Ran an exe, Discord hacked, not sure if anything harmful left over | #firefox | #chrome | #microsoftedge | #education | #technology | #infosec

[ad_1]

Hi, I basically did a massive oopsie and failed internet safety 101 and downloaded and ran an unknown exe file on my pc- it resulted in my Discord account being hacked (which I am trying to sort with support), but I am not sure if it will have left anything else that is harmful. I’ve uninstalled Discord and removed associated files to the best of my ability, and run a scan using Malwarebytes which came back clear. I really would just like someone who knows better than me to check over for me let me know if anything was missed and give any help or advice that could be needed!

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021

Ran by Melissa (administrator) on SPEEDWAGON (22-10-2021 05:47:22)

Running from C:UsersmelisDesktop

Loaded Profiles: Melissa

Platform: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Language: English (United Kingdom)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AAA Internet Publishing, Inc. -> AAA Internet Publishing, Inc.) C:Program Files (x86)WTFastWTFast.exe

(Autodesk, Inc. -> Autodesk Inc.) C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe

(Autodesk, Inc. -> Autodesk) C:Program Files (x86)AutodeskAutodesk Desktop AppAcWebBrowserAcWebBrowser.exe <3>

(Autodesk, Inc. -> Autodesk) C:Program Files (x86)Common FilesAutodesk SharedAdskLicensing10.2.0.4231AdskLicensingServiceAdskLicensingService.exe

(Autodesk, Inc. -> Autodesk) C:ProgramDataAutodeskGenuine Servicex64GenuineService.exe

(Autodesk, Inc. -> Autodesk, Inc.) C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe

(Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeShared FilesCTAudSvc.exe

(Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeSound Blaster Z-SeriesSound Blaster Z-Series Control PanelSBZ.exe

(Electronic Arts, Inc. -> Electronic Arts) E:Program Files (x86)OriginOriginWebHelperService.exe

(Flexera Software LLC -> Flexera) C:Program Files (x86)Common FilesMacrovision SharedFlexNet PublisherFNPLicensingService.exe

(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderFoxitPDFReaderUpdateService.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <16>

(HP Inc. -> HP Inc.) C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe

(Intel Corporation) [File not signed] C:WindowsSystem32IPROSetMonitor.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbweGameBar.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbweGameBarFTServer.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:WindowsSysWOW64Creative.UWPRPCService.exe

(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:WindowsSysWOW64CtHdaSvc.exe

(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:MSIMSIRegisterMSIRegister.exe

(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:MSIMSIRegisterMSIRegisterService.exe

(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.) C:Program Files (x86)MSILive UpdateMSI_LiveUpdate_Service.exe

(Numecent, Inc. -> Numecent, Inc.) C:Program FilesNumecentApplication Jukebox PlayerCoreHelper.exe

(Numecent, Inc. -> Numecent, Inc.) C:Program FilesNumecentApplication Jukebox PlayerJukeboxPlayer.exe

(Numecent, Inc. -> Numecent, Inc.) C:Program FilesNumecentApplication Jukebox PlayerStreamingCore.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe

(Razer USA Ltd. -> ) C:Program Files (x86)RazerSynapse3UserProcessRazer Synapse Service Process.exe

(Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe

(Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer ServicesRazer CentralCefSharp.BrowserSubprocess.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>

(SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) C:Program Files (x86)ToolkitToolkit.exe

(Shenzhen Huion Animation Technology Co.,LTD -> ) C:Huion TabletHuion Tablet.exe

(Shenzhen Huion Animation Technology Co.,LTD -> ) C:Huion Tabletx64TabletDriverCore.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32RtkAudUService64.exe [643520 2018-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [TabletDriver] => C:Huion TabletHuion Tablet.exe [240360 2020-10-24] (Shenzhen Huion Animation Technology Co.,LTD -> )

HKLM…Run: [Endeavors Technologies JukeboxPlayer] => C:Program FilesNumecentApplication Jukebox PlayerJukeboxPlayer.exe [9509280 2018-09-28] (Numecent, Inc. -> Numecent, Inc.)

HKLM-x32…Run: [UpdReg] => C:WindowsUpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]

HKLM-x32…Run: [Sound Blaster Z-Series Control Panel] => C:Program Files (x86)CreativeSound Blaster Z-SeriesSound Blaster Z-Series Control PanelSBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [File not signed]

HKLM-x32…Run: [Autodesk Desktop App] => C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)

HKLM-x32…Run: [Live Update] => C:Program Files (x86)MSILive UpdateLive Update.exe [26282160 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)

HKLM-x32…Run: [MSIRegister] => C:MSIMSIRegisterMSIRegister.exe [1266872 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)

HKLM-x32…Run: [Autodesk Genuine Service ] => C:ProgramDataAutodeskGenuine Servicex64GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [WTFast Tray] => C:Program Files (x86)WTFastWTFast.exe [7381000 2016-02-23] (AAA Internet Publishing, Inc. -> AAA Internet Publishing, Inc.)

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [Toolkit] => C:Program Files (x86)ToolkitToolkit.exe [1635688 2021-08-25] (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [SurfEasy] => C:Program Files (x86)Norton Secure VPNclientNorton Secure VPN.exe startup

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [Steam] => E:Program Files (x86)Steamsteam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [Adobe Acrobat Synchronizer] => “C:Program Files (x86)AdobeAcrobat DCAcrobatAdobeCollabSync.exe”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [CCXProcess] => “C:Program FilesAdobeAdobe Creative Cloud ExperienceCCXProcess.exe”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [TabletDriver] => C:Huion Tabletx64TabletDriverCore.exe [333544 2020-10-24] (Shenzhen Huion Animation Technology Co.,LTD -> )

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3523704 2021-10-18] (Razer USA Ltd. -> Razer Inc.)

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…RunOnce: [Application Restart #0] => C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe –aamHelperPipeName={F51216E5-8564-480A-B51F-374E1C30530D} –acccUpdated=true –appletVersion=1.0 –helperB (the data entry has 608 more characters).

HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3523704 2021-10-18] (Razer USA Ltd. -> Razer Inc.)

HKLM…PrintMonitorsHP D711 Status Monitor: C:Windowssystem32hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication95.0.4638.54Installerchrmstp.exe [2021-10-22] (Google LLC -> Google LLC)

Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupHuion Tablet.lnk [2020-11-29]

ShortcutTarget: Huion Tablet.lnk -> C:Huion TabletHuion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {13675E75-7383-4C21-9562-6C3817865A85} – System32TasksNvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {3A07D7E9-52A1-41F3-9221-418EE7EC8B28} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [849448 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {3BFA89CE-F127-469C-BD61-09CE95B3A354} – System32TasksMicrosoftVisualStudioUpdatesBackgroundDownload => C:Program Files (x86)Microsoft Visual StudioInstallerresourcesappServiceHubServicesMicrosoft.VisualStudio.Setup.ServiceBackgroundDownload.exe [64936 2021-02-08] (Microsoft Corporation -> Microsoft)

Task: {3E41575E-24C5-4E88-AB4C-635AB0417DC3} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107848 2019-05-24] (Google Inc -> Google Inc.)

Task: {47B0E129-AE5E-42EC-BAC4-0BFE6E9C610F} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {585DA891-1305-4861-A3BB-41911D20C3C1} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [648232 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A357071C-B461-4051-8129-1BB142123090} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {ADDCCA9F-1FD6-4B10-9120-68C2B502E2EA} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AE5F8D13-5903-4E72-95A6-A0289045C106} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {AEF47D00-D66D-489A-B4B8-DA5CD975917A} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {B6E88D34-9CE0-4FEA-87E4-7858EB09D8DB} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [590888 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {C35FC2CA-8CC4-4542-8D48-02F920F0C1B0} – System32TasksNvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {DC118ACB-1DFC-421A-A03A-B2780BA5331C} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107848 2019-05-24] (Google Inc -> Google Inc.)

Task: {DF3EB235-1CB8-4E74-AE64-49AE763B25BC} – System32TasksMicrosoftOfficeOffice Serviceability Manager => C:Program FilesCommon FilesMicrosoft SharedClickToRunofficesvcmgr.exe [4103280 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)

Task: {EA67E172-FC7C-43E9-9B27-CA14B748855F} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3728936 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {EC694D9D-24A6-43F7-88F1-010429B3CD72} – System32TasksNvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {ED910C16-41C0-4A0E-BB4C-906FBA129660} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {F2B6232D-4B1D-47E2-BD75-CE8AE1C3E3C8} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [849448 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {FD7320AD-B302-4DE1-95C3-B60A68F04EA2} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.0.1

Tcpip..Interfaces{b2c41db1-34e1-4182-b2d2-b3591b2abb57}: [DhcpNameServer] 192.168.0.1

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WINDOWSSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WINDOWSSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WINDOWSSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WINDOWSSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersmelisAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-26]

 

FireFox:

========

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:Program FilesVideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderpluginsnpFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderpluginsnpFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderpluginsnpFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderpluginsnpFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderpluginsnpFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersmelisAppDataLocalGoogleChromeUser DataDefault [2021-10-22]

CHR HomePage: Default -> hxxps//www.google.co.uk/

CHR StartupUrls: Default -> “hxxps//www.google.co.uk/”,”hxxp//www.fife.ac.uk/”,”hxxp//www.fife.ac.uk/Pages/default.aspx”,”hxxp//www.google.com/”

CHR Session Restore: Default -> is enabled.

CHR Extension: (Slides) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-05-24]

CHR Extension: (Docs) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2019-05-25]

CHR Extension: (Google Drive) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-19]

CHR Extension: (YouTube) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-25]

CHR Extension: (uBlock Origin) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-17]

CHR Extension: (Sheets) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-05-24]

CHR Extension: (Google Docs Offline) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19]

CHR Extension: (AdBlock — best ad blocker) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-10-13]

CHR Extension: (Elegantt | The leading Gantt Chart for Trello) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsjdongfcbejkjibhkbekkjcckophhjcjj [2021-03-12]

CHR Extension: (Chrome Web Store Payments) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersmelisAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Profile: C:UsersmelisAppDataLocalGoogleChromeUser DataSystem Profile [2021-03-19]

CHR HKLM…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

CHR HKLM-x32…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)

R2 AdskLicensingService; C:Program Files (x86)Common FilesAutodesk SharedAdskLicensingCurrentAdskLicensingServiceAdskLicensingService.exe [18554456 2020-07-15] (Autodesk, Inc. -> Autodesk)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)

S3 Creative Media Toolbox 6 Licensing Service; C:Program Files (x86)Common FilesCreative Labs SharedServiceMT6Licensing.exe [79360 2019-05-25] (Creative Labs) [File not signed]

R2 CTAudSvcService; C:Program Files (x86)CreativeShared FilesCTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:WINDOWSsysWow64CtHdaSvc.exe [133080 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)

R2 FoxitReaderUpdateService; C:Program Files (x86)Foxit SoftwareFoxit PDF ReaderFoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)

R2 HPPrintScanDoctorService; C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe [299680 2021-09-28] (HP Inc. -> HP Inc.)

R2 Intel® PROSet Monitoring Service; C:Windowssystem32IProsetMonitor.exe [505856 2018-01-22] (Intel Corporation) [File not signed]

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7801016 2021-10-21] (Malwarebytes Inc -> Malwarebytes)

R2 MSIREGISTER_MR; C:MSIMSIRegisterMSIRegisterService.exe [2020024 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)

R2 MSI_LiveUpdate_Service; C:Program Files (x86)MSILive UpdateMSI_LiveUpdate_Service.exe [2323632 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT’L CO., LTD.)

S3 OfficeSvcManagerAddons; C:WINDOWSsystem32dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-16] (Microsoft Windows -> Microsoft Corporation)

S3 Origin Client Service; E:Program Files (x86)OriginOriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; E:Program Files (x86)OriginOriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)

R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [1142808 2021-09-29] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [451608 2021-09-29] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [254224 2021-06-25] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [294520 2021-10-13] (Razer USA Ltd. -> Razer Inc.)

R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533824 2021-08-30] (Razer USA Ltd. -> Razer Inc.)

R2 StreamingCore; C:Program FilesNumecentApplication Jukebox PlayerStreamingCore.exe [7237504 2018-09-28] (Numecent, Inc. -> Numecent, Inc.)

R2 UWPService; C:WINDOWSSysWOW64Creative.UWPRPCService.exe [357288 2020-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2109.6-0NisSrv.exe [2855512 2021-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2109.6-0MsMpEng.exe [128392 2021-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 BthHFEnum; C:WINDOWSSystem32driversbthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]

R3 cthda; C:WINDOWSsystem32driverscthda.sys [1090416 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)

R3 cthdb; C:WINDOWSsystem32DRIVERScthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2021-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210344 2021-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [193448 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [69040 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-10-21] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2021-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBfilt; C:WINDOWSsystem32driversMBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)

R3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_005c; C:WINDOWSSystem32driversRzDev_005c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 rzendpt; C:WINDOWSSystem32driversrzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)

R2 StreamingFSD; C:WINDOWSSystem32DRIVERSStreamingFSD.sys [834928 2018-09-28] (Numecent, Inc. -> Numecent, Inc.)

R3 SymTAP; C:WINDOWSSystem32driversSymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project)

R3 vmulti; C:WINDOWSSystem32driversvmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48520 2021-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [434424 2021-10-03] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86264 2021-10-03] (Microsoft Windows -> Microsoft Corporation)

R2 WtfEngineDrv; C:WINDOWSsystem32DRIVERSWtfEngineDrv.sys [27904 2016-02-01] (Initex -> AAA Internet Publishing, Inc.)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-10-22 05:47 – 2021-10-22 05:48 – 000028138 _____ C:UsersmelisDesktopFRST.txt

2021-10-22 03:07 – 2021-10-22 03:07 – 000193448 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2021-10-22 03:07 – 2021-10-22 03:07 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2021-10-22 03:07 – 2021-10-22 03:07 – 000069040 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2021-10-22 01:40 – 2021-10-22 05:47 – 000000000 ____D C:FRST

2021-10-21 09:04 – 2021-10-21 09:04 – 002310656 _____ (Farbar) C:UsersmelisDesktopFRST64.exe

2021-10-21 07:51 – 2021-10-22 03:11 – 000000000 ____D C:UsersmelisAppDataLocalLowIGDump

2021-10-21 07:51 – 2021-10-21 07:51 – 000000000 ____D C:UsersmelisAppDataLocalmbam

2021-10-21 07:50 – 2021-10-21 07:50 – 002101944 _____ (Malwarebytes) C:UsersmelisDownloadsMBSetup.exe

2021-10-21 07:50 – 2021-10-21 07:50 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-10-21 07:50 – 2021-10-21 07:50 – 000210344 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-10-21 07:50 – 2021-10-21 07:50 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-10-21 07:50 – 2021-10-21 07:50 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2021-10-21 07:50 – 2021-10-21 07:50 – 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-10-21 07:50 – 2021-10-21 07:50 – 000002021 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-10-21 07:50 – 2021-10-21 07:50 – 000000000 ____D C:ProgramDataMalwarebytes

2021-10-21 07:50 – 2021-10-21 07:50 – 000000000 ____D C:Program FilesMalwarebytes

2021-10-21 03:27 – 2021-10-21 03:27 – 000000680 _____ C:UsersmelisAppDataRoamingPureRef.ini

2021-10-20 03:29 – 2021-10-20 03:29 – 026933648 _____ C:UsersmelisDownloadsWeb_Razer_Synapse_Installer_v2.21.24.34.exe

2021-10-15 15:55 – 2021-10-15 15:55 – 000452096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl

2021-10-15 15:55 – 2021-10-15 15:55 – 000007168 _____ (Microsoft Corporation) C:WINDOWSsystem32msdxm.ocx

2021-10-15 15:55 – 2021-10-15 15:55 – 000005632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msdxm.ocx

2021-10-15 15:54 – 2021-10-15 15:54 – 001823296 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-10-15 15:54 – 2021-10-15 15:54 – 001393504 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-10-15 15:54 – 2021-10-15 15:54 – 000706536 _____ C:WINDOWSsystem32TextShaping.dll

2021-10-15 15:54 – 2021-10-15 15:54 – 000611960 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-10-15 15:54 – 2021-10-15 15:54 – 000593920 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv

2021-10-15 15:54 – 2021-10-15 15:54 – 000570368 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl

2021-10-15 15:54 – 2021-10-15 15:54 – 000449024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv

2021-10-15 15:54 – 2021-10-15 15:54 – 000288768 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll

2021-10-15 15:54 – 2021-10-15 15:54 – 000098304 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-10-15 15:54 – 2021-10-15 15:54 – 000011495 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-10-15 15:44 – 2021-10-15 15:44 – 000000000 ___HD C:$WinREAgent

2021-10-13 20:10 – 2021-10-13 20:10 – 000001982 _____ C:UsersPublicDesktopZBrush 2021.7.1.lnk

2021-10-13 20:10 – 2021-10-13 20:10 – 000000000 ____D C:UsersShared

2021-10-13 20:09 – 2021-10-13 20:15 – 2649496868 _____ C:UsersmelisDownloadsDaVinci_Resolve_17.3.2_Windows.zip

2021-10-13 20:03 – 2021-10-13 20:03 – 000001665 _____ C:UsersmelisDesktopZUpgrader.lnk

2021-10-13 20:02 – 2021-10-13 20:02 – 000000000 ____D C:UsersmelisAppDataRoamingBlender Foundation

2021-10-13 20:00 – 2021-10-13 20:01 – 191680512 _____ C:UsersmelisDownloadsblender-2.93.5-windows-x64.msi

2021-10-13 19:10 – 2021-10-13 19:10 – 000000000 ____D C:UsersmelisAppDataRoamingAffinity

2021-10-13 19:10 – 2021-10-13 19:10 – 000000000 ____D C:ProgramDataAffinity

2021-10-13 19:09 – 2021-10-13 19:09 – 000001503 _____ C:UsersmelisDesktopFoxit PDF Reader.lnk

2021-10-13 19:09 – 2021-10-13 19:09 – 000001049 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAffinity Publisher.lnk

2021-10-13 19:09 – 2021-10-13 19:09 – 000001037 _____ C:UsersPublicDesktopAffinity Publisher.lnk

2021-10-13 19:09 – 2021-10-13 19:09 – 000000000 ____D C:Program FilesAffinity

2021-10-13 19:06 – 2021-10-13 19:07 – 543942872 _____ (Serif (Europe) Ltd.) C:UsersmelisDownloadsaffinity-publisher-1.10.1.exe

2021-10-13 17:42 – 2021-10-20 04:17 – 000000000 ____D C:UsersmelisAppDataRoamingFoxit Software

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:UsersPublicFoxit Software

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:UsersmelisAppDataRoamingFoxit AgentInformation

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:UsersmelisAppDataLocalLowFoxit

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit PDF Reader

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:ProgramDataFoxit Software

2021-10-13 17:42 – 2021-10-13 17:42 – 000000000 ____D C:ProgramDataFoxit ContentPlatform

2021-10-13 17:41 – 2021-10-13 17:41 – 000000000 ____D C:Program Files (x86)Foxit Software

2021-10-13 17:40 – 2021-10-13 17:40 – 001517184 _____ (Foxit Software Inc.) C:UsersmelisDownloadsFoxitPDFReader111_Setup.exe

2021-10-11 17:34 – 2021-10-11 17:34 – 000000000 ____D C:UsersmelisAppDataLocalLowTemp

2021-10-11 17:28 – 2021-10-11 17:28 – 000000000 ____D C:Program FilesHPPrintScanDoctor

2021-09-29 07:33 – 2021-09-29 07:33 – 000216088 _____ (Razer Inc.) C:WINDOWSsystem32RzChromaSDK64.dll

2021-09-29 07:31 – 2021-09-29 07:31 – 000186904 _____ (Razer Inc.) C:WINDOWSSysWOW64RzChromaSDK.dll

2021-09-24 16:20 – 2021-09-24 16:21 – 000000184 _____ C:UsersmelisDesktopART307 Class Project.url

2021-09-24 16:18 – 2021-09-24 16:18 – 000000727 _____ C:UsersmelisDesktopOneDrive – Shortcut.lnk

2021-09-23 18:10 – 2021-09-23 18:10 – 000000184 _____ C:UsersmelisDesktopAssignments.url

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-10-22 05:48 – 2019-05-25 19:01 – 000000000 ____D C:UsersmelisAppDataRoamingToolkit

2021-10-22 05:27 – 2019-05-24 20:28 – 000000000 ____D C:Program Files (x86)Google

2021-10-22 05:24 – 2019-05-25 19:02 – 000000000 ___RD C:UsersmelisMirror

2021-10-22 03:37 – 2019-12-07 10:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-10-22 03:14 – 2020-09-17 08:19 – 000906850 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-10-22 03:14 – 2019-12-07 10:13 – 000000000 ____D C:WINDOWSINF

2021-10-22 03:09 – 2019-05-25 16:10 – 000000000 ____D C:ProgramDataNVIDIA

2021-10-22 03:08 – 2019-05-25 17:55 – 000000000 ____D C:ProgramDataAutodesk

2021-10-22 03:07 – 2020-09-17 08:18 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-10-22 03:07 – 2020-09-17 08:12 – 000008192 ___SH C:DumpStack.log.tmp

2021-10-22 03:06 – 2019-12-07 10:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-10-22 03:06 – 2019-12-07 10:03 – 000032768 _____ C:WINDOWSsystem32configELAM

2021-10-22 02:11 – 2019-05-24 20:29 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-10-22 02:11 – 2019-05-24 20:29 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-10-22 01:57 – 2020-09-17 08:13 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-10-22 00:33 – 2019-12-07 10:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-10-22 00:33 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-10-21 07:50 – 2019-12-07 10:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-10-21 06:04 – 2019-05-24 20:24 – 000000000 ____D C:UsersmelisAppDataRoamingAdobe

2021-10-21 03:27 – 2019-05-25 19:08 – 000000000 ____D C:UsersmelisAppDataRoamingSpotify

2021-10-21 02:38 – 2019-05-24 20:24 – 000000000 ____D C:UsersmelisAppDataLocalPackages

2021-10-20 03:36 – 2019-05-25 17:05 – 000000000 ____D C:UsersmelisAppDataLocalCrashDumps

2021-10-20 03:36 – 2019-05-25 16:38 – 000000000 ____D C:UsersmelisAppDataLocalRazer

2021-10-20 03:36 – 2019-05-25 16:38 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer

2021-10-20 03:36 – 2019-05-25 16:32 – 000000000 ____D C:ProgramDataRazer

2021-10-20 03:36 – 2019-05-25 16:32 – 000000000 ____D C:Program Files (x86)Razer

2021-10-20 03:29 – 2019-05-25 16:36 – 000000000 ____D C:Program Files (x86)Razer Chroma SDK

2021-10-19 06:58 – 2019-05-25 19:31 – 000000000 ____D C:Program FilesMicrosoft Office

2021-10-19 06:51 – 2020-09-17 08:18 – 000003374 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1416734907-1124332706-3289978317-1001

2021-10-19 06:51 – 2020-09-17 01:32 – 000002383 _____ C:UsersmelisAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-10-19 06:51 – 2019-05-24 20:26 – 000000000 ___RD C:UsersmelisOneDrive

2021-10-16 17:59 – 2020-08-24 04:19 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-10-16 01:35 – 2020-09-17 08:13 – 000445576 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ___SD C:WINDOWSsystem32UNP

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSystemResources

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSDiagTrack

2021-10-16 01:34 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-10-15 15:57 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-10-15 15:44 – 2019-05-25 16:14 – 000000000 ____D C:WINDOWSsystem32MRT

2021-10-15 15:40 – 2019-05-25 16:14 – 139806512 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-10-14 04:03 – 2020-09-17 01:32 – 000000000 ____D C:Usersmelis

2021-10-14 03:41 – 2021-08-29 19:59 – 000000000 ____D C:vol0

2021-10-14 03:10 – 2019-06-05 00:39 – 000000000 ____D C:UsersmelisAppDataRoamingobs-studio

2021-10-13 20:02 – 2019-05-25 23:31 – 000001192 _____ C:UsersmelisDesktopblender.lnk

2021-10-13 20:02 – 2019-05-25 23:31 – 000000000 ____D C:UsersmelisAppDataRoamingMicrosoftWindowsStart MenuProgramsBlender

2021-10-13 20:01 – 2019-05-25 23:30 – 000000000 ____D C:Program FilesBlender Foundation

2021-10-13 18:06 – 2019-08-24 15:30 – 000000000 ____D C:UsersmelisAppDataLocalD3DSCache

2021-10-13 17:52 – 2019-05-25 23:24 – 000000000 ____D C:UsersmelisAppDataLocalUbisoft Game Launcher

2021-10-13 17:52 – 2019-05-25 23:22 – 000000000 ____D C:UsersmelisAppDataLocalBethesda.net Launcher

2021-10-13 17:51 – 2019-05-26 18:11 – 000000000 ____D C:UsersmelisDocumentsElectronic Arts

2021-10-13 17:51 – 2019-05-24 20:51 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2021-10-13 17:49 – 2019-05-25 21:00 – 000000000 ____D C:Program FilesCommon FilesAdobe

2021-10-13 17:49 – 2019-05-25 21:00 – 000000000 ____D C:Program FilesAdobe

2021-10-13 17:49 – 2019-05-25 20:00 – 000000000 ____D C:Program Files (x86)Adobe

2021-10-13 17:49 – 2019-05-25 16:38 – 000000000 ____D C:temp

2021-10-13 17:47 – 2019-05-25 20:02 – 000000000 ____D C:ProgramDataAdobe

2021-10-13 16:18 – 2019-05-25 19:09 – 000000000 ____D C:UsersmelisAppDataLocalSpotify

2021-10-13 16:07 – 2019-05-25 20:04 – 000000000 ___RD C:UsersmelisCreative Cloud Files

2021-10-10 01:30 – 2020-09-17 08:18 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-10-10 01:30 – 2020-09-17 08:18 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-10-08 11:41 – 2019-08-23 16:10 – 000000000 ___HD C:adobeTemp

2021-10-04 14:28 – 2020-08-18 11:29 – 000002368 _____ C:UsersmelisAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk

2021-10-03 17:32 – 2021-01-25 01:23 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-10-03 17:32 – 2019-08-24 15:27 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-09-30 22:22 – 2020-09-17 08:18 – 000003420 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-09-30 22:22 – 2020-09-17 08:18 – 000003296 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-09-29 14:27 – 2019-05-26 14:09 – 000000000 ____D C:UsersmelisAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2021-09-23 18:13 – 2019-05-24 20:24 – 000000000 __RHD C:UsersPublicAccountPictures

2021-09-23 18:10 – 2019-05-24 20:24 – 000000000 ____D C:UsersmelisAppDataLocalConnectedDevicesPlatform

2021-09-23 16:11 – 2019-05-25 19:06 – 000002231 _____ C:UsersmelisDesktopDiscord.lnk

 

==================== Files in the root of some directories ========

 

2020-10-22 15:16 – 2020-11-12 16:16 – 000000232 _____ () C:UsersmelisAppDataRoamingdebug.log

2021-10-21 03:27 – 2021-10-21 03:27 – 000000680 _____ () C:UsersmelisAppDataRoamingPureRef.ini

2021-01-28 14:16 – 2021-03-05 14:37 – 000002701 _____ () C:UsersmelisAppDataLocalkrita-sysinfo.log

2021-01-28 14:16 – 2021-03-05 17:31 – 000122661 _____ () C:UsersmelisAppDataLocalkrita.log

2021-03-05 17:31 – 2021-03-05 17:31 – 000000152 _____ () C:UsersmelisAppDataLocalkritadisplayrc

2021-01-28 14:16 – 2021-03-05 17:31 – 000023037 _____ () C:UsersmelisAppDataLocalkritarc

2021-01-28 14:52 – 2021-01-28 14:54 – 000000070 _____ () C:UsersmelisAppDataLocalkritashortcutsrc

2019-05-25 20:02 – 2021-10-13 17:50 – 000000615 _____ () C:UsersmelisAppDataLocaloobelibMkey.log

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021

Ran by Melissa (22-10-2021 05:48:47)

Running from C:UsersmelisDesktop

Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) (2020-09-17 07:23:27)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-1416734907-1124332706-3289978317-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-1416734907-1124332706-3289978317-503 – Limited – Disabled)

Guest (S-1-5-21-1416734907-1124332706-3289978317-501 – Limited – Disabled)

Melissa (S-1-5-21-1416734907-1124332706-3289978317-1001 – Administrator – Enabled) => C:Usersmelis

WDAGUtilityAccount (S-1-5-21-1416734907-1124332706-3289978317-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Norton Security (Enabled – Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}

AV: Norton Security (Enabled – Up to date) {A2708B76-6835-6565-CB96-694212954A75}

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Security (Disabled – Up to date) {19116A92-4E0F-6AEB-F126-5230691200C8}

FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Affinity Publisher (HKLM…{CE0286C1-5858-4CF5-99CB-3B0CFE6B7EF9}) (Version: 1.10.1.1142 – Serif (Europe) Ltd)

Allegorithmic Substance Alchemist 2.2.1 (HKLM…{B3506E85-E98F-4D48-A010-BE4DEE27D108}_is1) (Version: 2.2.1 – Allegorithmic)

Allegorithmic Substance B2M 3.1.4 (HKLM…{@APP_GUID@}_is1) (Version: 3.1.4 – Allegorithmic)

Allegorithmic Substance Designer 10.1.3 (HKLM…{e9e3d6d9-3023-41c7-b223-11d8fdd691b9}_is1) (Version: 10.1.3 – Allegorithmic)

Allegorithmic Substance Painter 6.2.2 (HKLM…{33C3E9E2-0675-4196-9019-28AB9C5E9BB0}_is1) (Version: 6.2.2 – Allegorithmic)

APP Shop v1.0.34 (HKLM-x32…{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.34 – ASRock Inc.)

ASIO4ALL (HKLM-x32…ASIO4ALL) (Version: 2.14 – Michael Tippach)

ASRock Restart to UEFI v1.0.6 (HKLM-x32…ASRock Restart to UEFI_is1) (Version: 1.0.6 – ASRock Inc.)

ASRRGBLED v1.0.6 (HKLM-x32…ASRock RGB LED_is1) (Version: 1.0.6 – ASRock Inc.)

Atma Weapon (HKLM-x32…{C91C99F5-8B4F-462A-A61E-98D3B6B1CEA0}) (Version: 0.0.9 – Atma Weapon) Hidden

Atma Weapon (HKLM-x32…Atma Weapon 0.0.9) (Version: 0.0.9 – Atma Weapon)

Audacity 2.3.2 (HKLM-x32…Audacity_is1) (Version: 2.3.2 – Audacity Team)

Autodesk 3ds Max 2018 Update1 (HKLM…Autodesk 3ds Max 2018 Update1) (Version: 20.4.8.4036 – Autodesk) Hidden

Autodesk 3ds Max 2018.4.8 Security Fix (HKLM-x32…{396596ec-aaa1-4fb6-a20d-08ba4bee913d}) (Version: 20.4.8.0 – Autodesk) Hidden

Autodesk 3ds Max 2019.3.2 Security Fix (HKLM-x32…{a18be9b6-aaff-4576-8533-dcaf952c8a33}) (Version: 21.3.2.0 – Autodesk) Hidden

Autodesk 3ds Max 2021 (HKLM…{63853A48-EB3A-4456-B788-1C010950D62C}) (Version: 23.1.0.1314 – Autodesk) Hidden

Autodesk 3ds Max 2021 (HKLM…{69B5E9EE-26F7-49BA-9F6C-AFF2D8D1C443}) (Version: 23.1.0.1314 – Autodesk, Inc.)

Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32…{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 – Autodesk)

Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32…{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 – Autodesk)

Autodesk Advanced Material Library Medium Resolution Image Library 2021 (HKLM-x32…{B4545986-9002-4090-9E58-44F985F2FF4F}) (Version: 19.1.23.0 – Autodesk)

Autodesk Civil View for 3ds Max 2021 64-bit (HKLM…{43B796D5-A9A8-4D44-AF8A-D3FBD1BF68A9}) (Version: 23.0.0.0 – Autodesk) Hidden

Autodesk Desktop App (HKLM-x32…Autodesk Desktop App) (Version: 8.2.0.34 – Autodesk)

Autodesk Download Manager (HKLM-x32…{E3ABBE37-EC80-4D03-AEFD-613EE5BBC458}) (Version: 6.2.3.0 – Autodesk, Inc.)

Autodesk Genuine Service (HKLM…{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 – Autodesk)

Autodesk Genuine Service (HKLM-x32…{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 – Autodesk)

Autodesk Genuine Service (HKLM-x32…{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 – Autodesk)

Autodesk Inventor Server Engine for 3ds Max 2021 (HKLM…{73D22C9F-BA87-46A8-B8FD-F11759C723E1}) (Version: 23.0 – Autodesk) Hidden

Autodesk Material Library 2021 (HKLM-x32…{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 – Autodesk)

Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32…{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 – Autodesk)

Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32…{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 – Autodesk)

Autodesk Maya 2020 (HKLM…{28AACAB3-4DF1-47A2-94C4-56006F6E8613}) (Version: 20.2.0.881 – Autodesk) Hidden

Autodesk Maya 2020 (HKLM…{853EB643-B759-4014-94D0-D47DC275C384}) (Version: 2020.2.0.881 – Autodesk, Inc.)

Autodesk Revit Interoperability for 3ds Max 2021 (HKLM…{0BB716E0-2100-0610-0000-097DC2F354DF}) (Version: 21.0.0.383 – Autodesk) Hidden

Autodesk Revit Unit Schemas 2021 (HKLM…{CDCC6F31-2021-4900-8E9B-D562B70697B6}) (Version: 21.0.0.383 – Autodesk) Hidden

Autodesk Single Sign On Component (HKLM…{7F0FE09D-E25D-4C59-A1AA-DB17153FC353}) (Version: 11.3.0.1803 – Autodesk)

Balanced (HKLM-x32…{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 – Advanced Micro Devices, Inc.) Hidden

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Bifrost Extension 2.0.3.0 for Maya 2020 (HKLM…{0BAD8879-2A6C-43DC-B8BC-9FE8AD80C75B}) (Version: 2.0.3.0 – Autodesk)

Bifrost Extension 2.0.5.1 for Maya 2020 (HKLM…{3BE3B023-2EC7-4E46-A8DD-96ED473542C8}) (Version: 2.0.5.1 – Autodesk)

Blackmagic RAW Common Components (HKLM…{E81CA048-974E-45FB-8262-44295193C43C}) (Version: 2.1 – Blackmagic Design)

blender (HKLM…{3033FBAD-BA86-469B-8C6F-ECD41334BD4D}) (Version: 2.93.5 – Blender Foundation)

Blender (HKLM…{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 – Blender Foundation)

CLIP STUDIO 1.10.13 (HKLM-x32…{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.10.13 – CELSYS)

CLIP STUDIO PAINT 1.10.13 (HKLM-x32…{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.10.13 – CELSYS)

Cloudpaging Player (HKLM…{23F6FB7C-C1E2-491B-91A1-0441D5191BC7}) (Version: 9.1.5.24332 – Numecent, Inc.)

Creative Media Toolbox 6 (HKLM-x32…{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 – Creative Technology Limited)

Creative Music Server (HKLM-x32…Music Server) (Version: 1.01 – Creative Technology Limited)

Creative Smart Recorder (HKLM-x32…Smart Recorder) (Version: 2.20 – Creative Technology Limited)

Creative WaveStudio 7 (HKLM-x32…WaveStudio 7) (Version: 7.14 – Creative Technology Limited)

DaVinci Resolve (HKLM…{4AED2B1B-1919-4F62-B497-D0A0BE5B9C98}) (Version: 17.1.10009 – Blackmagic Design)

DaVinci Resolve Control Panels (HKLM…{6CA5153C-F6DB-4495-AC9A-380DEAF9E3D5}) (Version: 1.5.2.0 – Blackmagic Design)

Dolby Digital Live Pack (HKLM-x32…Dolby Digital Live Pack) (Version: 3.03 – Creative Technology Limited)

DTS Connect Pack (HKLM-x32…DTS Connect Pack) (Version: 1.00 – Creative Technology Limited)

Epic Games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

FL Studio 20 (HKLM-x32…FL Studio 20) (Version:  – Image-Line)

FL Studio ASIO (HKLM-x32…FL Studio ASIO) (Version:  – Image-Line)

Foxit PDF Reader (HKLM-x32…Foxit Reader_is1) (Version: 11.1.0.52543 – Foxit Software Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 95.0.4638.54 – Google LLC)

Google Drive (HKLM-x32…{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 – Google, Inc.)

Grammarly for Microsoft® Office Suite (HKLM…{DE46CC28-5477-4CFB-9AE2-8C7C111E3EE7}) (Version: 6.8.261 – Grammarly) Hidden

Grammarly for Microsoft® Office Suite (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…{ee962c45-b827-4262-a720-3a939910ce37}) (Version: 6.8.261 – Grammarly)

Huion Tablet v14.8.166.1482 (HKLM…{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.166.1482 – )

Intel® C++ Redistributables on Intel® 64 (HKLM-x32…{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 – Intel Corporation)

Intel® Network Connections 23.0.12.0 (HKLM…PROSetDX) (Version: 23.0.12.0 – Intel)

Krita (x64) 4.4.2 (HKLM…Krita_x64) (Version: 4.4.2.0 – Krita Foundation)

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Malwarebytes version 4.4.8.137 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.8.137 – Malwarebytes)

Marmoset Toolbag 3 (HKLM-x32…MSET_Toolbag3) (Version:  – Marmoset LLC)

Marmoset Viewer 1.0.0 (HKLM…61bc8947-3f88-593a-93ad-6e1d1ce09dc7) (Version: 1.0.0 – Marmoset LLC)

Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.14430.20306 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 94.0.992.50 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 94.0.992.50 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…OneDriveSetup.exe) (Version: 21.196.0921.0007 – Microsoft Corporation)

Microsoft SQL Server 2014 Express LocalDB  (HKLM…{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 – Microsoft Corporation)

Microsoft Support and Recovery Assistant (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…f9a89bd2a46a7606) (Version: 16.0.3306.3 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Teams) (Version: 1.4.00.26376 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29913 (HKLM-x32…{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29914 (HKLM-x32…{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 – Mojang)

MSI Kombustor 3.5.0 (HKLM…{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  – MSI Co., LTD)

MSI Live Update 6 (HKLM-x32…{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.58 – MSI)

MSIRegister (HKLM-x32…{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.19 – MSI)

MtoA for Maya 2020 (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…MtoA2020) (Version: 4.0.3 – Autodesk)

NVIDIA CUDA Development 10.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_10.1) (Version: 10.1 – NVIDIA Corporation)

NVIDIA CUDA Documentation 10.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_10.1) (Version: 10.1 – NVIDIA Corporation)

NVIDIA CUDA Runtime 10.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_10.1) (Version: 10.1 – NVIDIA Corporation)

NVIDIA CUDA Samples 10.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_10.1) (Version: 10.1 – NVIDIA Corporation)

NVIDIA CUDA Visual Studio Integration 10.1 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_10.1) (Version: 10.1 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.18.0.102 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 – NVIDIA Corporation)

NVIDIA Graphics Driver 461.92 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.40 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 – NVIDIA Corporation)

NVIDIA Nsight Compute 2019.3.0 (HKLM…{F2897F04-053B-4A6D-966F-5D7D73C068A3}) (Version: 19.3.0.0 – NVIDIA Corporation)

NVIDIA Nsight Systems v2019.3.3 (HKLM…{CADBBEA2-79AE-4565-9E73-1EFBE54519EE}) (Version: 19.3.3.3 – NVIDIA Corporation)

NVIDIA Nsight Visual Studio Edition 2019.2.0.19109 (HKLM…{CB9FFEE8-E3B8-489E-93AC-282CF1F3F215}) (Version: 19.2.0.19109 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

NVIDIA Tools Extension SDK (NVTX) – 64 bit (HKLM…{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 – NVIDIA Corporation)

OBS Studio (HKLM-x32…OBS Studio) (Version: 23.1.0 – OBS Project)

OEM Application Profile (HKLM-x32…{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 – Advanced Micro Devices, Inc.)

Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden

Origin (HKLM-x32…Origin) (Version: 10.5.101.48500 – Electronic Arts, Inc.)

osu! (HKLM-x32…{96b3e4a1-6659-4ec8-8fa9-029c415abc23}) (Version: latest – ppy Pty Ltd)

Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment)

PS Remote Play (HKLM-x32…{899B5915-9704-4267-9768-0C1CC59D9B46}) (Version: 4.1.0.04020 – Your Company Name)

PureRef (HKLM-x32…PureRef) (Version: 1.11.1 – Idyllic Pixel)

Razer Synapse (HKLM-x32…Razer Synapse) (Version: 3.6.1018.101823 – Razer Inc.)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8393 – Realtek Semiconductor Corp.)

Rokoko Motion Library – Maya 2020.2 (HKLM…Rokoko Motion Library 1.1.0) (Version: 1.1.0 – Rokoko)

Rokoko Motion Library (HKLM…{C301E810-4D70-40DF-92FC-04F113E778AF}) (Version: 1.1.0 – Rokoko) Hidden

SimCity (HKLM-x32…{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 – Electronic Arts)

Sound Blaster Z-Series (HKLM-x32…{B2C527EF-4F7B-405A-ADB4-89B432891FF2}) (Version: 1.00.28 – Creative Technology Limited)

Sound Blaster Z-Series Extras (HKLM-x32…{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 – Creative Technology Limited)

Spotify (HKUS-1-5-21-1416734907-1124332706-3289978317-1001…Spotify) (Version: 1.1.70.610.g4585142b – Spotify AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Substance in 3ds Max 2021 (HKLM…{9292BE37-96B0-473E-8502-675FCC31D13F}) (Version: 2.3.1 – Allegorithmic)

Substance in Maya 2020-2.1.2 (HKLM…{47209805-a05c-4af2-b34b-459745022023}_is1) (Version: 2.1.2 – Adobe)

The Sims 4 (HKLM-x32…{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.76.81.1020 – Electronic Arts Inc.)

Toolkit (HKLM-x32…Toolkit) (Version: 1.24.0.34 – Seagate)

Unity (HKLM-x32…Unity) (Version: 2020.2.3f1 – Unity Technologies ApS)

Unity Hub 2.4.2 (HKLM…{Unity Technologies – Hub}) (Version: 2.4.2 – Unity Technologies Inc.)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 – Microsoft Corporation) Hidden

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 – Microsoft Corporation)

Visual Studio Community 2019 (HKLM-x32…324a18a5) (Version: 16.1.29009.5 – Microsoft Corporation)

VLC media player (HKLM…VLC media player) (Version: 3.0.8 – VideoLAN)

vs_filehandler_amd64 (HKLM-x32…{EF43D2AE-EE51-41C3-BCA0-C5E79023B217}) (Version: 16.1.28811 – Microsoft Corporation) Hidden

vs_filehandler_x86 (HKLM-x32…{5AABBDCD-ED5D-4AFD-8432-847DD87F8E4C}) (Version: 16.1.28811 – Microsoft Corporation) Hidden

vs_FileTracker_Singleton (HKLM-x32…{F08DA172-0777-40C6-A8BA-D0F314560BEE}) (Version: 16.0.28518 – Microsoft Corporation) Hidden

vs_minshellmsi (HKLM-x32…{762B3E50-3B79-4D88-B115-97513CCE8CDB}) (Version: 16.1.28811 – Microsoft Corporation) Hidden

vs_minshellmsires (HKLM-x32…{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 – Microsoft Corporation) Hidden

Windows Driver Package – Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM…142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 – Graphics Tablet)

WTFast 4.0 (HKLM-x32…{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.7.692 – Initex & AAA Internet Publishing)

ZBrush 2021.7.1 Updater (HKLM…ZBrush 2021 2021) (Version: 2021.7.1 – Pixologic)

 

Packages:

=========

HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-28] (HP Inc.)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-25] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-25] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Studios) [MS Ad]

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-10-26] (Realtek Semiconductor Corp)

Sound Blaster Connect -> C:Program FilesWindowsAppsCreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 [2021-05-06] (Creative Technology Ltd.)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{073CB204-6B29-46FC-AB98-451F1D068741}InprocServer32 -> C:Program FilesAutodesk3ds Max 2021Inventor ServerBinTestServer.dll => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersmelisAppDataLocalMicrosoftTeamsMeetingAddin1.0.21161.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}InprocServer32 -> C:UsersmelisAppDataLocalGrammarlyGrammarly for Microsoft Office Suite6.8.26115342BDBE8GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{2F81B25E-7507-4844-BFF2-77D2CC24CED4}localserver32 -> “C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe” -ToastActivated => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{4BE56754-B616-4998-B825-D16983AEE1B2}InprocServer32 -> C:UsersmelisAppDataLocalGrammarlyGrammarly for Microsoft Office Suite6.8.26115342BDBE8Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{75f92b33-bbaa-b4b4-04ac-a7c07959e5a66}InprocServer32 -> 0x3C30F8B43E9BD5015C7EF8B43E9BD501010000000100000000000000 => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}InprocServer32 -> C:Program FilesAutodesk3ds Max 2020addflow4.ocx => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{8C23B656-4E6E-4B45-9920-9617168D39A3}InprocServer32 -> C:Program FilesAutodesk3ds Max 2021Inventor ServerBinTestServer.dll => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{9486aaf1-0930-362a-962d-8e6908739c817}InprocServer32 -> 0x42DD013EB198D5015F5BF6B43E9BD501030000001600000000000000 => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersmelisAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll => No File

CustomCLSID: HKUS-1-5-21-1416734907-1124332706-3289978317-1001_ClassesCLSID{E5B0515D-48D2-4F04-906D-0192ED65A2DD}InprocServer32 -> C:Program FilesAutodesk3ds Max 2021Inventor ServerBinTestServer.dll => No File

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-10-21] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2021-03-11] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-10-21] (Malwarebytes Corporation -> Malwarebytes)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [vidc.VP60] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

HKLM…Drivers32: [vidc.VP61] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2019-08-23 16:10 – 2005-07-18 13:43 – 000160256 _____ () [File not signed] C:Program Files (x86)MSILive Updateunrar.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoFoundation.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoJSON.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNet.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNetSSLWin.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoUtil.dll

2021-09-24 11:03 – 2021-09-24 11:03 – 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoXML.dll

2019-05-25 17:21 – 2009-03-18 16:00 – 000151552 _____ (Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeShareDLLCADICTCadiEP.dll

2014-07-03 11:22 – 2014-07-03 11:22 – 000555008 _____ (Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeSound Blaster Z-SeriesSound Blaster Z-Series Control PanelCTAudEp.dll

2011-09-16 11:04 – 2011-09-16 11:04 – 000238080 _____ (Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeSound Blaster Z-SeriesSound Blaster Z-Series Control PanelCTLoadRs.dll

2013-02-27 05:29 – 2013-02-27 05:29 – 000251904 _____ (Creative Technology Ltd) [File not signed] C:Program Files (x86)CreativeSound Blaster Z-SeriesSound Blaster Z-Series Control PanelHKDetect.dll

2020-06-06 20:49 – 2020-09-08 10:59 – 000221184 _____ (Graphics Tablet) [File not signed] C:WINDOWSsystem32wintab32.dll

2018-01-22 15:44 – 2018-01-22 15:44 – 000349696 _____ (Intel® Corporation) [File not signed] C:Windowssystem32NCS2Setp.dll

2021-07-04 04:08 – 2020-03-16 15:05 – 001282048 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] E:Program Files (x86)OriginLIBEAY32.dll

2021-07-04 04:08 – 2020-03-16 15:06 – 000279040 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] E:Program Files (x86)Originssleay32.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 001611264 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)Originplatformsqwindows.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 005487104 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5Core.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 005841920 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5Gui.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 001179136 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5Network.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 000146432 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5WebSockets.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 005089792 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5Widgets.dll

2021-07-04 04:08 – 2020-02-01 11:13 – 000184832 _____ (The Qt Company Ltd) [File not signed] E:Program Files (x86)OriginQt5Xml.dll

2019-05-25 16:14 – 2016-02-01 12:17 – 000388096 _____ (WTFast) [File not signed] C:Program Files (x86)WTFastWTFastEngine.dll

2019-05-25 16:14 – 2016-02-01 12:17 – 000425472 _____ (WTFast) [File not signed] C:Program Files (x86)WTFastwtfpathfinder.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:UsersmelisAppDataLocalTemp:com.affinity.publisher.2 [240]

AlternateDataStreams: C:UsersmelisAppDataLocalTemp:com.affinity.publisher.3 [197]

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141

HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKUS-1-5-19SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKUS-1-5-20SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896

HKUS-1-5-21-1416734907-1124332706-3289978317-1001SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKUS-1-5-21-1416734907-1124332706-3289978317-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKUS-1-5-21-1416734907-1124332706-3289978317-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp//files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp//files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-1416734907-1124332706-3289978317-1001…sharepoint.com -> hxxps://fifecol-files.sharepoint.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2017-09-29 14:46 – 2017-09-29 14:44 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> C:Program FilesNVIDIA GPU Computing ToolkitCUDAv10.1bin;C:Program FilesNVIDIA GPU Computing ToolkitCUDAv10.1libnvvp;C:Program Files (x86)Razer Chroma SDKbin;C:Program FilesRazer Chroma SDKbin;C:Program Files (x86)Common FilesIntelShared Librariesredistintel64compiler;C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsApps;C:Program FilesCommon FilesAutodesk Shared;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program FilesMicrosoft SQL Server120ToolsBinn;C:Program FilesNVIDIA CorporationNsight Compute 2019.3.0;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-1416734907-1124332706-3289978317-1001Control PanelDesktopWallpaper -> C:UsersmelisAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper

DNS Servers: 192.168.0.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun32: => “Live Update”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…StartupApprovedRun: => “SurfEasy”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…StartupApprovedRun: => “Steam”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…StartupApprovedRun: => “Spotify”

HKUS-1-5-21-1416734907-1124332706-3289978317-1001…StartupApprovedRun: => “com.squirrel.Teams.Teams”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{5AA49FB9-D7D4-4192-9546-BE6D3F9C0D20}] => (Allow) C:Program FilesSoftware2AppsAnywhereAppsAnywhere.exe => No File

FirewallRules: [{67928BBD-4C92-4BE7-9012-9C91E38CCD9A}] => (Allow) C:Program FilesSoftware2AppsAnywhereAppsAnywhere.exe => No File

FirewallRules: [{3A294454-14BE-4230-8843-007FE6EB30DD}] => (Allow) E:Program Files (x86)SteamsteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)

FirewallRules: [{EE39DA35-C103-410E-B280-D81733962364}] => (Allow) E:Program Files (x86)SteamsteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)

FirewallRules: [{7A056C09-CCBF-4A42-AD3A-FC2BBBC9F55A}] => (Allow) E:Program Files (x86)SteamsteamappscommonPortalhl2.exe (Valve -> )

FirewallRules: [{20BDFA6A-1A89-4457-BC94-0533FBBC9B99}] => (Allow) E:Program Files (x86)SteamsteamappscommonPortalhl2.exe (Valve -> )

FirewallRules: [{E5BF92AB-5E6E-42F4-AE7E-884FCB58C2E3}] => (Allow) E:Program Files (x86)SteamsteamappscommonPlagueIncPlagueIncEvolved.exe () [File not signed]

FirewallRules: [{B9E69E6C-C86B-40C5-A371-545125927B31}] => (Allow) E:Program Files (x86)SteamsteamappscommonPlagueIncPlagueIncEvolved.exe () [File not signed]

FirewallRules: [{620D5BB6-B0DC-47A6-8104-2AC83AF87771}] => (Allow) E:Program Files (x86)SteamsteamappscommonPortal 2portal2.exe () [File not signed]

FirewallRules: [{748D6C39-8665-405A-AA7D-89BC5A067F55}] => (Allow) E:Program Files (x86)SteamsteamappscommonPortal 2portal2.exe () [File not signed]

FirewallRules: [{89C496CB-CB85-4371-B081-63A6DDF12469}] => (Allow) E:Program Files (x86)SteamsteamappscommonBio Inc. RedemptionBioIncRedemption.exe () [File not signed]

FirewallRules: [{B5D7A9D5-F8CC-4E55-8A82-AB911199B229}] => (Allow) E:Program Files (x86)SteamsteamappscommonBio Inc. RedemptionBioIncRedemption.exe () [File not signed]

FirewallRules: [{F715D3AC-56AE-4FFF-BD92-1544065ED70F}] => (Block) C:program filesallegorithmicsubstance paintersubstance painter.exe (Allegorithmic, SAS -> Allegorithmic)

FirewallRules: [{32787A03-86C7-4A85-9166-444D19CA5ABB}] => (Block) C:program filesallegorithmicsubstance paintersubstance painter.exe (Allegorithmic, SAS -> Allegorithmic)

FirewallRules: [UDP Query User{207A55AD-9861-4A73-B6D8-2378AB9350BE}C:program filesallegorithmicsubstance paintersubstance painter.exe] => (Allow) C:program filesallegorithmicsubstance paintersubstance painter.exe (Allegorithmic, SAS -> Allegorithmic)

FirewallRules: [TCP Query User{9110586A-00C9-48CD-BE23-F27A01497AC7}C:program filesallegorithmicsubstance paintersubstance painter.exe] => (Allow) C:program filesallegorithmicsubstance paintersubstance painter.exe (Allegorithmic, SAS -> Allegorithmic)

FirewallRules: [{FB9979D1-398E-4A23-931D-CB835D6DCFA2}] => (Block) C:program files (x86)toolkittoolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)

FirewallRules: [{67E3586C-408A-4887-985F-E2576AC4F39B}] => (Block) C:program files (x86)toolkittoolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)

FirewallRules: [UDP Query User{20ADEE83-DDC7-4A13-A98A-D7E02EE163A7}C:program files (x86)toolkittoolkit.exe] => (Allow) C:program files (x86)toolkittoolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)

FirewallRules: [TCP Query User{BC16BAA3-7148-4E8C-96EB-C2A2ADBAD4E6}C:program files (x86)toolkittoolkit.exe] => (Allow) C:program files (x86)toolkittoolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)

FirewallRules: [{4F2F6AD9-47F7-4B34-8A2F-18599497861A}] => (Allow) E:Program Files (x86)SteamsteamappscommonFinal Fantasy 6FF6_Launcher.exe () [File not signed]

FirewallRules: [{06F13342-69B3-4781-B2F9-5986D607A56D}] => (Allow) E:Program Files (x86)SteamsteamappscommonFinal Fantasy 6FF6_Launcher.exe () [File not signed]

FirewallRules: [{A8FD217C-6AE4-4479-9C22-87F195727FA2}] => (Allow) E:Program Files (x86)SteamsteamappscommonFinal Fantasy 6FF6.exe () [File not signed]

FirewallRules: [{B5BFF3BC-9C72-410F-A288-E44CD41E04BE}] => (Allow) E:Program Files (x86)SteamsteamappscommonFinal Fantasy 6FF6.exe () [File not signed]

FirewallRules: [{556E71E7-7096-42A6-A90D-5381EC73F849}] => (Allow) E:Program Files (x86)SteamsteamappscommonXCOM 2BinariesWin64LauncherModLauncherWPF.exe => No File

FirewallRules: [{445003F3-DC6C-436B-9410-D98041BD2CFE}] => (Allow) E:Program Files (x86)SteamsteamappscommonXCOM 2BinariesWin64LauncherModLauncherWPF.exe => No File

FirewallRules: [{9E9B3B44-48A2-426A-9123-DDF13571E8EA}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [{932BC9AE-C92B-4AE5-B414-B27D8EC296CD}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBinTS4.exe => No File

FirewallRules: [{1CE94694-77DD-429A-982B-0012B2BBAF03}] => (Allow) E:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{5195A9E9-DBD3-4E3F-BED9-A09E2815E14D}] => (Allow) E:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [UDP Query User{648B7585-8A0F-402C-9605-3D5CA6E6E1FB}C:usersmelisappdataroamingspotifyspotify.exe] => (Allow) C:usersmelisappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{19B961AE-3341-4AD9-B919-0937C6403592}C:usersmelisappdataroamingspotifyspotify.exe] => (Allow) C:usersmelisappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{36228959-DA3D-4A9B-ACA5-36D42B724E00}C:program files (x86)norton secure vpnclientnorton secure vpn.exe] => (Allow) C:program files (x86)norton secure vpnclientnorton secure vpn.exe => No File

FirewallRules: [TCP Query User{F0B1B108-2FA0-4E34-B868-9C9A070CFC11}C:program files (x86)norton secure vpnclientnorton secure vpn.exe] => (Allow) C:program files (x86)norton secure vpnclientnorton secure vpn.exe => No File

FirewallRules: [{1FC0146E-69F8-4554-96E0-A472FAEE830A}] => (Allow) E:Program Files (x86)SteamsteamappscommonUndertaleUNDERTALE.exe (Toby Fox) [File not signed]

FirewallRules: [{730E81D7-DE5E-4273-9492-BAB9B60A731D}] => (Allow) E:Program Files (x86)SteamsteamappscommonUndertaleUNDERTALE.exe (Toby Fox) [File not signed]

FirewallRules: [{699A7B64-EFAF-4695-BCF5-C40D27C727E4}] => (Allow) E:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [{8E0296D8-649A-4013-BEF2-14E132910B6C}] => (Allow) E:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [{0BE4E8F3-70DF-488C-8688-F68AF44E16D1}] => (Allow) E:Program Files (x86)SteamsteamappscommonLeft 4 Dead 2left4dead2.exe () [File not signed]

FirewallRules: [{EFD60596-696B-467B-BF16-A63E2D6953ED}] => (Allow) E:Program Files (x86)SteamsteamappscommonLeft 4 Dead 2left4dead2.exe () [File not signed]

FirewallRules: [{C0C4597B-F375-45E3-918D-59DF7EFE187F}] => (Allow) E:Program Files (x86)Steamsteamappscommonleft 4 deadleft4dead.exe () [File not signed]

FirewallRules: [{C91A4666-CC16-4F9E-89EE-7D00A6CD15BF}] => (Allow) E:Program Files (x86)Steamsteamappscommonleft 4 deadleft4dead.exe () [File not signed]

FirewallRules: [{27C01063-3CC2-4527-9361-A99239B67236}] => (Allow) E:Program Files (x86)SteamsteamappscommonHatoful Boyfriendhatoful.exe () [File not signed]

FirewallRules: [{396EA7C1-2351-46B1-8037-838182C0D4A6}] => (Allow) E:Program Files (x86)SteamsteamappscommonHatoful Boyfriendhatoful.exe () [File not signed]

FirewallRules: [{D22B53B7-456E-4B03-B556-B1637326E707}] => (Allow) E:Program Files (x86)SteamsteamappscommonDream Daddyddadds.exe () [File not signed]

FirewallRules: [{2FAFB156-3DB5-43E9-A250-78355380B07B}] => (Allow) E:Program Files (x86)SteamsteamappscommonDream Daddyddadds.exe () [File not signed]

FirewallRules: [{48041243-1977-462C-9948-71B4AC794CF0}] => (Allow) E:Program Files (x86)SteamsteamappscommonBayonettaBayonetta.exe () [File not signed]

FirewallRules: [{45F71943-420C-43E1-B0D7-453C33E00ED4}] => (Allow) E:Program Files (x86)SteamsteamappscommonBayonettaBayonetta.exe () [File not signed]

FirewallRules: [{A8447828-1DA6-4DF0-A7CB-F8313742B994}] => (Allow) E:Program Files (x86)SteamsteamappscommonAge2HDLauncher.exe (TODO: <Company name>) [File not signed]

FirewallRules: [{F44C5432-1455-41E3-9423-9744974417C1}] => (Allow) E:Program Files (x86)SteamsteamappscommonAge2HDLauncher.exe (TODO: <Company name>) [File not signed]

FirewallRules: [{33F4D809-077F-4977-8C00-FD6B5D7B08D5}] => (Allow) E:Program Files (x86)Origin GamesSimCitySimCitySimCity.exe (Electronic Arts -> Electronic Arts Inc.)

FirewallRules: [{58360B81-1D2B-4003-BE80-6091F4480D8A}] => (Allow) E:Program Files (x86)Origin GamesSimCitySimCitySimCity.exe (Electronic Arts -> Electronic Arts Inc.)

FirewallRules: [{5183BC68-D0CF-4343-AEB7-7F6D9AAEC3BA}] => (Allow) E:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{E6EDD017-9770-4998-80C0-8B53F9EC2AFE}] => (Allow) E:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{EB3B8B18-370D-4674-9164-8C0BAB3D8DA9}] => (Allow) E:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{055DD164-81A1-4EF0-B0B2-5EB2BC651BCA}] => (Allow) E:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{C2755B6D-7FDC-4FFA-902D-6B7CDAB37897}] => (Allow) E:Program Files (x86)bincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{87965DF0-E298-45CF-8E93-4BDE13E52D3B}] => (Allow) E:Program Files (x86)bincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{5CB3FCF0-978E-43B2-8BCE-4F9DD7911870}] => (Allow) E:Program Files (x86)Steam.exe => No File

FirewallRules: [{1D6CBAB7-FF1C-4A8B-8B8D-20931FBEB9B5}] => (Allow) E:Program Files (x86)Steam.exe => No File

FirewallRules: [{3F9F6C1E-015A-49BF-8141-56892CA11782}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{0027EDF2-23E4-48F9-A335-C12E62281D24}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{BEED1264-4B78-4F14-8E71-B2E43D700443}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{FD22A015-233F-48DB-92E7-CE652F49B5A9}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{9270CCEB-926A-4F0B-ACF4-5D1D156B01AC}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{D5142E7E-4C49-4670-B7A5-7833CCB52EEE}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{3D51B7F9-C889-42F7-90CD-B7FA1402A3CF}] => (Allow) C:Program Files (x86)WTFastWTFast.exe (AAA Internet Publishing, Inc. -> AAA Internet Publishing, Inc.)

FirewallRules: [{3C211723-BFD2-4EB2-9823-E8F1ACEF13A3}] => (Allow) E:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]

FirewallRules: [{567E8795-F77C-4EEC-AE90-8913A9238A90}] => (Allow) E:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]

FirewallRules: [{C7F47BA5-9C52-4BBD-BDEF-8EF95FD02C0F}] => (Allow) E:Program Files (x86)Steamsteamappscommondont_starvebindontstarve_steam.exe () [File not signed]

FirewallRules: [{D06C8D36-B510-4364-A98B-CBBE555E1337}] => (Allow) E:Program Files (x86)Steamsteamappscommondont_starvebindontstarve_steam.exe () [File not signed]

FirewallRules: [{5FD0B580-A2D0-4AC4-88D7-4A03AAE3CADA}] => (Allow) C:Program FilesUnity HubUnity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [{9CB79AEC-F4C5-46CE-8E2B-3ECE0978AFE5}] => (Allow) C:Program FilesUnityHubEditor2020.2.3f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [{B2A1E36E-FA08-44EB-8EE4-205F465B18E7}] => (Block) C:Program FilesUnityHubEditor2020.2.3f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [{0FF4819D-ACA9-4376-94BA-06D7C7EB0355}] => (Allow) E:Program Files (x86)SteamsteamappscommonTown of SalemTownOfSalem.exe () [File not signed]

FirewallRules: [{986A0B9A-7980-451F-9A58-597A6403B393}] => (Allow) E:Program Files (x86)SteamsteamappscommonTown of SalemTownOfSalem.exe () [File not signed]

FirewallRules: [TCP Query User{713FE92B-841A-48A4-8342-40580B667AD2}C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{33F09065-8109-4412-9C8D-18ADCBC21275}C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{232AE0BE-7D66-428D-93B4-284252D9EB77}] => (Block) C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B38B454B-4E18-4B92-8E1E-1ABA8715E6FD}] => (Block) C:usersmelisappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{FB94F8BE-48F1-49D9-8BB7-A1EDC81DF590}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveResolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [{E324292C-AB60-45EE-9340-B32FEFD11F11}] => (Allow) C:Program FilesBlackmagic DesignDaVinci Resolvebmdpaneld.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [{2D35DB8C-F974-4CB6-90E8-65781C364C45}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveDaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [{F0F9056D-BFB0-42AE-BE52-6E12F6E635DE}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveJLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [{125D37A3-2CD7-4572-80D0-7C4BD732C772}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveEuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [{9810C866-CA32-41FE-BAA8-8E9859D451DA}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveTangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [{A5BBD0DC-413A-497B-AFF1-8B7000898372}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveElementsPanelDaemon.exe => No File

FirewallRules: [{D7C998EB-945C-423F-9289-F286C1B178A1}] => (Allow) C:Program FilesBlackmagic DesignDaVinci Resolvefuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [{D6974EB9-4C73-4FD6-83E4-430FAD3217DE}] => (Allow) C:Program FilesBlackmagic DesignDaVinci ResolveDPDecoder.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [TCP Query User{9103B60C-DFCF-4EB1-A3DB-BBF02F4F6F24}C:program files (x86)googlechromeapplicationchrome.exe.exe] => (Allow) C:program files (x86)googlechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [UDP Query User{3E54B44F-455E-4A77-B289-B1D29E9E0447}C:program files (x86)googlechromeapplicationchrome.exe.exe] => (Allow) C:program files (x86)googlechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{C81CB92B-8ED5-4196-A7BF-4645AB01E953}] => (Block) C:program files (x86)googlechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{E1B327EA-53E4-4132-A3B5-65FC42017AE3}] => (Block) C:program files (x86)googlechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{2124FD04-A3DB-450A-8EEC-8F8276F10625}E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [UDP Query User{43C0648B-520C-4DF7-B6BF-0D1F6C3C848B}E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [{F2D001BA-5E16-4B5C-AC4E-7855AAC28949}] => (Block) E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [{713BADEC-58FA-44E5-AE6A-823ABB2749F4}] => (Block) E:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [{31F5BF45-76F8-4FC9-8F52-8D4DCECC5E2E}] => (Allow) E:Program Files (x86)Steamsteamappscommon8BitB8BB.exe () [File not signed]

FirewallRules: [{992DFC7B-353E-4BD6-876E-986F2BFFDE46}] => (Allow) E:Program Files (x86)Steamsteamappscommon8BitB8BB.exe () [File not signed]

FirewallRules: [{98D2EBD2-9085-4547-9EBE-9348FEE0F4C2}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [{8637600D-93E9-42CD-9D81-3F80C472B168}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [{0946DF85-73A5-438A-98E4-AC38892347AE}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [{E94B3915-C908-4ACB-A2C3-8FA05C007106}] => (Allow) E:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [TCP Query User{B2E77E61-A08F-4AD3-BE8A-3A44CD9391B3}E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [UDP Query User{9C99A73C-B4FC-4699-8127-5A50BC5DF73E}E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [{D87FEC59-3C2C-4946-BC52-4F292F95CB8C}] => (Block) E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [{959A3A29-227E-44B9-A99F-423650F6DD14}] => (Block) E:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [TCP Query User{E2FFA84C-A200-431E-978D-D340707E2DD5}C:program filesblackmagic designdavinci resolvedpdecoder.exe] => (Block) C:program filesblackmagic designdavinci resolvedpdecoder.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [UDP Query User{92E4A7B1-B50B-40A7-BF00-8F572DE6D537}C:program filesblackmagic designdavinci resolvedpdecoder.exe] => (Block) C:program filesblackmagic designdavinci resolvedpdecoder.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [TCP Query User{D7D8B52C-9F5E-4EB2-8760-A6CEC3C9AF04}C:program filesblackmagic designdavinci resolveresolve.exe] => (Allow) C:program filesblackmagic designdavinci resolveresolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [UDP Query User{3F450D66-11A8-4455-B1A0-2B623309EC6D}C:program filesblackmagic designdavinci resolveresolve.exe] => (Allow) C:program filesblackmagic designdavinci resolveresolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [TCP Query User{BB5447F4-743E-4976-9FEA-50C859EB3AEF}C:program filesblackmagic designdavinci resolvefuscript.exe] => (Block) C:program filesblackmagic designdavinci resolvefuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [UDP Query User{8704A140-8CD8-41DF-AE36-B6406D7F9D78}C:program filesblackmagic designdavinci resolvefuscript.exe] => (Block) C:program filesblackmagic designdavinci resolvefuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [{976874E2-155E-4383-98DC-76CE4BAD34BF}] => (Allow) E:Program Files (x86)SonyPS Remote PlayRemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)

FirewallRules: [{A765A5A7-0B5F-42F2-9451-B8CF12369370}] => (Allow) E:Program Files (x86)SteamsteamappscommonDELTARUNEdemoDELTARUNE.exe () [File not signed]

FirewallRules: [{6D8D77A8-CAAE-4529-ADC3-EFAA77408AFE}] => (Allow) E:Program Files (x86)SteamsteamappscommonDELTARUNEdemoDELTARUNE.exe () [File not signed]

FirewallRules: [{4F71D3B8-8D69-4E72-814A-908D84C98BD3}] => (Allow) E:Program Files (x86)SteamsteamappscommonDarkestDungeon_windowsDarkest.exe () [File not signed]

FirewallRules: [{91C451F4-4B5A-45D3-867D-2528B41D9533}] => (Allow) E:Program Files (x86)SteamsteamappscommonDarkestDungeon_windowsDarkest.exe () [File not signed]

FirewallRules: [{692F40BD-4457-49D0-BBDF-43C4EDCCA595}] => (Allow) E:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbin64dontstarve_steam_x64.exe () [File not signed]

FirewallRules: [{C978E91C-4CEF-4738-97C7-851FCE797065}] => (Allow) E:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbin64dontstarve_steam_x64.exe () [File not signed]

FirewallRules: [{528E2E81-6084-4B1A-A72D-8C630A8D3278}] => (Allow) E:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe () [File not signed]

FirewallRules: [{FC33C4B2-CBE9-4E53-B70E-A54863266CFE}] => (Allow) E:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe () [File not signed]

FirewallRules: [{9CD38C02-E573-4AB1-909D-D80B9516CEB7}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{177BBA50-A443-445B-B85C-D0145F214170}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication94.0.992.50msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3BA52652-E704-499D-9DBE-7FC93F2E8DCD}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

20-10-2021 03:30:02 Installed Razer Synapse.

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (10/22/2021 03:06:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Razer Synapse Service Process.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 00000000

Stack:

   at Microsoft.Win32.UnsafeNativeMethods.DefWindowProc(IntPtr, Int32, IntPtr, IntPtr)

   at Microsoft.Win32.SystemEvents.WindowProc(IntPtr, Int32, IntPtr, IntPtr)

   at System.Windows.Forms.UnsafeNativeMethods.PeekMessage(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32, Int32)

   at System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)

   at System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)

   at System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)

   at System.Windows.Forms.Application.Run(System.Windows.Forms.Form)

   at Synapse3.UserInteractive.Program.Main()

 

Error: (10/21/2021 07:38:55 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program HxOutlook.exe version 16.0.14326.20504 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

 

Process ID: 535c

 

Start Time: 01d7c6463ed062e9

 

Termination Time: 4294967295

 

Application Path: C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbweHxOutlook.exe

 

Report Id: 159ba5ab-82fb-4bb0-915f-857f7da88756

 

Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: microsoft.windowslive.mail

 

Hang type: Quiesce

 

Error: (10/20/2021 03:35:59 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: RzSynapse.exe, version: 2.21.24.34, time stamp: 0x5ebbe8dd

Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0x027db076

Exception code: 0xc000000d

Fault offset: 0x00104ac4

Faulting process ID: 0x22f8

Faulting application start time: 0x01d7c55abf02d9c8

Faulting application path: C:Program Files (x86)RazerSynapseRzSynapse.exe

Faulting module path: C:WINDOWSSYSTEM32ntdll.dll

Report ID: f7b3fd29-4cfa-48b0-8984-9ea87b2d71c7

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/20/2021 03:35:57 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: RzSynapse.exe, version: 2.21.24.34, time stamp: 0x5ebbe8dd

Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0x027db076

Exception code: 0xc000000d

Fault offset: 0x00104ac4

Faulting process ID: 0x22f8

Faulting application start time: 0x01d7c55abf02d9c8

Faulting application path: C:Program Files (x86)RazerSynapseRzSynapse.exe

Faulting module path: C:WINDOWSSYSTEM32ntdll.dll

Report ID: ff394cee-34c0-43b7-8d06-8b4ec4f28eed

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/20/2021 03:28:08 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.

.

 

 

Operation:

   Executing Asynchronous Operation

 

Context:

   Current State: DoSnapshotSet

 

Error: (10/15/2021 11:47:04 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: WINWORD.EXE, version: 16.0.14430.20270, time stamp: 0x615a0742

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0xc9db1934

Exception code: 0xe0434352

Fault offset: 0x0000000000034f99

Faulting process ID: 0x3fb0

Faulting application start time: 0x01d7c1f73897a955

Faulting application path: C:Program FilesMicrosoft OfficerootOffice16WINWORD.EXE

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report ID: e11160fb-5f6d-41b1-ab0e-fd6176f7ba29

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/15/2021 12:43:11 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0x85e30849

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xe0434352

Fault offset: 0x0012b5b2

Faulting process ID: 0x1ba4

Faulting application start time: 0x01d7c1551c5252ef

Faulting application path: C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report ID: aee50d88-40df-4ba5-b08c-0ec4b0071fec

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/15/2021 12:43:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Razer Synapse 3.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Threading.Tasks.TaskCanceledException

   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(System.Threading.Tasks.Task)

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)

   at System.Windows.Threading.DispatcherOperation.Wait(System.TimeSpan)

   at System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherOperation, System.Threading.CancellationToken, System.TimeSpan)

   at System.Windows.Threading.Dispatcher.Invoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`1<System.__Canon>, System.Windows.Threading.DispatcherPriority, System.Threading.CancellationToken, System.TimeSpan)

   at System.Windows.Threading.Dispatcher.Invoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`1<System.__Canon>)

   at Razer.Synapse3.App+<LaunchUI>d__38.MoveNext()

   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(System.Threading.Tasks.Task)

   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)

   at Razer.Synapse3.App+<_accounts_OnSuccessfulSync>d__63.MoveNext()

   at System.Runtime.CompilerServices.AsyncMethodBuilderCore+<>c.<ThrowAsync>b__6_1(System.Object)

   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)

   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()

   at System.Threading.ThreadPoolWorkQueue.Dispatch()

   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

 

 

System errors:

=============

Error: (10/22/2021 03:06:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Autodesk Desktop Licensing Service service failed to start due to the following error: 

The service did not start due to a logon failure.

 

Error: (10/22/2021 03:06:15 AM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: The AdskLicensingService service was unable to log on as NT AuthorityLocalService with the currently configured password due to the following error: 

The request is not supported.

 

 

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

 

Error: (10/22/2021 03:06:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Autodesk Desktop Licensing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

 

Error: (10/21/2021 10:14:46 AM) (Source: DCOM) (EventID: 10010) (User: SPEEDWAGON)

Description: The server microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe!microsoft.windowslive.mail did not register with DCOM within the required timeout.

 

Error: (10/21/2021 09:58:16 AM) (Source: DCOM) (EventID: 10010) (User: SPEEDWAGON)

Description: The server microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe!microsoft.windowslive.mail did not register with DCOM within the required timeout.

 

Error: (10/21/2021 06:39:16 AM) (Source: disk) (EventID: 7) (User: )

Description: The device, DeviceHarddisk1DR1, has a bad block.

 

Error: (10/21/2021 06:39:13 AM) (Source: disk) (EventID: 7) (User: )

Description: The device, DeviceHarddisk1DR1, has a bad block.

 

Error: (10/21/2021 06:16:24 AM) (Source: disk) (EventID: 7) (User: )

Description: The device, DeviceHarddisk1DR1, has a bad block.

 

 

Windows Defender:

================

Date: 2021-10-21 07:51:24

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Full Scan

 

Date: 2021-10-21 06:17:16

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Full Scan

 

Date: 2021-10-21 01:06:19

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-10-19 18:02:36

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-10-18 17:55:47

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan



CodeIntegrity:

===============

Date: 2021-10-13 19:11:22

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32WWAHost.exe) attempted to load DeviceHarddiskVolume4WindowsSystem32nvspcap64.dll that did not meet the Store signing level requirements.

 

Date: 2021-04-18 01:30:03

Description: 

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32aepic.dll because the set of per-page image hashes could not be found on the system.

 

Date: 2021-04-17 01:18:17

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume4Program FilesNorton SecurityEngine22.21.2.50symamsi.dll that did not meet the Windows signing level requirements.

 

Date: 2021-04-17 01:17:58

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume4Program FilesNorton SecurityEngine22.21.2.50symamsi.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. P1.10 04/19/2018

Motherboard: ASRock X470 Gaming K4

Processor: AMD Ryzen 5 2600 Six-Core Processor 

Percentage of memory in use: 35%

Total physical RAM: 16316.63 MB

Available physical RAM: 10587.97 MB

Total Virtual: 18748.63 MB

Available Virtual: 10489.87 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:446.61 GB) (Free:160.9 GB) NTFS

Drive e: (SSD) (Fixed) (Total:465.76 GB) (Free:323.58 GB) NTFS

Drive f: (HDD) (Fixed) (Total:2047.46 GB) (Free:1993.13 GB) NTFS

Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:832.7 GB) NTFS

 

?Volume{06e850ed-0000-0000-0000-100000000000} (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS

?Volume{4a657201-0000-0000-0000-e0a66f000000} () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 06E850ED)

Partition 1: (Active) – (Size=549 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=2047.5 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 4A657201)

Partition 1: (Not Active) – (Size=446.6 GB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=544 MB) – (Type=27)

 

==========================================================

Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9A2BF3EE)

Partition 1: (Not Active) – (Size=465.8 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 22761551)

Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt =======================

 

[ad_2]

Source link