules: [{85782839-4F87-491B-BD46-8814C7754EAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Record of Lodoss War-Deedlit in Wonder Labyrinth-\Deedlit in Wonder Labyrinth.exe (team ladybug) [File not signed]
FirewallRules: [{F20E6F7F-20AF-465E-A163-967706CDC3B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Record of Lodoss War-Deedlit in Wonder Labyrinth-\Deedlit in Wonder Labyrinth.exe (team ladybug) [File not signed]
FirewallRules: [{F000E15D-6FD2-47A1-84C8-1A4AE604259D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\30XX\30XX.exe () [File not signed]
FirewallRules: [{FB48C0A1-B450-4529-A295-14DBB7A4D369}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\30XX\30XX.exe () [File not signed]
FirewallRules: [{70746D31-A182-4FFA-B38A-292AFABD7364}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{ED5A9699-6EC9-4047-B00D-C575E4B2AAB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{02FC8014-ECFE-4612-9953-1DEBA124906E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{093B1ADC-C2FD-44AC-B737-8130C3FA733D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3058D44B-271D-429E-AE25-8CEFF36C8076}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{89DACEF7-90A7-4024-B642-A7B3AFC607B6}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D4960215-9BC5-497B-A342-65E7EDBBDE2F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{A710935F-8714-4BEB-BE57-EC81C288172C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3B4E3B3B-79B9-4D8C-8484-0BF8F9A37E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8D00CAC5-A3B2-447E-B7B6-81FC45AE986E}] => (Allow) LPort=1900
FirewallRules: [{14296E4C-05AA-470F-8C92-23A76DC2E5EB}] => (Allow) LPort=2869
FirewallRules: [UDP Query User{ECD792BC-C433-4E13-BC55-E17A60A333A9}D:\program files (x86)\plex\plex.exe] => (Allow) D:\program files (x86)\plex\plex.exe () [File not signed]
FirewallRules: [TCP Query User{2F2AFB84-6CB3-4CAB-A205-0312E143115E}D:\program files (x86)\plex\plex.exe] => (Allow) D:\program files (x86)\plex\plex.exe () [File not signed]
FirewallRules: [UDP Query User{9B46309C-959D-4595-8792-902DFA4390AD}D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\60 fps patch (beta)\oot3d 4k 60 fps edition\zelda ocarina of time 3d 4k 60 fps edition (beta).exe] => (Allow) D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\60 fps patch (beta)\oot3d 4k 60 fps edition\zelda ocarina of time 3d 4k 60 fps edition (beta).exe => No File
FirewallRules: [TCP Query User{6B635C84-0B25-4F8D-8E93-EB1E2BCD3D02}D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\60 fps patch (beta)\oot3d 4k 60 fps edition\zelda ocarina of time 3d 4k 60 fps edition (beta).exe] => (Allow) D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\60 fps patch (beta)\oot3d 4k 60 fps edition\zelda ocarina of time 3d 4k 60 fps edition (beta).exe => No File
FirewallRules: [UDP Query User{71377300-54E2-498A-9813-436519DD78DF}D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\zelda ocarina of time 4k.exe] => (Allow) D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\zelda ocarina of time 4k.exe => No File
FirewallRules: [TCP Query User{7FD28652-BBE2-4C18-8037-A4B6A95EA45E}D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\zelda ocarina of time 4k.exe] => (Allow) D:2\the legend of zelda – ocarina of time 3d 4k 1.3.0\zelda ocarina of time 4k.exe => No File
FirewallRules: [UDP Query User{7996AE92-C125-4665-8C61-EA151DAC58D0}D:\program files\galaxy watch studio\galaxywatchstudio.exe] => (Allow) D:\program files\galaxy watch studio\galaxywatchstudio.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{4881E8D0-215E-42F0-8DA3-9CA8D97C7617}D:\program files\galaxy watch studio\galaxywatchstudio.exe] => (Allow) D:\program files\galaxy watch studio\galaxywatchstudio.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{7282B4A4-8DF9-4A00-B23D-83ACD0D1C98F}C:\users\tonyprime\appdata\roaming\usbhelperlauncher\wiiu_usb_helper_.exe] => (Allow) C:\users\tonyprime\appdata\roaming\usbhelperlauncher\wiiu_usb_helper_.exe (Hikari06) [File not signed]
FirewallRules: [TCP Query User{A3F0EF4C-E1BC-4616-B37E-5CECB87135F8}C:\users\tonyprime\appdata\roaming\usbhelperlauncher\wiiu_usb_helper_.exe] => (Allow) C:\users\tonyprime\appdata\roaming\usbhelperlauncher\wiiu_usb_helper_.exe (Hikari06) [File not signed]
FirewallRules: [UDP Query User{6AA14159-6E21-43F3-B49D-92545A4BB23D}C:\users\tonyprime\appdata\roaming\usbhelperlauncher\usbhelperlauncher.exe] => (Allow) C:\users\tonyprime\appdata\roaming\usbhelperlauncher\usbhelperlauncher.exe () [File not signed]
FirewallRules: [TCP Query User{1DB29002-2E52-4EB7-A138-6B9BB346255B}C:\users\tonyprime\appdata\roaming\usbhelperlauncher\usbhelperlauncher.exe] => (Allow) C:\users\tonyprime\appdata\roaming\usbhelperlauncher\usbhelperlauncher.exe () [File not signed]
FirewallRules: [UDP Query User{0B7A86E7-A234-436A-A609-8643EAD3632F}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{404AF323-B771-4E7E-9297-A0EC0A3F5636}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F8A59929-0942-4726-B8C6-4758D84B19E8}F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{577AFD16-C4D8-4159-BF09-795646E05280}F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) F:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{6696C9AF-187E-484C-9B18-178775D063A6}C:\users\tonyprime\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tonyprime\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{012753AA-B7BC-4667-8774-56D2A32F7A49}C:\users\tonyprime\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tonyprime\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94051AB5-DA34-4E4E-B336-ACDB13D83A2E}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6BD83125-76C1-4E41-BD87-12BC2264BF83}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{465FE576-38EA-4200-AA45-94574F3327AD}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{0E18A493-C6FB-4148-B21D-7C56AB0DBD9D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{E5634ED4-2EA0-487F-94E5-AC04F26470FE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{60FD23F5-11B7-4219-B447-B88D3ED13D8D}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{11E2CD37-7840-4C23-A638-3D576F8D787F}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{09C88B2B-D79F-4D84-B3E0-7ABC84C6C74B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{34DF4671-229F-4067-B184-EA4305E72C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed]
FirewallRules: [{9D515DA9-DE0E-497F-9991-FD63EE779D76}] => (Allow) D:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{84EDFB9F-8026-4FFC-8390-063BDA67C136}] => (Allow) D:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> )
FirewallRules: [{D5050EA3-A3C8-449F-B4BC-FAA673BF0BCE}] => (Allow) D:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{9D6F7F22-2149-47AB-8219-A6D2FF00AED7}] => (Allow) D:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{768D3902-12D5-4540-B501-827ED6A69C0C}] => (Allow) D:\Program Files (x86)\Plex\Plex Media Server\Plex Game Transcoder\Plex Game Transcoder.exe (Plex, Inc. -> )
FirewallRules: [{049C42FC-89C7-4E6F-ADED-0043B6CE2BA2}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4D96C3CA-2760-4E24-AFDD-4F15E4DDB6BC}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{77D4DEFE-D627-4C5D-BA79-4600823A10B5}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{AD9D2152-2CF2-4CAD-B2A4-F6FAF416A16D}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E0AFC81A-D2BF-4A46-AF64-55D0964E7740}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4E6FED26-6FF7-46C4-AFDA-BA16D2DEF022}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A9199F1F-D013-4243-A7C2-94EB5776C36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Curtains\CurtainsBootstrap.exe (STARDOCK SYSTEMS, INC. -> )
FirewallRules: [{A2EAC6CB-A523-4B4E-83B3-42D69409F7EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Curtains\CurtainsBootstrap.exe (STARDOCK SYSTEMS, INC. -> )
FirewallRules: [{D345DA9F-D957-48EA-A789-942C98E60933}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1913E552-5DC0-482C-8EBE-9FE28FB7AB89}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{78C203F3-BC37-4818-848B-9F0886DBD5CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe (Heart Machine LLC) [File not signed]
FirewallRules: [{F47708CF-0BE4-4D4A-8370-0BF04062B93A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe (Heart Machine LLC) [File not signed]
FirewallRules: [{FA974A3A-593D-4F12-8867-AE76B944E4C3}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{05E26D90-7B19-4C6C-8B57-9D60ADD329CF}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{4C80DB41-157C-4516-AF52-0CC64DDFD5A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{18628192-8BFB-4EC4-8D3D-1F5E955D47A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{63721C6D-1CC0-4A15-89DA-CFB27D8031FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A4FC612F-B532-4D8E-96CC-B038A6488B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7329D39E-5979-4EB1-B094-59E23EC6F1D9}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{95514260-DDC7-41AC-BEAA-B8FC9E84CB13}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{B97E47E9-789D-4B86-A185-E64DB34B20CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{1C781EA4-F066-45A4-8397-C342B1AAE480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{58F87BCB-77B5-4E16-9263-D875F309890B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0399F55A-B7ED-4FDD-9A60-C049475B9AFC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A0D58602-37E7-4A79-96E8-2E5FA323BE04}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3A3ED66F-47C0-476F-B278-E0401A44614A}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{29118CE2-DA4B-4812-BCD5-9C199690B0CB}] => (Allow) LPort=32682
FirewallRules: [{FE5FD4D4-799C-4ED8-BBE9-1E76CB17521A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bayonetta\Bayonetta.exe () [File not signed]
FirewallRules: [{CF030CE2-2461-4F8A-ACED-17F33A828864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bayonetta\Bayonetta.exe () [File not signed]
FirewallRules: [{A11D2F58-82F1-4352-A589-E295E65242D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12146F69-C0C5-4CF7-ACC2-FB96B9DEC63A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EAEC18C3-107C-4A37-95F5-5309065E1CFB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD41DD6F-7F0D-4E13-98FD-24DA8AA4992D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39423F41-3AEF-4BFC-B1E4-4A484057CB15}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E2DD1F05-6B23-4762-8F01-FA637124EFCF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{04336014-8010-4788-935A-57E4544258A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{131776FF-C6CD-401A-8AFD-1C431386E6D6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6812A632-D6BF-4E71-B132-DB5096D1393E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7E9C4F9-8B38-4CC9-B4A0-CBE41D0E9CA8}] => (Allow) LPort=26822
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot – Search & Destroy 2\SDTray.exe] => Enabled:Spybot – Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot – Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
==================== Restore Points =========================
12-05-2022 20:56:52 Windows Modules Installer
12-05-2022 20:57:16 Windows Modules Installer
12-05-2022 20:57:43 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/23/2022 09:42:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x4a5c
Faulting application start time: 0x01d86f17ea10358c
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: b4dff6de-f2cd-41b4-b509-9d15a1a745e3
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:42:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x6454
Faulting application start time: 0x01d86f17e67f06a0
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: 1b781052-a0dc-4256-bb31-38e0447da93b
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:41:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x650
Faulting application start time: 0x01d86f17d0bcc876
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: dc4ae355-a3d3-409e-aab1-12ec3ae8dc39
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x1760
Faulting application start time: 0x01d86f17ad45478d
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: d90c4718-9c36-4318-b1a3-55d7e0d5b1f3
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x1c58
Faulting application start time: 0x01d86f17694fdb18
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: d8d24c99-c331-4d24-ad8c-578f08ba8d34
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:38:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (05/23/2022 09:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x3504
Faulting application start time: 0x01d86f1741b016cd
Faulting application path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot – Search & Destroy 2\SDUpdate.exe
Report Id: 9e065c81-5441-420d-b2e1-ef25ca99a413
Faulting package full name:
Faulting package-relative application ID:
Error: (05/23/2022 09:37:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=5
System errors:
=============
Error: (05/22/2022 06:37:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications User Service_10eaa1f8 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/22/2022 06:02:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications User Service_10eaa1f8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/21/2022 10:40:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: ApplicationSet-9PB2MZ1ZMB1S-AppleInc.iTunes.
Error: (05/21/2022 08:27:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WpnUserService_63a88 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/21/2022 08:16:08 AM) (Source: DCOM) (EventID: 10010) (User: TONYPRIME)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/21/2022 08:06:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/21/2022 08:06:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (05/20/2022 08:23:28 PM) (Source: DCOM) (EventID: 10001) (User: TONYPRIME)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca as Unavailable/Unavailable. The error:
“2147942402”
Happened while starting this command:
“C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Windows Defender:
================
Date: 2022-04-07 19:20:22
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: SettingsModifier:Win32/PossibleHostsFileHijack
Severity: Medium
Category: Settings Modifier
Path: file:_C:\Windows\System32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe
Security intelligence Version: AV: 1.213.3199.0, AS: 1.213.3199.0, NIS: 1.213.3199.0
Engine Version: AM: 1.1.12400.0, NIS: 1.1.12400.0
Date: 2022-04-07 19:20:22
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: SettingsModifier:Win32/PossibleHostsFileHijack
Severity: Medium
Category: Settings Modifier
Path: file:_C:\Windows\System32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Battle.net\Battle.net.exe
Security intelligence Version: AV: 1.213.3199.0, AS: 1.213.3199.0, NIS: 1.213.3199.0
Engine Version: AM: 1.1.12400.0, NIS: 1.1.12400.0
Date: 2022-04-07 19:20:20
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: SettingsModifier:Win32/PossibleHostsFileHijack
Severity: Medium
Category: Settings Modifier
Path: file:_C:\Windows\System32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
Security intelligence Version: AV: 1.213.3199.0, AS: 1.213.3199.0, NIS: 1.213.3199.0
Engine Version: AM: 1.1.12400.0, NIS: 1.1.12400.0
Date: 2022-04-07 19:20:20
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: SettingsModifier:Win32/PossibleHostsFileHijack
Severity: Medium
Category: Settings Modifier
Path: file:_C:\Windows\System32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Battle.net\Battle.net.exe
Security intelligence Version: AV: 1.213.3199.0, AS: 1.213.3199.0, NIS: 1.213.3199.0
Engine Version: AM: 1.1.12400.0, NIS: 1.1.12400.0
Date: 2022-04-07 19:20:18
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: SettingsModifier:Win32/PossibleHostsFileHijack
Severity: Medium
Category: Settings Modifier
Path: file:_C:\Windows\System32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
Security intelligence Version: AV: 1.213.3199.0, AS: 1.213.3199.0, NIS: 1.213.3199.0
Engine Version: AM: 1.1.12400.0, NIS: 1.1.12400.0
Event[0]:
Date: 2022-04-18 07:41:23
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.567.0
Previous security intelligence Version: 1.363.62.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80004004
Error description: Operation aborted
Date: 2022-04-18 07:41:23
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.567.0
Previous security intelligence Version: 1.363.62.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80004004
Error description: Operation aborted
Date: 2022-04-18 07:41:23
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.567.0
Previous security intelligence Version: 1.363.62.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80004004
Error description: Operation aborted
Date: 2022-04-18 07:41:23
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.567.0
Previous security intelligence Version: 1.363.62.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.19100.5
Previous Engine Version: 1.1.19100.5
Error code: 0x80004004
Error description: Operation aborted
Date: 2022-04-18 07:41:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.62.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19100.5
Error code: 0x80240017
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2022-05-23 21:47:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume7\Users\tonyprime\Documents\Theme Modding\oldnewexplorer_v1.1.9\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-05-23 21:38:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-05-23 21:38:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0301 08/27/2020
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING II
Processor: AMD Ryzen 5 3600X 6-Core Processor
Percentage of memory in use: 52%
Total physical RAM: 16293.19 MB
Available physical RAM: 7706.26 MB
Total Virtual: 18725.19 MB
Available Virtual: 6536.73 MB
==================== Drives ================================
Drive c: (Windows 10 Pro) (Fixed) (Total:930.46 GB) (Free:505.51 GB) (Model: Samsung SSD 860 EVO 1TB SATA Disk Device) NTFS
Drive d: (Y: SSD) (Fixed) (Total:232.88 GB) (Free:134.44 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive f: (Windows 7 Drive) (Fixed) (Total:232.79 GB) (Free:142.92 GB) (Model: Samsung SSD 840 Series) NTFS
\\?\Volume{bc18040d-1bc1-41db-8bb7-e2ca83787451}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{669e663f-015f-4424-8a4d-4a1cbe7f1e93}\ () (Fixed) (Total:0.5 GB) (Free:0.05 GB) NTFS
\\?\Volume{075e6bbd-dc5b-4709-bfb3-6febbda7e09c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================