Thanks for serving to me with this downside, listed below are the logs.
Scan results of Farbar Restoration Scan Software (FRST) (x64) Model: 16-09-2020
Ran by cjshi (administrator) on CALS-PC (Alienware Alienware Aurora R9) (18-09-2020 15:17:21)
Working from C:UserscjshiOneDriveDesktop
Loaded Profiles: cjshi
Platform: Home windows 10 Residence Model 1909 18363.836 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Regular
==================== Processes (Whitelisted) =================
(If an entry is included within the fixlist, the method might be closed. The file won’t be moved.)
(Adobe Inc. -> ) C:Program Information (x86)AdobeAdobe SyncCoreSyncCoreSync.exe
(Adobe Inc. -> Adobe Inc) C:Program Information (x86)Widespread FilesAdobeAdobe Desktop CommonIPCBoxAdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:Program Information (x86)Widespread FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:Program Information (x86)Widespread FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:Program FilesAdobeAdobe Artistic CloudACCCreative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:Program FilesAdobeAdobe Artistic CloudACCCreative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:Program FilesCommon FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Programs Included) C:Program FilesAdobeAdobe Artistic Cloud ExperienceCCXProcess.exe
(Adobe Inc. -> Adobe Programs, Included) C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGMService.exe
(Adobe Inc. -> Adobe Programs, Included) C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGSService.exe
(A-Volute -> Nahimic) C:WindowsSystem32NahimicService.exe
(A-Volute -> Nahimic) C:WindowsSystem32NahimicSvc64.exe
(A-Volute -> Nahimic) C:WindowsSysWOW64NahimicSvc32.exe
(Dell Inc -> ) C:Program Information (x86)Alienware Digital Supply ServicesDell.D3.WinSvc.exe
(Dell Inc -> ) C:Program Information (x86)DellUpdateServiceServiceShell.exe
(Dell Inc -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe
(Dell Inc -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVDataCollector.exe
(Dell Inc -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultDDVRulesProcessor.exe
(Dell Inc -> Dell Applied sciences Inc.) C:Program FilesDellDellDataVaultnvapiw.exe
(Dell Inc. -> Dell Inc.) C:Program FilesDellSupportAssistAgentbinSupportAssistAgent.exe
(Digital Arts, Inc. -> Digital Arts) C:Program Information (x86)OriginOriginWebHelperService.exe
(Google LLC -> Google LLC) C:Program Information (x86)GoogleChromeApplicationchrome.exe <18>
(Google LLC -> Google LLC) C:Program Information (x86)GoogleUpdate1.3.35.452GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Information (x86)GoogleUpdate1.3.35.452GoogleCrashHandler64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_31a8dbbf39dcdc3bjhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorylms.inf_amd64_8a00302ff60aed46LMS.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_f3a64c75ee4defb7igfxCUIService.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_f3a64c75ee4defb7igfxEM.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_1a2608fa3e657f2aIntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiigd_dch.inf_amd64_1a2608fa3e657f2aIntelCpHeciSvc.exe
(Intel® Speedy Storage Expertise -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiastorac.inf_amd64_ecb9604542bb4ba6RstMwService.exe
(Magic Management Expertise Corp. -> ) C:WindowsSystem32mlpatch.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorservicehost.exe
(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisoruihost.exe
(Microsoft Company -> Microsoft Company) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Company -> Microsoft Company) C:UserscjshiAppDataLocalMicrosoftOneDrive20.143.0716.0003FileCoAuth.exe
(Microsoft Company -> Microsoft Company) C:UserscjshiAppDataLocalMicrosoftOneDriveOneDrive.exe
(Microsoft Company -> Microsoft Company) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32CastSrv.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe <3>
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32rundll32.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32smartscreen.exe
(Microsoft Home windows {Hardware} Compatibility Writer -> Home windows ® Win 7 DDK supplier) C:WindowsSystem32driversAdminService.exe
(Node.js Basis -> Node.js) C:Program FilesAdobeAdobe Artistic Cloud Experiencelibsnode.exe
(NVIDIA Company -> Node.js) C:Program Information (x86)NVIDIA CorporationNvNodeNVIDIA Internet Helper.exe
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(NVIDIA Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe
(NVIDIA Company -> NVIDIA Company) C:WindowsSystem32DriverStoreFileRepositorynvddi.inf_amd64_afaf8d9a55376d3cDisplay.NvContainerNVDisplay.Container.exe <2>
(PC-Physician, Inc. -> PC-Physician, Inc.) C:Program FilesDellSupportAssistAgentPCDrSupportAssist6.0.7193.518DSAPI.exe
(Qualcomm Atheros -> Qualcomm Applied sciences Inc.) C:WindowsSystem32driversQcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>
(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerKAPS.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerxTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:WindowsSystem32driversRivetNetworksKillerKAPSService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:WindowsSystem32driversRivetNetworksKillerxTendUtilityService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included within the fixlist, the registry merchandise might be restored to default or eliminated. The file won’t be moved.)
HKLM…Run: [RtkAudUService] => C:WindowsSystem32RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [AlienwareMobileConnectWelcome] => C:Program FilesAlienwareAlienwareMobileConnectDriversAlienwareMobileConnectWelcome.exe [447232 2019-06-20] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Applied sciences Ltd.)
HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [353776 2020-07-30] (Riot Video games, Inc. -> Riot Video games, Inc.)
HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Programs, Included)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Information (x86)Widespread FilesJavaJava Updatejusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Company)
HKLM-x32…Run: [Wondershare Helper Compact.exe] => C:Program Information (x86)Widespread FilesWondershareWondershare Helper CompactWSHelper.exe [2133728 2017-09-12] (Wondershare Expertise Co.,Ltd -> Wondershare)
HKLM-x32…Run: [Adobe Creative Cloud] => C:Program FilesAdobeAdobe Artistic CloudACCCreative Cloud.exe [2091064 2020-09-18] (Adobe Inc. -> Adobe Inc.)
HKLM-x32…Run: [Adobe CCXProcess] => C:Program Information (x86)AdobeAdobe Artistic Cloud ExperienceCCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [Steam] => C:Program Information (x86)Steamsteam.exe [3395360 2020-09-03] (Valve -> Valve Company)
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [Discord] => C:UserscjshiAppDataLocalDiscordapp-0.0.307Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [Gif Your Game] => C:UserscjshiAppDataLocalProgramsbadpanda-reactGif Your Recreation.exe [92353480 2020-09-04] (Unhealthy Panda, Inc. -> Unhealthy Panda, Inc.)
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [EpicGamesLauncher] => C:Program Information (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [32406416 2020-08-13] (Epic Video games Inc. -> Epic Video games, Inc.)
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [BakkesMod] => “C:UserscjshiOneDriveDesktopBakkesMod.exe”
HKUS-1-5-21-184074726-1042131089-445855423-1001…Run: [Chromium] => “c:userscjshiappdatalocalchromiumapplicationchrome.exe” –auto-launch-at-startup –profile-directory=”Default” –restore-last-session
HKUS-1-5-18…Policiessystem: [DisableLockWorkstation] 0
HKLM…PrintMonitorsHP C611 Standing Monitor: C:Windowssystem32hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLMSoftwareMicrosoftActive SetupInstalled Elements: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Information (x86)GoogleChromeApplication85.0.4183.102Installerchrmstp.exe [2020-09-10] (Google LLC -> Google LLC)
Startup: C:UserscjshiAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTwitch.lnk [2020-06-24]
ShortcutTarget: Twitch.lnk -> C:UserscjshiAppDataRoamingTwitchBinTwitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
==================== Scheduled Duties (Whitelisted) ============
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
Job: {063c592b-d3cf-4efa-9dd5-a29ed2d4e1da} – no filepath
Job: {0cbaad60-ad23-433d-8a15-40c39df4c311} – no filepath
Job: {0dd891fa-c772-4585-9c0e-7000362ef02d} – no filepath
Job: {0f7e2e40-2ba7-4f27-9036-cfd4ca88702a} – no filepath
Job: {1015476b-e272-41da-88fa-88001dd1973c} – no filepath
Job: {10B73BB6-4052-4C10-8909-1502E88CEDEE} – System32TasksNahimicTask32 => C:Windowssystem32..SysWOW64NahimicSvc32.exe [787696 2019-05-28] (A-Volute -> Nahimic)
Job: {121bc1fd-0852-41e2-856e-26d7f3fb30d1} – no filepath
Job: {1340cbdf-087c-4523-bd04-c7202c872d3a} – no filepath
Job: {14B6105F-4666-497C-9649-A5FCBB4E1A4C} – System32TasksNahimicTask64 => C:Windowssystem32.NahimicSvc64.exe [1057016 2019-05-28] (A-Volute -> Nahimic)
Job: {1579cf68-814e-4a0f-833b-be91ba4e02cc} – no filepath
Job: {164e6a3a-9d92-41fd-b842-49ca7298546b} – no filepath
Job: {1e6d14c3-20bc-40f1-a809-fa7ce595b678} – no filepath
Job: {1ED22B78-CF35-4069-A3EF-787BC2D65144} – System32TasksMicrosoftOfficeOffice Computerized Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Company -> Microsoft Company)
Job: {27321d8d-c7f9-4227-b8cf-68d9886795c7} – no filepath
Job: {288d6e80-7546-486a-b7fe-86fa3cd95de7} – no filepath
Job: {2a906d0d-b3db-489c-8dda-52509dde7c32} – no filepath
Job: {2D30E53B-4112-4255-BAF9-F3FF414FD05A} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Information (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {2df7af67-0bd9-463a-b862-da80b0d2a3d0} – no filepath
Job: {34A99EC1-E544-4403-9756-78AB1399E249} – System32TasksNahimicSvc32Run => C:WindowsSysWOW64NahimicSvc32.exe [787696 2019-05-28] (A-Volute -> Nahimic)
Job: {363f0de8-2f27-40ea-833e-e3bf1516404b} – no filepath
Job: {38d69a31-884f-4e01-b8a8-46bc85480275} – no filepath
Job: {3B2131EA-65DD-4361-8FD8-08E0F4385E67} – System32TasksAdobeGCInvoker-1.0 => C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Programs, Included)
Job: {3ed67ad6-b124-4fe8-8ebd-9217a98844d0} – no filepath
Job: {3f7a1b70-3df4-4149-94ca-dba5ab70ad81} – no filepath
Job: {420ef4c9-cbac-41f9-8fd3-05c8f2fd75ed} – no filepath
Job: {43351EA4-FA1A-4F97-9028-5CC076F1A247} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1130480 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {43ee7a56-9fa4-4656-9736-2bc105e07edb} – no filepath
Job: {44ec6f74-db25-493f-b452-9384634f2f0a} – no filepath
Job: {46277357-4732-4528-b07b-3553bf8d1777} – no filepath
Job: {46EFC686-C193-4086-BB37-81167162FD19} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [782136 2019-03-06] (NVIDIA Company -> NVIDIA Company)
Job: {4858e186-c1a0-4948-aa03-ccd9c2b62b76} – no filepath
Job: {4A381DB2-A5DF-4C52-8EE3-A88449865ABE} – System32TasksGoogleUpdateTaskMachineCore => C:Program Information (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-01-01] (Google LLC -> Google LLC)
Job: {4da1a14c-192f-4a85-81af-1fefb66c9779} – no filepath
Job: {4f3f3867-8f2b-4184-874d-519375571807} – no filepath
Job: {519aa680-8249-4534-a95d-cc501aad3985} – no filepath
Job: {5281a403-9328-4b34-b872-d9f5fbd8f4f0} – no filepath
Job: {542995c5-f588-4a7c-a308-7da3ce586d04} – no filepath
Job: {54C25369-620C-49B1-9720-EAFFF9DF334E} – System32TasksNVIDIA GeForce Expertise SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Expertise.exe [3788144 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {58e0cfda-5801-4177-b5fa-6023a64242ed} – no filepath
Job: {5c5754c5-b3c1-497d-bf1f-963717903860} – no filepath
Job: {5dde40dc-9add-4de4-aaaa-14afd19e4984} – no filepath
Job: {651ED5E6-E445-4316-9383-A0CECC999AF9} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Company -> Microsoft Company)
Job: {655e0faa-6991-4fa3-a77f-7459a12f72d0} – no filepath
Job: {6c7e303e-60b7-44c5-8661-a549a2cf8b6d} – no filepath
Job: {6F45B8B3-99B3-448A-926A-E87F22D8BE07} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1130480 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {7142f404-2420-4fd9-9842-604f56bec75b} – no filepath
Job: {717631a0-fc6e-40a3-90d5-5c6ca27e7c1d} – no filepath
Job: {720adc65-bd95-4622-8e10-04a26926b95a} – no filepath
Job: {728f5ddf-bc70-40e1-9b1a-4071f57303f9} – no filepath
Job: {761bfd46-187a-4431-9d1b-a322022fb79a} – no filepath
Job: {7afa736b-6047-4944-9ab9-1cd15e8e20a6} – no filepath
Job: {7c9e0653-e0a3-4f42-b24e-1e8a52d9faed} – no filepath
Job: {8276369E-7C53-4491-A3B8-8260F43BE5A6} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {82e9f832-4084-4074-8ff9-5ef937947c0e} – no filepath
Job: {852d07e5-0471-46d1-a983-ea3369f5bf21} – no filepath
Job: {859f7402-46e0-4b35-a9d0-bde04cf75e9d} – no filepath
Job: {89A06BA4-1DC7-45B9-BC2C-B6FFCEE743CF} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1130480 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {89bc7a9d-0734-4946-ae27-ad702222bcb6} – no filepath
Job: {8a4bd1c6-3b4f-4dd9-84cc-7b9b64bc9f57} – no filepath
Job: {8d3d80af-be2c-4135-a204-9c0ba13998cf} – no filepath
Job: {8e036aea-05db-4afc-a907-9240ea49405b} – no filepath
Job: {8e9fea5e-bf8c-4f80-99cd-a43ce2f2cf0e} – no filepath
Job: {90344067-fc65-45bd-ab5c-334c6d998fcb} – no filepath
Job: {9127eec0-899e-4dbd-8c6f-bc2d61304f4b} – no filepath
Job: {91c860ba-3f72-4f7e-ab3c-7ed6031b599b} – no filepath
Job: {94b37267-ad7b-4781-8eb9-3d8034b6a2b4} – no filepath
Job: {9d3f106c-0187-45c5-9785-8dc3c9cfb7ac} – no filepath
Job: {a0d0372a-fcbe-44ac-abcc-ba898fe1719b} – no filepath
Job: {a1db839b-5c32-41e8-acf4-175d145b0570} – no filepath
Job: {A217D7CB-8C5D-4B2E-9E65-12AC2DF4D89F} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {a3b7b92a-ffb3-4185-8c02-0486422cd53a} – no filepath
Job: {a65dc093-9588-4e4f-8adf-b52995c3cd47} – no filepath
Job: {a79a060f-e236-43f6-8271-0f11e42a701f} – no filepath
Job: {a8856ddc-0f77-4c44-8f78-030386a8ff0b} – no filepath
Job: {a88b3be5-3ef4-45b9-ba2d-26323d56248f} – no filepath
Job: {ad97adcb-9ab0-4749-a520-ffd56e4f911d} – no filepath
Job: {b2389042-31fd-4786-bbea-8fd32fd402a6} – no filepath
Job: {b2fec080-cd9b-46f5-a247-cfe985a8ba59} – no filepath
Job: {bb792ad1-3ef5-4f43-b3c0-2bbb29e65311} – no filepath
Job: {bbccd977-d745-4ef5-8397-59cce9e1b4cc} – no filepath
Job: {BD21D5C1-E468-4D73-BD4A-015BF011C280} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1130480 2019-06-18] (NVIDIA Company -> NVIDIA Company)
Job: {bd7cd660-4581-4322-957e-14a64aabdc1f} – no filepath
Job: {BF127C8E-2626-49DC-8120-80384C159C49} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [782136 2019-03-06] (NVIDIA Company -> NVIDIA Company)
Job: {C10F2940-D5D0-4F31-A1C4-6C85438EF5DA} – System32TasksGoogleUpdateTaskMachineUA => C:Program Information (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-01-01] (Google LLC -> Google LLC)
Job: {c2ff20fc-a30f-4f17-8104-46533990ab5a} – no filepath
Job: {c4659213-f0b2-4d1c-b69e-4d0b6ab74874} – no filepath
Job: {c492a307-0b53-46a9-803e-3c9021796129} – no filepath
Job: {C7EE9A4C-E665-423D-8A87-37CEB965E50C} – System32TasksDell SupportAssistAgent AutoUpdate => C:Program FilesDellSupportAssistAgentbinSupportAssistInstaller.exe [1045976 2020-07-06] (Dell Inc. -> Dell Inc.)
Job: {caa6b632-5464-4085-bb88-3eb01af54199} – no filepath
Job: {cbecea2c-803b-40fd-9a9a-65cb4f473b16} – no filepath
Job: {cd15d2a9-62be-4721-96f0-d9cd6602a177} – no filepath
Job: {d7bbacd3-c42e-497b-8822-dc80c415cb45} – no filepath
Job: {da1e8ca4-6430-47d5-86d7-cffd27c7b38e} – no filepath
Job: {dc0ccf4a-8f14-4111-9991-86f583c29295} – no filepath
Job: {DD7E32D0-C0C1-45C6-91E0-5001C9222DA8} – System32TasksNahimicSvc64Run => C:Windowssystem32NahimicSvc64.exe [1057016 2019-05-28] (A-Volute -> Nahimic)
Job: {dd9db154-7ec7-4c37-9c7f-aea9ae39bf45} – no filepath
Job: {df5c0041-9975-4e82-afeb-11623e76f19a} – no filepath
Job: {e16432f7-5b18-416d-9b3f-33090817f619} – no filepath
Job: {e539dece-3f57-4339-b9fd-978e947a76e5} – no filepath
Job: {e797a73a-0484-4ca7-910b-8768909e2a8b} – no filepath
Job: {e7d6c8ac-c6b6-49af-9a81-c35934cbf155} – no filepath
Job: {e8d10584-14ab-4acd-aaa6-a6f9f703d008} – no filepath
Job: {e9ba37a1-9385-488e-a61c-de8bc2f5f92a} – no filepath
Job: {ec0b67ba-6f3e-4767-b60b-87274407ee88} – no filepath
Job: {f2aadb5e-be2e-4584-8af0-2ec647ab95af} – no filepath
Job: {f5f2cb8c-d665-401c-80c6-841343ee2471} – no filepath
Job: {f7750bc0-92ef-4e96-b140-00d88ed0feee} – no filepath
Job: {f8e77f60-e645-420f-9fe1-822a4b746f3c} – no filepath
Job: {F9A4D98C-DDC2-4288-9958-1D5830EF0603} – System32TasksMicrosoftOfficeOffice Characteristic Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [145768 2020-09-11] (Microsoft Company -> Microsoft Company)
Job: {fd161fab-b518-4462-b11b-d790801cd055} – no filepath
Job: {FEB3EE45-886D-427F-BD40-0C85D011CA20} – System32TasksMicrosoftOfficeOffice Characteristic Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [145768 2020-09-11] (Microsoft Company -> Microsoft Company)
(If an entry is included within the fixlist, the duty (.job) file might be moved. The file which is working by the duty won’t be moved.)
==================== Web (Whitelisted) ====================
(If an merchandise is included within the fixlist, if it’s a registry merchandise will probably be eliminated or restored to default.)
Tcpip..Interfaces{93a1d3d5-befb-4fd5-95b8-95c7ce7ef383}: [DhcpNameServer] 192.168.1.1
Tcpip..Interfaces{94ee878f-5bad-4f5c-aa9b-7df68c05ff0b}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF HKLM…FirefoxExtensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi [2020-09-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32…FirefoxExtensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] – C:Program FilesMcAfeeWebAdvisore10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,model=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Information (x86)AdobeAdobe Artistic CloudUtilsnpAdobeAAMDetect64.dll [2020-09-18] (Adobe Inc. -> Adobe Programs)
FF Plugin-x32: @java.com/DTPlugin,model=11.231.2 -> C:Program Information (x86)Javajre1.8.0_231bindtpluginnpDeployJava1.dll [2020-01-01] (Oracle America, Inc. -> Oracle Company)
FF Plugin-x32: @java.com/JavaPlugin,model=11.231.2 -> C:Program Information (x86)Javajre1.8.0_231binplugin2npjp2.dll [2020-01-01] (Oracle America, Inc. -> Oracle Company)
FF Plugin-x32: @microsoft.com/SharePoint,model=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Information (x86)AdobeAdobe Artistic CloudUtilsnpAdobeAAMDetect32.dll [2020-09-18] (Adobe Inc. -> Adobe Programs)
Chrome:
=======
CHR Profile: C:UserscjshiAppDataLocalGoogleChromeUser DataDefault [2020-09-18]
CHR StartupUrls: Default -> “hxxps://www.twitch.television/”
CHR Extension: (Adblock for Youtube™) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultExtensionscmedhionkhpnakcndndgjdbohmhepckk [2020-07-17]
CHR Extension: (Adblocker for YouTube – Youtube Adblocker) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultExtensionsejighbgeedkpcambhfkohdalcgckdein [2020-07-02]
CHR Extension: (Earth in Area) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultExtensionsiiihlpikmpijdopbaegjibndhpgjmjfe [2020-07-02]
CHR Extension: (Chrome Internet Retailer Funds) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2020-01-01]
CHR Extension: (Chrome Media Router) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR Extension: (Google Print) – C:UserscjshiAppDataLocalGoogleChromeUser DataDefaultDefault Extensionsdloibgkgfglejcinjapgalhmkocnjenh [2020-06-29]
CHR HKLM…ChromeExtension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM…ChromeExtension: [ojfilbbecboffgonioffpjjhcobjahoe]
CHR HKUS-1-5-21-184074726-1042131089-445855423-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKUS-1-5-21-184074726-1042131089-445855423-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [ojfilbbecboffgonioffpjjhcobjahoe]
CHR HKLM-x32…ChromeExtension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32…ChromeExtension: [ojfilbbecboffgonioffpjjhcobjahoe]
==================== Companies (Whitelisted) ===================
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
R2 AdobeUpdateService; C:Program Information (x86)Widespread FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [844856 2020-09-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Programs, Included)
R2 AGSService; C:Program Information (x86)Widespread FilesAdobeAdobeGCClientAGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Programs, Included)
R2 Alienware Digital Supply Companies; C:Program Information (x86)Alienware Digital Supply ServicesDell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
S4 Alienware SupportAssist Remediation; C:Program FilesDellSARemediationagentDellSupportAssistRemedationService.exe [308424 2019-09-25] (Dell Inc -> Dell Inc.)
S4 AWCCService; C:Program FilesAlienwareAlienware Command CenterAWCC.Service.exe [15424 2020-03-26] (Dell Inc -> Dell Applied sciences)
S3 BEService; C:Program Information (x86)Widespread FilesBattlEyeBEService.exe [8646752 2020-07-14] (BattlEye Improvements e.Okay. -> )
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Company -> Microsoft Company)
R2 DDVCollectorSvcApi; C:Program FilesDellDellDataVaultDDVCollectorSvcApi.exe [284720 2020-06-10] (Dell Inc -> Dell Applied sciences Inc.)
R2 DDVDataCollector; C:Program FilesDellDellDataVaultDDVDataCollector.exe [3455536 2020-06-10] (Dell Inc -> Dell Applied sciences Inc.)
R2 DDVRulesProcessor; C:Program FilesDellDellDataVaultDDVRulesProcessor.exe [294448 2020-06-10] (Dell Inc -> Dell Applied sciences Inc.)
R2 Dell {Hardware} Assist; C:Program FilesDellSupportAssistAgentPCDrSupportAssist6.0.7193.518DSAPI.exe [965104 2020-07-16] (PC-Physician, Inc. -> PC-Physician, Inc.)
R2 DellClientManagementService; C:Program Information (x86)DellUpdateServiceServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
S3 EasyAntiCheat; C:Program Information (x86)EasyAntiCheatEasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Killer Analytics Service; C:WindowsSystem32driversRivetNetworksKillerKillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Community Service; C:WindowsSystem32driversRivetNetworksKillerKillerNetworkService.exe [2651640 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R3 Killer Wifi Optimization Service; C:WindowsSystem32driversRivetNetworksKillerKAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 KNDBWM; C:WindowsSystem32driversRivetNetworksKillerKNDBWMService.exe [73712 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7185288 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [957192 2020-09-10] (McAfee, LLC -> McAfee, LLC)
R2 MlPatch; C:Windowssystem32MlPatch.exe [2244912 2014-08-22] (Magic Management Expertise Corp. -> )
R2 NahimicService; C:Windowssystem32NahimicService.exe [1305840 2019-05-28] (A-Volute -> Nahimic)
S3 Origin Shopper Service; C:Program Information (x86)OriginOriginClientService.exe [2519352 2020-09-07] (Digital Arts, Inc. -> Digital Arts)
R2 Origin Internet Helper Service; C:Program Information (x86)OriginOriginWebHelperService.exe [3472192 2020-09-07] (Digital Arts, Inc. -> Digital Arts)
R2 SupportAssistAgent; C:Program FilesDellSupportAssistAgentbinSupportAssistAgent.exe [33240 2020-07-06] (Dell Inc. -> Dell Inc.)
S3 vgc; C:Program FilesRiot Vanguardvgc.exe [9754048 2020-07-30] (Riot Video games, Inc. -> Riot Video games, Inc.)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2008.9-0NisSrv.exe [2343112 2020-09-02] (Microsoft Home windows Writer -> Microsoft Company)
S3 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2008.9-0MsMpEng.exe [128360 2020-09-02] (Microsoft Home windows Writer -> Microsoft Company)
S2 xTendSoftAPService; C:WindowsSystem32driversRivetNetworksKillerxTendSoftAPService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:WindowsSystem32driversRivetNetworksKillerxTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S4 LMIGuardianSvc; “C:Program Information (x86)LogMeIn Hamachix64LMIGuardianSvc.exe” [X]
R2 NVDisplay.ContainerLocalSystem; C:WindowsSystem32DriverStoreFileRepositorynvddi.inf_amd64_afaf8d9a55376d3cDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramDatapercentNVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WindowsSystem32DriverStoreFileRepositorynvddi.inf_amd64_afaf8d9a55376d3cDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
S3 AppleLowerFilter; C:WindowsSystem32driversAppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert construct,131474841775766162 -> Apple Inc.)
R3 AWCCDriver; C:WindowsSystem32driversAWCCDriver.sys [42440 2019-12-24] (IndiLogic LLC -> Dell Inc.)
R4 DBUtil_2_3; C:WindowsTEMPDBUtil_2_3.Sys [14840 2020-09-18] (Dell Inc. -> )
R3 DDDriver; C:WindowsSystem32driversdddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Home windows {Hardware} Compatibility Writer -> Dell Inc.)
R3 e2xw10x64; C:WindowsSystem32driverse2xw10x64.sys [164840 2019-05-10] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 ElgatoGC656Y; C:WindowsSystem32DriversElgatoGC656.sys [43392 2019-11-08] (Elgato Programs LLC -> UB658)
S3 ElgatoVAD; C:WindowsSystem32driversElgatoVAD.sys [39208 2019-06-03] (Elgato Programs LLC -> Elgato Programs GmbH)
R1 ESProtectionDriver; C:Windowssystem32driversmbae64.sys [153312 2020-09-18] (Malwarebytes Company -> Malwarebytes)
S3 Hamachi; C:Windowssystem32DRIVERSHamdrv.sys [45680 2019-04-02] (Microsoft Home windows {Hardware} Compatibility Writer -> LogMeIn Inc.)
R3 KfeCoSvc; C:WindowsSystem32driversRivetNetworksKillerKfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 LGVirHid; C:Windowssystem32driversLGVirHid.sys [26912 2015-06-10] (Microsoft Home windows {Hardware} Compatibility Writer -> Logitech Inc.)
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [217592 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WindowsSystem32DRIVERSMbamElam.sys [19912 2020-09-18] (Microsoft Home windows Early Launch Anti-malware Writer -> Malwarebytes)
R3 MBAMFarflt; C:WindowsSystem32DRIVERSfarflt.sys [197280 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:Windowssystem32DRIVERSmbam.sys [73880 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248968 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:Windowssystem32DRIVERSmwac.sys [131232 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 RDID1139; C:Windowssystem32DriversRDWM1139.SYS [212096 2015-07-23] (Microsoft Home windows {Hardware} Compatibility Writer -> Roland Company)
S3 STTub30; C:WindowsSystem32DriversSTTub30.sys [48608 2020-05-03] (Microsoft Home windows {Hardware} Compatibility Writer -> STMicroelectronics)
S3 t6sta; C:WindowsSystem32Driverst6sta.sys [161608 2020-06-01] (Magic Management Expertise Corp. -> Magic Management Expertise Company)
S1 vgk; C:Program FilesRiot Vanguardvgk.sys [5395880 2020-07-30] (Riot Video games, Inc. -> Riot Video games, Inc.)
S3 WacomPen; C:WindowsSystem32driverswacompen.sys [31744 2019-03-19] (Microsoft Home windows -> Microsoft Company)
S3 WdBoot; C:Windowssystem32driverswdWdBoot.sys [48520 2020-09-02] (Microsoft Home windows Early Launch Anti-malware Writer -> Microsoft Company)
S3 WdFilter; C:Windowssystem32driverswdWdFilter.sys [428256 2020-09-02] (Microsoft Home windows -> Microsoft Company)
S3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [69856 2020-09-02] (Microsoft Home windows -> Microsoft Company)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
==================== One month (created) ===================
(If an entry is included within the fixlist, the file/folder might be moved.)
2020-09-18 15:13 – 2020-09-18 15:17 – 000000000 ____D C:FRST
2020-09-18 15:11 – 2020-09-18 15:12 – 002298368 _____ (Farbar) C:UserscjshiDownloadsFRST64 (1).exe
2020-09-18 15:10 – 2020-09-18 15:10 – 002298368 _____ (Farbar) C:UserscjshiDownloadsFRST64.exe
2020-09-18 14:54 – 2020-09-18 14:54 – 000003112 _____ C:Windowssystem32TasksNahimicTask32
2020-09-18 14:54 – 2020-09-18 14:54 – 000003092 _____ C:Windowssystem32TasksNahimicTask64
2020-09-18 14:52 – 2020-09-18 14:52 – 000197280 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys
2020-09-18 14:52 – 2020-09-18 14:52 – 000131232 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys
2020-09-18 14:52 – 2020-09-18 14:52 – 000073880 _____ (Malwarebytes) C:Windowssystem32Driversmbam.sys
2020-09-18 13:33 – 2020-09-18 13:33 – 000000000 ____D C:UserscjshiAppDataLocalmbam
2020-09-18 13:32 – 2020-09-18 13:32 – 000248968 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2020-09-18 13:32 – 2020-09-18 13:32 – 000217592 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2020-09-18 13:32 – 2020-09-18 13:32 – 000153312 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2020-09-18 13:32 – 2020-09-18 13:32 – 000019912 _____ (Malwarebytes) C:Windowssystem32DriversMbamElam.sys
2020-09-18 13:32 – 2020-09-18 13:32 – 000002043 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2020-09-18 13:32 – 2020-09-18 13:32 – 000002031 _____ C:UsersPublicDesktopMalwarebytes.lnk
2020-09-18 13:32 – 2020-09-18 13:32 – 000002031 _____ C:ProgramDataDesktopMalwarebytes.lnk
2020-09-18 13:32 – 2020-09-18 13:32 – 000000000 ____D C:ProgramDataMalwarebytes
2020-09-18 13:28 – 2020-09-18 13:28 – 000000000 ____D C:Program FilesMalwarebytes
2020-09-18 13:27 – 2020-09-18 13:27 – 001928352 _____ (Malwarebytes) C:UserscjshiDownloadsMBSetup-076981.076981-Shopper.exe
2020-09-18 13:15 – 2020-09-18 13:20 – 000000000 ____D C:UserscjshiOneDriveDocumentsAE Stinger Check #1_AME
2020-09-18 13:10 – 2020-09-18 13:10 – 000000000 ____D C:Program Filesfnord software program
2020-09-18 13:07 – 2020-09-18 13:08 – 001852416 _____ C:UserscjshiDownloadsWebM_Premiere_v1.1.0.msi
2020-09-18 13:06 – 2020-09-18 13:06 – 000098902 _____ C:UserscjshiOneDriveDocumentsAE Stinger Check #1.aep
2020-09-18 12:26 – 2020-09-18 12:26 – 000001170 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Media Encoder 2020.lnk
2020-09-18 12:21 – 2020-09-18 12:26 – 000000000 ____D C:UserscjshiOneDriveDocumentsAdobe
2020-09-18 12:15 – 2020-09-18 12:15 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaxon
2020-09-18 12:11 – 2020-09-18 12:15 – 000000000 ____D C:Program FilesMaxon Cinema 4D R22
2020-09-18 12:10 – 2020-09-18 12:10 – 000001272 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe After Results 2020.lnk
2020-09-18 11:59 – 2020-09-18 14:57 – 000000000 ___RD C:UserscjshiCreative Cloud Information
2020-09-18 11:55 – 2020-09-18 11:55 – 000003522 _____ C:Windowssystem32TasksAdobeGCInvoker-1.0
2020-09-18 11:52 – 2020-09-18 12:03 – 000000000 ____D C:ProgramDataAdobe
2020-09-18 11:52 – 2020-09-18 11:52 – 000001384 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Artistic Cloud.lnk
2020-09-18 11:52 – 2020-09-18 11:52 – 000001372 _____ C:UsersPublicDesktopAdobe Artistic Cloud.lnk
2020-09-18 11:52 – 2020-09-18 11:52 – 000001372 _____ C:ProgramDataDesktopAdobe Artistic Cloud.lnk
2020-09-18 11:51 – 2020-09-18 12:26 – 000000000 ____D C:Program FilesAdobe
2020-09-18 11:51 – 2020-09-18 12:10 – 000000000 ____D C:Program FilesCommon FilesAdobe
2020-09-18 11:51 – 2020-09-18 11:58 – 000000000 ____D C:Program Information (x86)Adobe
2020-09-18 11:44 – 2020-09-18 14:56 – 000000000 ____D C:UserscjshiAppDataLocalAdobe
2020-09-18 11:44 – 2020-09-18 11:44 – 002109296 _____ (Adobe Inc.) C:UserscjshiDownloadsAfter_Effects_Set-Up.exe
2020-09-17 15:28 – 2020-09-17 15:29 – 000003539 _____ C:crash-handler.log.outdated
2020-09-14 22:10 – 2020-09-14 22:10 – 000000152 _____ C:UserscjshiAppDataLocalkritadisplayrc
2020-09-13 14:04 – 2020-09-13 14:05 – 005473185 _____ C:UserscjshiDownloadsBakkesModInjector (1).zip
2020-09-09 11:15 – 2020-09-09 11:15 – 000003360 _____ C:Windowssystem32TasksOneDrive Standalone Replace Job-S-1-5-21-184074726-1042131089-445855423-1001
2020-09-09 11:15 – 2020-09-09 11:15 – 000002365 _____ C:UserscjshiAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2020-09-08 15:31 – 2020-09-08 15:31 – 000000000 ____D C:UserscjshiOneDriveDocumentsKlei
2020-09-08 15:31 – 2020-09-08 15:31 – 000000000 ____D C:UserscjshiAppDataLocalLowKlei
2020-09-08 15:31 – 2020-09-08 15:31 – 000000000 ____D C:UserscjshiAppDataLocalKlei
2020-09-08 12:01 – 2020-09-08 12:01 – 000001097 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMega Hack.lnk
2020-09-08 12:01 – 2020-09-08 12:01 – 000000000 ____D C:Program Information (x86)Mega Hack
2020-09-08 11:58 – 2020-09-08 11:59 – 015264753 _____ (Absolute ) C:UserscjshiDownloadsMegaHack v5.4 SETUP.exe
2020-09-08 10:35 – 2020-09-08 10:35 – 001368605 _____ C:UserscjshiDownloads1ae467f0-e295-4368-b33c-d6efc5b4c8e5.replay
2020-09-07 10:45 – 2020-09-07 12:22 – 2498209236 _____ C:UserscjshiDownloads727366062-412507118-95467efd-d430-45b2-842a-b98d23b55c3f.mp4
2020-09-06 11:40 – 2020-06-30 07:38 – 001265728 _____ (Magic Management Expertise Corp.) C:Windowssystem32t6indisp.dll
2020-09-06 11:40 – 2020-06-01 06:47 – 000161608 _____ (Magic Management Expertise Company) C:Windowssystem32Driverst6sta.sys
2020-09-06 11:39 – 2020-09-06 11:39 – 000000000 ____D C:Program Information (x86)MCT Corp
2020-09-06 11:39 – 2017-04-07 13:53 – 000698072 _____ (Magic Management Expertise Company) C:Windowssystem32igdumdmx.dll
2020-09-06 11:39 – 2014-08-22 17:10 – 002244912 _____ C:Windowssystem32mlpatch.exe
2020-09-06 11:39 – 2013-12-27 12:17 – 002215704 _____ (Magic Management Corp.) C:Windowssystem32MctKmdSvrx.exe
2020-09-06 11:39 – 2013-11-04 16:22 – 000437528 _____ () C:WindowsSysWOW64UDLL.dll
2020-09-06 11:39 – 2013-11-04 16:22 – 000322840 _____ (TODO: <Firm identify>) C:WindowsSysWOW64mctudll.exe
2020-09-06 11:39 – 2013-11-04 16:22 – 000052504 _____ C:WindowsSysWOW64mctudll.dll
2020-09-06 11:39 – 2012-12-11 17:05 – 000918104 _____ (Magic Management Expertise Company) C:Windowssystem32MTrigger2.exe
2020-09-06 11:39 – 2012-03-02 15:49 – 000013440 _____ C:Windowssystem32Driversu3hpatch64.sys
2020-09-06 11:39 – 2012-02-03 18:15 – 000272512 _____ C:Windowssystem32U2VSvr.exe
2020-09-06 11:39 – 2011-09-09 18:30 – 000440320 _____ (Magic Management Expertise Company) C:Windowssystem32SU-T2.exe
2020-09-06 11:39 – 2011-06-27 15:16 – 000272512 _____ C:Windowssystem32U2VT2Svr.exe
2020-09-06 11:39 – 2011-05-05 14:24 – 000274048 _____ (MCT) C:Windowssystem32MHK2.DLL
2020-09-06 11:39 – 2011-05-04 20:04 – 001113728 _____ (Magic Management Expertise Company) C:Windowssystem32MTri1+64.exe
2020-09-06 11:39 – 2011-05-04 20:04 – 000917120 _____ (Magic Management Expertise Company) C:Windowssystem32SilentUtility.exe
2020-09-06 11:39 – 2011-05-04 20:04 – 000195200 _____ C:Windowssystem32Util.exe
2020-09-06 11:39 – 2011-05-04 20:01 – 000261760 _____ C:Windowssystem32Util-MTrigger2.exe
2020-09-06 11:39 – 2010-11-13 11:22 – 000272760 _____ (MCT) C:Windowssystem32MCTHOOKKEY.DLL
2020-09-06 11:39 – 2010-10-15 20:44 – 000048170 _____ C:Windowssystem32MTri1+.ini
2020-09-06 11:39 – 2010-10-15 20:43 – 000048178 _____ C:Windowssystem32Mtrigger2.ini
2020-09-06 11:39 – 2010-08-20 14:03 – 000336248 _____ (Magic Management Expertise Company) C:Windowssystem32mctsetup64.dll
2020-09-06 11:36 – 2020-09-06 11:38 – 060404376 _____ (Flexera Software program LLC) C:UserscjshiDownloadsj5create-20.01.0620.3179.exe
2020-09-05 18:08 – 2020-09-05 18:08 – 000000000 ____D C:UserscjshiAppDataLocalLowInnersloth
2020-09-05 12:38 – 2020-09-05 12:38 – 000439920 _____ C:Windowssystem32FNTCACHE.DAT
2020-09-05 11:50 – 2020-09-05 11:50 – 000000000 ____D C:Windowssystem32ihvmanager
2020-09-05 11:47 – 2020-09-05 11:47 – 000000000 ____D C:Program FilesKiller Networking
2020-09-05 11:45 – 2020-09-05 11:45 – 000000000 ____D C:Program Information (x86)DummyDir
2020-09-05 11:41 – 2020-09-05 11:41 – 000000000 ____D C:Home windows{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-09-03 11:36 – 2020-09-03 11:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWondershare
2020-09-02 20:10 – 2020-09-02 20:10 – 001083181 _____ C:UserscjshiDownloadsD9ED7A3F4A4A0ADFC77F6B8D45CA0D58 (1).replay
2020-09-02 20:10 – 2020-09-02 20:10 – 001078962 _____ C:UserscjshiDownloadsDE2D0F0D427F3E627A8CF29CBAE4E09A.replay
2020-09-02 19:47 – 2020-09-02 19:47 – 001083181 _____ C:UserscjshiDownloadsD9ED7A3F4A4A0ADFC77F6B8D45CA0D58.replay
2020-08-29 19:57 – 2020-08-29 19:57 – 001072649 _____ C:UserscjshiDownloads82FFED574634EEAFFF6A05AE53591383.replay
2020-08-29 12:47 – 2020-08-29 12:47 – 002740276 _____ (crosire) C:UserscjshiDownloadsReShade_Setup_4.7.0.exe
2020-08-28 14:07 – 2020-08-28 14:07 – 000000356 _____ C:UserscjshiAppDataLocalkarboncalligraphyrc
2020-08-28 11:07 – 2020-08-28 11:08 – 005473185 _____ C:UserscjshiDownloadsBakkesModInjector.zip
2020-08-27 21:26 – 2020-08-27 21:26 – 000000781 _____ C:UserscjshiOneDriveDocumentsModeration Guidelines.txt
2020-08-27 21:06 – 2020-08-27 21:06 – 000000890 _____ C:UserscjshiOneDriveDocumentsModeration app. messages.txt
2020-08-27 10:14 – 2020-08-27 10:14 – 000000000 ____D C:UserscjshiOneDriveDocumentsParkitect
2020-08-27 10:14 – 2020-08-27 10:14 – 000000000 ____D C:UserscjshiOneDriveDocumentsBeamNG.drive
2020-08-26 19:50 – 2020-08-26 19:52 – 073485328 _____ (obsproject.com) C:UserscjshiDownloadsOBS-Studio-25.0.8-Full-Installer-x64.exe
2020-08-23 12:31 – 2020-08-23 12:31 – 000000000 ____D C:UserscjshiAppDataLocalLowUnity
2020-08-22 10:37 – 2020-08-22 10:37 – 000000000 ____D C:UserscjshiAppDataRoamingMMFApplications
2020-08-21 23:50 – 2020-08-22 00:30 – 000000000 ____D C:UserscjshiBrawlhallaReplays
2020-08-21 23:44 – 2020-08-21 23:45 – 000000000 ____D C:UserscjshiAppDataRoamingBrawlhallaAir
2020-08-21 20:36 – 2020-08-21 20:36 – 000000000 ____D C:UserscjshiOneDriveDocumentsRespawn
2020-08-20 22:38 – 2020-09-03 19:38 – 000000000 ____D C:UserscjshiAppDataLocalVivox
2020-08-19 14:55 – 2020-08-19 14:55 – 000000000 ____D C:UserscjshiAppDataLocalMarblesOnStream
2020-08-19 00:01 – 2020-08-19 00:01 – 000004746 _____ C:UserscjshiAppDataLocalrecently-used.xbel
==================== One month (modified) ==================
(If an entry is included within the fixlist, the file/folder might be moved.)
2020-09-18 15:10 – 2019-12-24 03:43 – 000000000 ____D C:Program Information (x86)Alienware Digital Supply Companies
2020-09-18 15:04 – 2019-12-24 03:34 – 000000000 ____D C:ProgramDataNVIDIA
2020-09-18 15:00 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-09-18 14:56 – 2020-01-01 15:07 – 000000000 ___RD C:UserscjshiOneDrive
2020-09-18 14:56 – 2019-03-19 00:52 – 000000000 ____D C:WindowsRegistration
2020-09-18 14:56 – 2019-03-19 00:50 – 000000000 ____D C:WindowsINF
2020-09-18 14:54 – 2020-01-01 15:04 – 000000000 __SHD C:UserscjshiIntelGraphicsProfiles
2020-09-18 14:52 – 2020-05-29 11:40 – 000000000 ____D C:Program Information (x86)ProxyGate
2020-09-18 14:52 – 2020-05-29 11:39 – 000000000 ___HD C:Windowsrss
2020-09-18 14:52 – 2020-01-01 14:59 – 000000000 ____D C:Userscjshi
2020-09-18 14:52 – 2019-12-24 03:15 – 000000006 ____H C:WindowsTasksSA.DAT
2020-09-18 14:51 – 2019-03-19 00:37 – 000786432 _____ C:Windowssystem32configBBI
2020-09-18 14:50 – 2020-07-06 15:03 – 000000000 ____D C:ProgramDataiddqj
2020-09-18 14:50 – 2020-01-01 22:09 – 000000000 ____D C:UserscjshiAppDataRoamingDiscord
2020-09-18 14:28 – 2019-12-24 03:14 – 000000000 ____D C:Windowssystem32SleepStudy
2020-09-18 13:33 – 2020-01-02 18:00 – 000000000 ____D C:UserscjshiAppDataLocalCrashDumps
2020-09-18 13:32 – 2019-03-19 00:52 – 000000000 ___HD C:WindowsELAMBKUP
2020-09-18 12:26 – 2020-01-01 15:04 – 000000000 ____D C:UserscjshiAppDataRoamingAdobe
2020-09-18 12:20 – 2020-01-01 22:18 – 000000000 ____D C:UserscjshiAppDataLocalD3DSCache
2020-09-18 12:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsAppReadiness
2020-09-18 11:56 – 2020-01-01 16:57 – 000000000 ____D C:ProgramDataPackages
2020-09-18 11:56 – 2020-01-01 15:04 – 000000000 ____D C:UserscjshiAppDataLocalPackages
2020-09-18 11:56 – 2019-03-19 00:52 – 000000000 ___HD C:Program FilesWindowsApps
2020-09-18 11:51 – 2019-12-24 03:26 – 000000000 ____D C:ProgramDataPackage Cache
2020-09-18 11:28 – 2020-05-29 11:56 – 000000000 ____D C:UserscjshiAppDataRoamingc959dfd3e5cd
2020-09-18 11:14 – 2020-07-02 14:00 – 000004148 _____ C:Windowssystem32TasksUser_Feed_Synchronization-{4EE4B38A-358E-44F2-A00F-66CD2D27F835}
2020-09-17 22:16 – 2020-01-01 16:06 – 000000000 ____D C:Program Information (x86)Steam
2020-09-17 16:37 – 2020-05-10 00:03 – 000000000 ____D C:UserscjshiAppDataRoamingslobs-client
2020-09-16 15:52 – 2020-05-14 17:36 – 000000000 ____D C:UserscjshiAppDataRoamingbadpanda-react
2020-09-15 15:10 – 2020-01-01 15:58 – 000000000 ____D C:UserscjshiAppDataRoamingobs-studio
2020-09-14 22:10 – 2020-08-10 18:35 – 000025170 _____ C:UserscjshiAppDataLocalkritarc
2020-09-14 19:55 – 2020-08-10 18:35 – 000000000 ____D C:UserscjshiAppDataRoamingkrita
2020-09-14 15:03 – 2020-01-03 21:48 – 000000000 ____D C:UserscjshiOneDriveDocumentsWondershare Filmora 9
2020-09-14 15:03 – 2020-01-03 21:48 – 000000000 ____D C:ProgramDataWondershare Filmora
2020-09-11 18:04 – 2020-07-19 13:39 – 000000000 ____D C:Program Information (x86)Origin
2020-09-11 11:27 – 2019-12-24 03:47 – 000000000 ____D C:Program FilesMicrosoft Workplace
2020-09-10 15:13 – 2020-01-01 15:08 – 000002303 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-09-10 14:25 – 2020-01-01 22:15 – 000000000 ____D C:UserscjshiAppDataLocalDiscord
2020-09-09 14:44 – 2019-12-24 03:33 – 000841376 _____ C:Windowssystem32PerfStringBackup.INI
2020-09-08 15:08 – 2020-01-01 16:20 – 000000000 ____D C:UserscjshiAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
2020-09-08 12:35 – 2020-01-20 12:44 – 000000000 ____D C:UserscjshiAppDataLocalGeometryDash
2020-09-06 11:43 – 2019-03-19 00:52 – 000000000 ____D C:WindowsServiceState
2020-09-06 11:39 – 2019-12-24 03:26 – 000000000 ___HD C:Program Information (x86)InstallShield Set up Info
2020-09-05 12:38 – 2019-12-24 02:28 – 000000000 ____D C:WindowsPanther
2020-09-05 11:51 – 2019-12-24 03:32 – 000000000 ____D C:Program Information (x86)Qualcomm
2020-09-05 11:48 – 2019-12-24 03:27 – 000000000 ____D C:Program Information (x86)Intel
2020-09-05 11:42 – 2019-12-24 03:52 – 000000000 ____D C:Program Information (x86)Alienware Replace
2020-09-03 18:23 – 2020-01-03 03:11 – 000000000 ____D C:UserscjshiAppDataLocalUbisoft Recreation Launcher
2020-09-03 11:33 – 2020-01-03 21:48 – 000000000 ____D C:Program FilesWondershare
2020-09-02 15:47 – 2020-01-01 19:41 – 000000000 ____D C:UserscjshiAppDataRoaming.minecraft
2020-09-02 10:23 – 2019-12-24 03:15 – 000000000 ____D C:Windowssystem32Driverswd
2020-09-02 10:11 – 2020-07-18 22:17 – 000000001 _____ C:Windowsvgkbootstatus.dat
2020-08-26 19:57 – 2020-01-01 15:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOBS Studio
2020-08-26 19:43 – 2020-05-28 15:45 – 000000000 ____D C:UserscjshiAppDataRoamingMicrosoftWindowsStart MenuProgramsRockstar Video games
2020-08-26 19:42 – 2020-05-28 15:40 – 000000000 ____D C:Program FilesRockstar Video games
2020-08-26 19:42 – 2020-05-28 15:40 – 000000000 ____D C:Program Information (x86)Rockstar Video games
2020-08-26 18:11 – 2020-01-01 16:55 – 000000000 ____D C:Windowsminidump
2020-08-23 14:10 – 2020-07-19 13:35 – 000000000 ____D C:UserscjshiAppDataRoamingOrigin
2020-08-23 14:10 – 2020-07-19 13:35 – 000000000 ____D C:ProgramDataOrigin
2020-08-23 14:08 – 2020-07-19 13:52 – 000000000 ____D C:Program Information (x86)Origin Video games
2020-08-23 14:08 – 2020-07-19 13:35 – 000000000 ____D C:UserscjshiAppDataLocalOrigin
2020-08-19 11:17 – 2020-05-02 21:43 – 000000000 ____D C:UserscjshiAppDataLocalbabl-0.1
2020-08-19 11:16 – 2020-05-02 21:47 – 000000000 ____D C:UserscjshiAppDataLocalgtk-2.0
==================== Information within the root of some directories ========
2020-08-28 14:07 – 2020-08-28 14:07 – 000000356 _____ () C:UserscjshiAppDataLocalkarboncalligraphyrc
2020-08-10 18:35 – 2020-09-14 20:33 – 000002628 _____ () C:UserscjshiAppDataLocalkrita-sysinfo.log
2020-08-10 18:35 – 2020-09-14 22:10 – 000251400 _____ () C:UserscjshiAppDataLocalkrita.log
2020-09-14 22:10 – 2020-09-14 22:10 – 000000152 _____ () C:UserscjshiAppDataLocalkritadisplayrc
2020-08-10 18:35 – 2020-09-14 22:10 – 000025170 _____ () C:UserscjshiAppDataLocalkritarc
2020-09-18 12:27 – 2020-09-18 12:27 – 000000000 _____ () C:UserscjshiAppDataLocaloobelibMkey.log
2020-08-19 00:01 – 2020-08-19 00:01 – 000004746 _____ () C:UserscjshiAppDataLocalrecently-used.xbel
2020-05-28 23:53 – 2020-06-27 15:34 – 000007596 _____ () C:UserscjshiAppDataLocalResmon.ResmonCfg
2020-07-06 15:24 – 2020-07-06 15:24 – 000000000 _____ () C:UserscjshiAppDataLocal{6AA21D75-6E64-408F-95A6-90C4B5DB174D}
==================== SigCheck ============================
(There isn’t any automated repair for recordsdata that don’t cross verification.)
Further scan results of Farbar Restoration Scan Software (x64) Model: 16-09-2020
Ran by cjshi (18-09-2020 15:18:23)
Working from C:UserscjshiOneDriveDesktop
Home windows 10 Residence Model 1909 18363.836 (X64) (2020-01-01 20:55:18)
Boot Mode: Regular
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-184074726-1042131089-445855423-500 – Administrator – Disabled)
cjshi (S-1-5-21-184074726-1042131089-445855423-1001 – Administrator – Enabled) => C:Userscjshi
DefaultAccount (S-1-5-21-184074726-1042131089-445855423-503 – Restricted – Disabled)
Visitor (S-1-5-21-184074726-1042131089-445855423-501 – Restricted – Disabled)
WDAGUtilityAccount (S-1-5-21-184074726-1042131089-445855423-504 – Restricted – Disabled)
==================== Safety Middle ========================
(If an entry is included within the fixlist, will probably be eliminated.)
AV: Home windows Defender (Disabled – Updated) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled – Updated) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Put in Applications ======================
(Solely the adware packages with “Hidden” flag could possibly be added to the fixlist to unhide them. The adware packages needs to be uninstalled manually.)
749cfa0b-4f67-45a3-be85-7439a870c1cf (HKUS-1-5-21-184074726-1042131089-445855423-1001…749cfa0b-4f67-45a3-be85-7439a870c1cf) (Model: – L-Analysis)
Adobe After Results 2020 (HKLM-x32…AEFT_17_1_4) (Model: 17.1.4 – Adobe Inc.)
Adobe Artistic Cloud (HKLM-x32…Adobe Artistic Cloud) (Model: 5.2.1.441 – Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32…AME_14_4) (Model: 14.4 – Adobe Inc.)
Alienware Command Middle Suite (HKLM…{8C91E386-C6DD-4387-AD74-415895342AE5}) (Model: 5.2.81.0 – Dell Inc) Hidden
Alienware Command Middle Suite (HKLM-x32…InstallShield_{8C91E386-C6DD-4387-AD74-415895342AE5}) (Model: 5.2.81.0 – Dell Inc)
Alienware Digital Supply Companies (HKLM-x32…{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Model: 4.0.52.0 – Dell Inc.)
Alienware Cell Join Drivers (HKLM…{A5851DEA-C615-417B-A7FF-9C5469942D88}) (Model: 2.0.8402 – Screenovate Applied sciences Ltd.)
Alienware OC Controls (HKLM-x32…{9aa537ae-b564-49ac-9120-2f6919349807}) (Model: 1.2.46.1227 – Dell Inc)
Alienware OCControls Service Installer (HKLM…{C607DCAA-44F9-4563-89FF-F13DB4D3507C}) (Model: 1.2.46.1227 – DELL Inc) Hidden
Alienware SupportAssist Remediation (HKLM…{1906C253-4035-4CA5-A501-075E691CCEC9}) (Model: 5.0.0.10859 – Dell Inc.) Hidden
Alienware SupportAssist Remediation (HKLM-x32…{96846915-505c-49a2-8aa0-63f90927de87}) (Model: 5.0.0.10859 – Dell Inc.)
Alienware Replace – SupportAssist Replace Plugin (HKLM…{F05A10C0-5F5F-4755-8613-66BB841FEB08}) (Model: 5.2.0.12833 – Dell Inc.) Hidden
Alienware Replace – SupportAssist Replace Plugin (HKLM-x32…{819b927b-a8d8-46a9-9512-0326900f80e3}) (Model: 5.2.0.12833 – Dell Inc.)
Alienware Replace for Home windows 10 (HKLM…{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Model: 3.1.3 – Dell, Inc.)
Apex Legends (HKLM-x32…{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Model: 1.0.4.1 – Digital Arts, Inc.)
DAZ Set up Supervisor (64-bit) (HKUS-1-5-21-184074726-1042131089-445855423-1001…DAZ Set up Supervisor (64-bit) 1.4.0.17) (Model: 1.4.0.17 – DAZ 3D)
Dell SupportAssist (HKLM…{57CBE96A-3AA5-4421-A87C-6C6C3B6C5ECA}) (Model: 3.6.0.97 – Dell Inc.)
Discord (HKUS-1-5-21-184074726-1042131089-445855423-1001…Discord) (Model: 0.0.308 – Discord Inc.)
Dynamic Utility Loader Host Interface Service (HKLM…{1FFC8DA4-2ED9-4351-B9D0-C73BEE17CEE0}) (Model: 1.0.0.0 – Intel Company) Hidden
Epic Video games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Model: 1.1.267.0 – Epic Video games, Inc.)
Epic Video games Launcher Stipulations (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Model: 1.0.0.0 – Epic Video games, Inc.) Hidden
Gif Your Recreation 3.3.23 (HKUS-1-5-21-184074726-1042131089-445855423-1001…d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Model: 3.3.23 – Unhealthy Panda, Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Model: 85.0.4183.102 – Google LLC)
Google Replace Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Model: 1.3.35.451 – Google LLC) Hidden
Google Replace Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Model: 1.3.99.0 – Google Inc.) Hidden
Intel® C++ Redistributables on Intel® 64 (HKLM-x32…{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Model: 15.0.179 – Intel Company)
Intel® Chipset Machine Software program (HKLM-x32…{32a1f79d-5643-4cfe-92a4-f7a82adf1b78}) (Model: 10.1.17854.8100 – Intel® Company)
Intel® Administration Engine Elements (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Model: 2016.14.0.1555 – Intel Company)
Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Model: 25.20.100.6617 – Intel Company)
j5 USB DISPLAY ADAPTER 20.01.0620.3179 (HKLM-x32…{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Model: 20.01.0620.3179 – j5create)
Java 8 Replace 231 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Model: 8.0.2310.11 – Oracle Company)
Killer Ethernet Efficiency Driver Suite UWD (HKLM…{5F4E5145-FA4B-464B-89B3-4C8AE2385164}) (Model: 2.2.1408 – Rivet Networks)
Krita (x64) 4.3.0 (HKLM…Krita_x64) (Model: 4.3.0.0 – Krita Basis)
Launcher Stipulations (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Model: 1.0.0.0 – Epic Video games, Inc.) Hidden
Malwarebytes model 4.2.1.89 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Model: 4.2.1.89 – Malwarebytes)
Maxon Cinema 4D 22 (HKLM…Maxon Cinema 4D S22) (Model: S22 – Maxon)
Media Plugin (HKLM-x32…{9A81C9E3-EE6E-435C-9A9A-3749D02D8C4A}) (Model: 1.0.0.11 – Alienware) Hidden
Media Plugin (HKLM-x32…InstallShield_{9A81C9E3-EE6E-435C-9A9A-3749D02D8C4A}) (Model: 1.0.0.11 – Alienware)
Mega Hack model 5.4 (HKLM-x32…{9530A774-421F-4BC2-BB30-6DFE2AB278C4}_is1) (Model: 5.4 – Absolute)
Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Model: 16.0.13127.20408 – Microsoft Company)
Microsoft OneDrive (HKUS-1-5-21-184074726-1042131089-445855423-1001…OneDriveSetup.exe) (Model: 20.143.0716.0003 – Microsoft Company)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM…{78909610-D229-459C-A936-25D92283D3FD}) (Model: 4.0.8876.1 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Model: 9.0.30729 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Model: 9.0.30729.4148 – Microsoft Company)
Microsoft Visible C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Model: 12.0.30501.0 – Microsoft Company)
Microsoft Visible C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Model: 12.0.40660.0 – Microsoft Company)
Microsoft Visible C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Model: 12.0.30501.0 – Microsoft Company)
Microsoft Visible C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…{61087a79-ac85-455c-934d-1fa22cc64f36}) (Model: 12.0.40660.0 – Microsoft Company)
Microsoft Visible C++ 2015-2019 Redistributable (x64) – 14.23.27820 (HKLM-x32…{852adda4-4c78-4a38-b583-c0b360a329d6}) (Model: 14.23.27820.0 – Microsoft Company)
Microsoft Visible C++ 2015-2019 Redistributable (x86) – 14.23.27820 (HKLM-x32…{45231ab4-69fd-486a-859d-7a59fcd11013}) (Model: 14.23.27820.0 – Microsoft Company)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Model: 4.0.20823.0 – Microsoft Company)
Minecraft Launcher (HKLM-x32…{810F1419-7760-402E-8772-B4054FAA2B72}) (Model: 1.0.0.0 – Mojang)
NVAPI Monitor plugin for NvContainer (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Model: 1.15 – NVIDIA Company) Hidden
NVIDIA GeForce Expertise 3.19.0.107 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Model: 3.19.0.107 – NVIDIA Company)
NVIDIA Graphics Driver 451.67 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Model: 451.67 – NVIDIA Company)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Model: 1.3.38.34 – NVIDIA Company)
NVIDIA PhysX System Software program 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Model: 9.19.0218 – NVIDIA Company)
OBS Studio (HKLM-x32…OBS Studio) (Model: 25.0.8 – OBS Challenge)
Workplace 16 Click on-to-Run Extensibility Part (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Model: 16.0.13127.20164 – Microsoft Company) Hidden
Workplace 16 Click on-to-Run Licensing Part (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Model: 16.0.13127.20378 – Microsoft Company) Hidden
Workplace 16 Click on-to-Run Localization Part (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Model: 16.0.13127.20164 – Microsoft Company) Hidden
Origin (HKLM-x32…Origin) (Model: 10.5.83.43781 – Digital Arts, Inc.)
Qualcomm 11ac Wi-fi LAN&Bluetooth Installer (HKLM-x32…{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Model: 11.0.0.10518 – Qualcomm)
RC-505 Driver (HKLM…RolandRDID0139) (Model: – Roland Company)
Realtek Excessive Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Model: 6.0.1.8642 – Realtek Semiconductor Corp.)
Riot Vanguard (HKLM…Riot Vanguard) (Model: – Riot Video games, Inc.)
Steam (HKLM-x32…Steam) (Model: 2.10.91.91 – Valve Company)
Streamlabs OBS (HKLM…�29c4619-0385-5543-9426-46f9987161d9) (Model: 0.21.2 – Common Workings, Inc.)
Twitch (HKUS-1-5-21-184074726-1042131089-445855423-1001…{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Model: 8.0.0 – Twitch Interactive, Inc.)
Uplay (HKLM-x32…Uplay) (Model: 73.0 – Ubisoft)
VALORANT (HKUS-1-5-21-184074726-1042131089-445855423-1001…Riot Recreation valorant.reside) (Model: – Riot Video games, Inc)
WebAdvisor by McAfee (HKLM-x32…{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Model: 4.1.1.150 – McAfee, LLC)
WebM for Premiere (HKLM…{7BCAE84F-ACE9-4089-87BB-75B914551743}) (Model: 1.0.0 – fnord software program)
Home windows Driver Package deal – STMicroelectronics (STTub30) USB (04/03/2017 3.0.6.0) (HKLM…BFD1FB244691FDF6328C70B79647C9046B65397A) (Model: 04/03/2017 3.0.6.0 – STMicroelectronics)
WinRAR 5.90 (64-bit) (HKLM…WinRAR archiver) (Model: 5.90.0 – win.rar GmbH)
Wondershare Filmora9(Construct 9.5.1) (HKLM…Wondershare Filmora9_is1) (Model: – Wondershare Software program)
Wondershare Helper Compact 2.6.0 (HKLM-x32…{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Model: 2.6.0 – Wondershare)
Packages:
=========
Adobe Notification Shopper -> C:Program FilesWindowsAppsAdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-09-18] (Adobe Programs Included)
Alienware Command Middle -> C:Program FilesWindowsAppsDellInc.AlienwareCommandCenter_5.2.81.0_x64__htrsf667h5kn2 [2020-03-27] (Dell Inc)
Alienware Management Middle -> C:Program FilesWindowsAppsDellInc.6066037A8FCF7_1.1.19.0_x64__htrsf667h5kn2 [2020-03-27] (Dell Inc)
Alienware Buyer Join -> C:Program FilesWindowsAppsDellInc.AlienwareCustomerConnect_5.2.40.0_x64__htrsf667h5kn2 [2020-05-07] (Dell Inc)
Alienware Digital Supply -> C:Program FilesWindowsAppsDellInc.AlienwareDigitalDelivery_4.0.52.0_x64__htrsf667h5kn2 [2020-05-28] (Dell Inc)
Alienware FX AW20 -> C:Program FilesWindowsAppsDellInc.Alienware.FXAW20_1.2.27.0_x64__htrsf667h5kn2 [2020-03-27] (Dell Inc)
Alienware FXDisplay -> C:Program FilesWindowsAppsDellInc.AlienwareFXDisplay_1.3.3.0_x64__htrsf667h5kn2 [2020-02-15] (Dell Inc)
Alienware Cell Join -> C:Program FilesWindowsAppsScreenovateTechnologies.AlienwareMobileConnect_3.0.9347.0_x64__0vhbc3ng4wbp0 [2020-04-16] (Screenovate Applied sciences) [Startup Task]
Alienware OC Controls -> C:Program FilesWindowsAppsDellInc.423703F9C7E0E_1.2.33.0_x64__htrsf667h5kn2 [2020-02-15] (Dell Inc)
Alienware Product Registration -> C:Program FilesWindowsAppsDellInc.AlienwareProductRegistration_3.5.4.0_x64__htrsf667h5kn2 [2019-12-24] (Dell Inc)
Alienware Sound Middle -> C:Program FilesWindowsAppsDellInc.AlienwareSoundCenter_1.4.13.0_x64__htrsf667h5kn2 [2020-03-27] (Dell Inc)
Alienware Replace -> C:Program FilesWindowsAppsDellInc.AlienwareUpdate_3.1.103.0_x64__htrsf667h5kn2 [2020-09-05] (Dell Inc)
Dell SupportAssist for Residence PCs -> C:Program FilesWindowsAppsDellInc.DellSupportAssistforPCs_3.6.6.0_x64__htrsf667h5kn2 [2020-07-16] (Dell Inc)
Intel® Graphics Command Middle -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.2730.0_x64__8j3eq9eme6ctt [2020-05-28] (INTEL CORP) [Startup Task]
Intel® Graphics Management Panel -> C:Program FilesWindowsAppsAppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Intel® Optane™ Reminiscence and Storage Administration -> C:Program FilesWindowsAppsAppUp.IntelOptaneMemoryandStorageManagement_17.9.1006.0_x64__8j3eq9eme6ctt [2020-05-25] (INTEL CORP)
Killer Management Middle -> C:Program FilesWindowsAppsRivetNetworks.KillerControlCenter_2.1.2914.0_x64__rh07ty8m5nkag [2019-12-24] (Rivet Networks LLC) [Startup Task]
Microsoft Promoting SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Promoting.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Company) [MS Ad]
Microsoft Promoting SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Promoting.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Company) [MS Ad]
Microsoft Distant Desktop -> C:Program FilesWindowsAppsMicrosoft.RemoteDesktop_10.1.1215.0_x86__8wekyb3d8bbwe [2020-04-22] (Microsoft Company)
Microsoft Solitaire Assortment -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:Program FilesWindowsAppsMicrosoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-03] (Microsoft Company)
MSN Climate -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Company) [MS Ad]
NVIDIA Management Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-07-22] (NVIDIA Corp.)
Realtek Audio Management -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.2.171.0_x64__dt26b99r8h8gj [2019-12-24] (Realtek Semiconductor Corp)
Tremendous-Quick Browser -> C:Program FilesWindowsAppsFirst-Question.Tremendous-FastBrowser_1.6.0.0_x64__pthwtxq7gdmdw [2020-07-06] (First-Question)
Xbox 360 SmartGlass -> C:Program FilesWindowsAppsMicrosoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2020-04-08] (Microsoft Company) [MS Ad]
Xbox One SmartGlass -> C:Program FilesWindowsAppsMicrosoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Company)
==================== Customized CLSID (Whitelisted): ==============
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
CustomCLSID: HKUS-1-5-21-184074726-1042131089-445855423-1001_ClassesCLSID{0E270DAA-1BE6-48F2-AC49-F51A1B8AC2B2} -> [Creative Cloud Files] => C:UserscjshiCreative Cloud Information [2020-09-18 11:59]
CustomCLSID: HKUS-1-5-21-184074726-1042131089-445855423-1001_ClassesCLSID{e8c77137-e224-5791-b6e9-ff0305797a13}InprocServer32 -> C:Program Information (x86)AdobeAdobe Artistic CloudUtilsnpAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Programs)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Information (x86)Widespread FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Information (x86)Widespread FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Information (x86)Widespread FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Information (x86)Widespread FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-09-18] (Malwarebytes Company -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WindowsSystem32DriverStoreFileRepositorynvddi.inf_amd64_afaf8d9a55376d3cnvshext.dll [2020-07-07] (NVIDIA Company -> NVIDIA Company)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Information (x86)Widespread FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2020-08-20] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-09-18] (Malwarebytes Company -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could possibly be listed to be restored or eliminated.)
Shortcut: C:UserscjshiAppDataRoamingMicrosoftWindowsStart MenuProgramsDAZ 3DDAZ Set up Supervisor (64-bit)DAZ Set up Supervisor (64-bit) Learn Me.lnk -> hxxp:docs.daz3d.comdoku.phppublicread_meindex14811
==================== Loaded Modules (Whitelisted) =============
2020-04-09 20:11 – 2020-04-09 20:11 – 000019456 _____ () [File not signed] C:Program Information (x86)Alienware Digital Supply ServicesDell.D3.HSA.Server.dll
2020-01-13 08:04 – 2020-01-13 08:04 – 001899008 _____ (SQLite Improvement Staff) [File not signed] C:Program FilesDellSupportAssistAgentbinx64sqlite3.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 001282048 _____ (The OpenSSL Challenge, hxxp://www.openssl.org/) [File not signed] C:Program Information (x86)OriginLIBEAY32.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 000279040 _____ (The OpenSSL Challenge, hxxp://www.openssl.org/) [File not signed] C:Program Information (x86)Originssleay32.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 001611264 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)Originplatformsqwindows.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 005487104 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5Core.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 005841920 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5Gui.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 001179136 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5Network.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 000146432 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5WebSockets.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 005089792 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5Widgets.dll
2020-09-11 18:04 – 2020-07-19 13:38 – 000184832 _____ (The Qt Firm Ltd) [File not signed] C:Program Information (x86)OriginQt5Xml.dll
==================== Alternate Information Streams (Whitelisted) ========
(If an entry is included within the fixlist, solely the ADS might be eliminated.)
AlternateDataStreams: C:UserscjshiAppDataLocalTemp:$DATA [16]
==================== Protected Mode (Whitelisted) ==================
(If an entry is included within the fixlist, will probably be faraway from the registry. The “AlternateShell” might be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
==================== Affiliation (Whitelisted) =================
==================== Web Explorer (Whitelisted) ==========
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Begin Web page = hxxps://www.yahoo.com/?fr=fes_yfp_chr_nt_yfp2&kind=wbf_aeudjqjz_20_28_ssg00
HKUS-1-5-21-184074726-1042131089-445855423-1001SoftwareMicrosoftInternet ExplorerMain,Begin Web page = hxxps://www.yahoo.com/?fr=fes_yfp_chr_nt_yfp2&kind=wbf_aeudjqjz_20_28_ssg00
HKUS-1-5-21-184074726-1042131089-445855423-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://www.msn.com/?computer=DCTE
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorx64IEPlugin.dll [2020-09-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Enterprise Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2020-09-03] (Microsoft Company -> Microsoft Company)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Information (x86)Javajre1.8.0_231binssv.dll [2020-01-01] (Oracle America, Inc. -> Oracle Company)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorwin32IEPlugin.dll [2020-09-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Information (x86)Javajre1.8.0_231binjp2ssv.dll [2020-01-01] (Oracle America, Inc. -> Oracle Company)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-09-03] (Microsoft Company -> Microsoft Company)
==================== Hosts content material: =========================
(If wanted Hosts: directive could possibly be included within the fixlist to reset Hosts.)
2019-03-19 00:49 – 2019-03-19 00:49 – 000000824 _____ C:Windowssystem32driversetchosts
==================== Different Areas ===========================
(At present there isn’t any automated repair for this part.)
HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> %INTEL_DEV_REDISTpercentredistintel64compiler;C:Program Information (x86)Widespread FilesOracleJavajavapath;C:Windowssystem32;C:Home windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Information (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR
HKUS-1-5-21-184074726-1042131089-445855423-1001Control PanelDesktopWallpaper -> C:UserscjshiOneDriveDesktope4dcf09416f6c4f01f945124811d7acb.jpg
DNS Servers: 192.168.1.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Home windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled gadgets ==
(If an entry is included within the fixlist, will probably be eliminated.)
MSCONFIGServices: Alienware Digital Supply Companies => 2
MSCONFIGServices: Alienware SupportAssist Remediation => 2
MSCONFIGServices: AtherosSvc => 2
MSCONFIGServices: AWCCService => 2
MSCONFIGServices: BEService => 3
MSCONFIGServices: Hamachi2Svc => 2
MSCONFIGServices: Killer Community Service => 2
MSCONFIGServices: LMIGuardianSvc => 2
MSCONFIGServices: LogiRegistryService => 2
MSCONFIGServices: Rockstar Service => 3
MSCONFIGServices: Steam Shopper Service => 3
HKLM…StartupApprovedRun: => “SecurityHealth”
HKLM…StartupApprovedRun: => “AlienwareMobileConnectWelcome”
HKLM…StartupApprovedRun: => “Launch LCore”
HKLM…StartupApprovedRun: => “RtkAudUService”
HKLM…StartupApprovedRun: => “Elgato Sound Seize”
HKLM…StartupApprovedRun32: => “SunJavaUpdateSched”
HKLM…StartupApprovedRun32: => “LogMeIn Hamachi Ui”
HKLM…StartupApprovedRun32: => “Wondershare Helper Compact.exe”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedStartupFolder: => “Twitch.lnk”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “Discord”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “Steam”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “EpicGamesLauncher”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “Gif Your Recreation”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “BakkesMod”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “GoogleChromeAutoLaunch_73EA7BD747D9B85FDFD6258DA71E099C”
HKUS-1-5-21-184074726-1042131089-445855423-1001…StartupApprovedRun: => “Chromium”
==================== FirewallRules (Whitelisted) ================
(If an entry is included within the fixlist, will probably be faraway from the registry. The file won’t be moved until listed individually.)
FirewallRules: [{6DA075C0-16CA-4E84-BB90-3971DF8F7E9F}] => (Permit) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{74320E99-2692-4667-968B-CFD78C029ED3}] => (Permit) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{8213890C-8966-4A7E-86D2-91E0AA673A18}] => (Permit) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{AF14B469-8600-4069-B291-288EC376CF75}] => (Permit) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{75FD0DAF-D12B-438F-A354-C1755EEF4A5E}] => (Permit) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{A9436C6B-EFC4-4F4B-85E1-C4E4F8C31CA9}] => (Permit) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Company -> NVIDIA Company)
FirewallRules: [{F1F15C45-511C-4FD8-85EE-79D825DFF3ED}] => (Permit) C:Program Information (x86)SteamSteam.exe (Valve -> Valve Company)
FirewallRules: [{A0CE6893-8E8B-46CB-A8F4-350EA8FD9ABE}] => (Permit) C:Program Information (x86)SteamSteam.exe (Valve -> Valve Company)
FirewallRules: [{F9758014-B9FB-4141-A67A-C9553A3ADB8E}] => (Permit) C:Program Information (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]
FirewallRules: [{054CE59E-986A-4267-BDA6-9E8DC36D0255}] => (Permit) C:Program Information (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]
FirewallRules: [{46B0DB94-F431-41BC-ADF1-959E4D0582AA}] => (Permit) C:Program Information (x86)SteamsteamappscommonTom Clancy’s Rainbow Six Siege – Check ServerRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6D07C344-1CF8-4633-A824-2AA8552CA7C6}] => (Permit) C:Program Information (x86)SteamsteamappscommonTom Clancy’s Rainbow Six Siege – Check ServerRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{E19CC986-B140-4812-A016-E78C9E611437}C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonterrariatmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{5E1E1D44-34B5-41B4-90C4-D833FCA96768}C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonterrariatmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{02413308-F5D8-4B27-A9FA-F4920BE9C1B7}] => (Permit) C:Program Information (x86)SteamsteamappscommonTom Clancy’s Rainbow Six Siege – Check ServerRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{48A9B52A-9480-4552-B48E-5BF6F24117A3}] => (Permit) C:Program Information (x86)SteamsteamappscommonTom Clancy’s Rainbow Six Siege – Check ServerRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{F426C5E5-7151-4FAB-9ED8-847FA9D1B4FB}C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Permit) C:program recordsdata (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [UDP Query User{09CDC483-3B11-4F49-A3B0-48181260F50E}C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Permit) C:program recordsdata (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [{51DCDD90-B9F1-4484-8F79-4716A2DB6EE2}] => (Permit) C:Program Information (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Company)
FirewallRules: [{EF6D86F7-6B85-43DD-9029-886ABB2D8D7B}] => (Permit) C:Program Information (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Company)
FirewallRules: [TCP Query User{76D7F415-2377-4FB1-A3C6-DF1C9B54746B}C:program files (x86)javajre1.8.0_231binjavaw.exe] => (Permit) C:program recordsdata (x86)javajre1.8.0_231binjavaw.exe
FirewallRules: [UDP Query User{EE78DC42-A4EF-4B8E-AF6C-69D5E8C8F989}C:program files (x86)javajre1.8.0_231binjavaw.exe] => (Permit) C:program recordsdata (x86)javajre1.8.0_231binjavaw.exe
FirewallRules: [TCP Query User{103344C3-39D8-499B-9B74-DE1A443974DB}C:program files (x86)steamsteamappscommonrocketleaguebinarieswin64rocketleague.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonrocketleaguebinarieswin64rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [UDP Query User{51DD8E6E-F5F3-4A71-8D6E-A045DBC31C66}C:program files (x86)steamsteamappscommonrocketleaguebinarieswin64rocketleague.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonrocketleaguebinarieswin64rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{7239E6C3-91B0-4042-B459-87DE8133D10C}] => (Permit) C:Program FilesWindowsAppsScreenovateTechnologies.AlienwareMobileConnect_3.0.9347.0_x64__0vhbc3ng4wbp0appAlienwareMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Applied sciences Ltd.)
FirewallRules: [{AB258022-4033-4BA7-AF2F-E0AB8B835F53}] => (Permit) C:Program FilesWindowsAppsScreenovateTechnologies.AlienwareMobileConnect_3.0.9347.0_x64__0vhbc3ng4wbp0appAlienwareMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Applied sciences Ltd.)
FirewallRules: [{FC17A53A-A33F-4F31-AEB4-9611A395CC33}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesRocketLeague.exe => No File
FirewallRules: [{005B2C36-5207-4299-804B-E057248FF632}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesRocketLeague.exe => No File
FirewallRules: [TCP Query User{5FFECD72-2856-48BA-9FB7-17B1F52811D2}C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{45981B01-215D-427A-A563-A8F053EF1C7E}C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Permit) C:program recordsdata (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{482C9FC8-BA4C-4E7E-B9C7-D73880D0ED07}] => (Block) C:program recordsdata (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{9BBAFBFC-82D2-4F4D-A27A-CE23F386069C}] => (Block) C:program recordsdata (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{5F13F4EB-9A78-443A-9BFC-52ADF6030C0A}C:program filesepic gamesgtavgta5.exe] => (Permit) C:program filesepic gamesgtavgta5.exe (Rockstar Video games, Inc. -> Rockstar Video games)
FirewallRules: [UDP Query User{FBBC4D19-E993-45E3-88F9-E825BADAE812}C:program filesepic gamesgtavgta5.exe] => (Permit) C:program filesepic gamesgtavgta5.exe (Rockstar Video games, Inc. -> Rockstar Video games)
FirewallRules: [{8A46C4FA-3997-469B-90E3-CE9FDFABE03F}] => (Block) C:program filesepic gamesgtavgta5.exe (Rockstar Video games, Inc. -> Rockstar Video games)
FirewallRules: [{B2D1E53E-E18F-47BE-A44A-25592D4E1564}] => (Block) C:program filesepic gamesgtavgta5.exe (Rockstar Video games, Inc. -> Rockstar Video games)
FirewallRules: [{D6EF2569-0D8D-4EEE-9208-89529E8ADE24}] => (Permit) C:Windowssystem32rundll32.exe (Microsoft Home windows -> Microsoft Company)
FirewallRules: [TCP Query User{90513AC9-2543-4EB0-874C-DD01C80D2345}C:program filesstreamlabs obsstreamlabs obs.exe] => (Permit) C:program filesstreamlabs obsstreamlabs obs.exe (Streamlabs (Common Workings, Inc.) -> Common Workings, Inc.)
FirewallRules: [UDP Query User{5154A93B-2750-4B3F-8573-DCE13ED8A006}C:program filesstreamlabs obsstreamlabs obs.exe] => (Permit) C:program filesstreamlabs obsstreamlabs obs.exe (Streamlabs (Common Workings, Inc.) -> Common Workings, Inc.)
FirewallRules: [{D50597D6-72F0-4CF5-97BB-6C0E9E2AFD9B}] => (Block) C:program filesstreamlabs obsstreamlabs obs.exe (Streamlabs (Common Workings, Inc.) -> Common Workings, Inc.)
FirewallRules: [{E1729426-FD41-414E-BF9E-99AA57BB5A15}] => (Block) C:program filesstreamlabs obsstreamlabs obs.exe (Streamlabs (Common Workings, Inc.) -> Common Workings, Inc.)
FirewallRules: [TCP Query User{8AF20768-F295-4EA8-B5D7-25EC68D525EC}C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Permit) C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe
FirewallRules: [UDP Query User{32F967F0-C63E-4EBE-91AC-2673B40ABEEE}C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Permit) C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe
FirewallRules: [{EDD13503-BAE5-486A-B8D6-ACBF7EA1016D}] => (Block) C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe
FirewallRules: [{23A05AF7-5630-44EE-AF00-4C89B3D59094}] => (Block) C:userscjshitwitchminecraftinstallruntimejre-x64binjavaw.exe
FirewallRules: [TCP Query User{84D2B37F-E8E1-4744-8FF0-0F54E514549D}C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Permit) C:program recordsdata (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [UDP Query User{1D8E7E82-84DA-4E8F-8478-D91018801771}C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Permit) C:program recordsdata (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [TCP Query User{921A233C-46DB-4C7F-BB75-F96C0135C3FD}C:program filesepic gamestheescapists2theescapists2.exe] => (Permit) C:program filesepic gamestheescapists2theescapists2.exe () [File not signed]
FirewallRules: [UDP Query User{81A1CE2A-1353-4532-952B-9961AAFB95E1}C:program filesepic gamestheescapists2theescapists2.exe] => (Permit) C:program filesepic gamestheescapists2theescapists2.exe () [File not signed]
FirewallRules: [{D59BB54C-B682-48EA-8742-407CC84DCFFE}] => (Block) C:program filesepic gamestheescapists2theescapists2.exe () [File not signed]
FirewallRules: [{021AE7B4-A397-439D-9470-281C530C0105}] => (Block) C:program filesepic gamestheescapists2theescapists2.exe () [File not signed]
FirewallRules: [{E4151FB1-A06F-45F7-BCA5-F4AACBA83CA6}] => (Permit) C:Program Information (x86)Origin GamesApexEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{704DEF3C-45FB-44B6-BAF5-60A9AE5606F3}] => (Permit) C:Program Information (x86)Origin GamesApexEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5300724B-30D1-48C2-A73E-076DC8F048D2}] => (Permit) D:SteamLibrarysteamappscommonMarbles on StreamMarblesOnStream.exe (Epic Video games, Inc.) [File not signed]
FirewallRules: [{0BA8BC02-1D2B-4361-B4E2-BCC86E3DBF31}] => (Permit) D:SteamLibrarysteamappscommonMarbles on StreamMarblesOnStream.exe (Epic Video games, Inc.) [File not signed]
FirewallRules: [{2C480C92-52B7-4C5E-829F-F8B14635DECD}] => (Permit) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Video games, Inc)
FirewallRules: [{05117AB3-8CA3-4C21-BFBF-3714BCEB8656}] => (Permit) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Video games, Inc)
FirewallRules: [{0C3C2528-010B-47E2-B2CC-8C96012F5E96}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{8EA8EA60-E8A7-4D28-8B7F-22E195BC1735}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{29BFB87D-5A7C-4918-A924-763E539AC11F}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{75429AA5-803F-4F36-87B8-537A38C84D00}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1056F501-2CF9-4859-9962-E4AF0EC3F4DE}] => (Permit) D:SteamLibrarysteamappscommonDestiny 2destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{71DEB594-0432-4973-BC0C-5EFFE462FCEE}] => (Permit) D:SteamLibrarysteamappscommonDestiny 2destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{4494BEA1-A7CF-4FA6-9526-38184DC61A48}] => (Permit) D:SteamLibrarysteamappscommonGang BeastsGang Beasts.exe () [File not signed]
FirewallRules: [{B3275026-76D0-4197-BBB5-76F6EE364020}] => (Permit) D:SteamLibrarysteamappscommonGang BeastsGang Beasts.exe () [File not signed]
FirewallRules: [{878B6F53-AF08-4419-B65C-F53E3CF43480}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_BE.exe (BattlEye Improvements e.Okay. -> BattlEye Improvements)
FirewallRules: [{198AF46D-BD02-42D5-8A80-14F4677A912C}] => (Permit) D:SteamLibrarysteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_BE.exe (BattlEye Improvements e.Okay. -> BattlEye Improvements)
FirewallRules: [{ACFB22D2-9B41-45E3-931D-3A32E5FE2A4D}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesWin32RocketLeague.exe => No File
FirewallRules: [{AC87B7B2-DA40-4961-B55E-3C7E5E70BA84}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesWin32RocketLeague.exe => No File
FirewallRules: [{A4250313-3891-4CF5-97DA-C20805E90428}] => (Permit) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Company -> Microsoft Company)
FirewallRules: [{1BD28053-BB32-43AD-AEC9-54F968D5B3B4}] => (Permit) C:Program Information (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [{7851B957-D952-4D2F-9ABE-D17B98033ABA}] => (Permit) C:Program Information (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [{A14F2F7C-486B-48DF-A103-8CDDFA1C17AA}] => (Permit) D:SteamLibrarysteamappscommonGeometry DashGeometryDash.exe () [File not signed]
FirewallRules: [{89A2E1ED-4217-4B6B-970D-312DE4856A4D}] => (Permit) D:SteamLibrarysteamappscommonGeometry DashGeometryDash.exe () [File not signed]
FirewallRules: [{6C7E70B9-61D0-461D-975E-770F1F43C2E8}] => (Permit) D:SteamLibrarysteamappscommonOxygenNotIncludedOxygenNotIncluded.exe () [File not signed]
FirewallRules: [{0F2296F7-61A2-4C98-8184-10D7B32D88F3}] => (Permit) D:SteamLibrarysteamappscommonOxygenNotIncludedOxygenNotIncluded.exe () [File not signed]
FirewallRules: [{6B2C5BB5-6C03-4D63-BF5E-4C2574F09A23}] => (Permit) C:Program Information (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98AD1DF1-A32F-4F11-BE4F-786056F9CED3}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesRocketLeague.exe => No File
FirewallRules: [{69E5A0B0-181A-4447-BCDF-A049737E8A71}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesRocketLeague.exe => No File
FirewallRules: [{A0B9EA4C-2718-417A-876F-6361029DF8EF}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesWin64RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{0B4298BC-BF67-40D1-8476-143843AEF739}] => (Permit) C:Program Information (x86)SteamsteamappscommonrocketleagueBinariesWin64RocketLeague.exe (Psyonix, LLC) [File not signed]
==================== Restore Factors =========================
17-09-2020 17:23:49 Scheduled Checkpoint
==================== Defective Machine Supervisor Gadgets ============
==================== Occasion log errors: ========================
Utility errors:
==================
Error: (09/18/2020 02:51:12 PM) (Supply: VSS) (EventID: 8193) (Person: )
Description: Quantity Shadow Copy Service error: Surprising error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/18/2020 02:51:12 PM) (Supply: VSS) (EventID: 13) (Person: )
Description: Quantity Shadow Copy Service data: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and identify CEventSystem can’t be began. [0x8007045b, A system shutdown is in progress.
]
Error: (09/18/2020 02:51:12 PM) (Supply: VSS) (EventID: 8193) (Person: )
Description: Quantity Shadow Copy Service error: Surprising error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/18/2020 02:51:12 PM) (Supply: VSS) (EventID: 13) (Person: )
Description: Quantity Shadow Copy Service data: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and identify CEventSystem can’t be began. [0x8007045b, A system shutdown is in progress.
]
Error: (09/18/2020 01:32:54 PM) (Supply: Utility Error) (EventID: 1000) (Person: )
Description: Faulting utility identify: mbamtray.exe, model: 4.0.0.794, time stamp: 0x5f52571b
Faulting module identify: Qt5Core.dll, model: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000219d05
Faulting course of id: 0x17d0
Faulting utility begin time: 0x01d68de1bcbd28ee
Faulting utility path: C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
Faulting module path: C:Program FilesMalwarebytesAnti-MalwareQt5Core.dll
Report Id: 14986f6d-21d2-4f3d-9d82-07d16e6fe234
Faulting package deal full identify:
Faulting package-relative utility ID:
Error: (09/18/2020 01:27:17 PM) (Supply: Microsoft-Home windows-Perflib) (EventID: 1020) (Person: NT AUTHORITY)
Description: The required buffer dimension is larger than the buffer dimension handed to the Gather perform of the “C:WindowsSystem32perfts.dll” Extensible Counter DLL for the “LSM” service. The given buffer dimension was 30944 and the required dimension was 40952.
Error: (09/18/2020 01:22:58 PM) (Supply: Utility Grasp) (EventID: 1002) (Person: )
Description: This system AfterFX.exe model 17.1.4.37 stopped interacting with Home windows and was closed. To see if extra details about the issue is out there, test the issue historical past within the Safety and Upkeep management panel.
Course of ID: 2e5c
Begin Time: 01d68de035a8dbd3
Termination Time: 7
Utility Path: C:Program FilesAdobeAdobe After Results 2020Support FilesAfterFX.exe
Report Id: d68bd627-bc95-4aec-9eec-254223bd4824
Faulting package deal full identify:
Faulting package-relative utility ID:
Grasp kind: Cross-process
Error: (09/18/2020 01:08:06 PM) (Supply: Utility Grasp) (EventID: 1002) (Person: )
Description: This system AfterFX.exe model 17.1.4.37 stopped interacting with Home windows and was closed. To see if extra details about the issue is out there, test the issue historical past within the Safety and Upkeep management panel.
Course of ID: 2274
Begin Time: 01d68dd6fc425f13
Termination Time: 0
Utility Path: C:Program FilesAdobeAdobe After Results 2020Support FilesAfterFX.exe
Report Id: efe05801-0e0f-4980-b180-1c29dbed3a1c
Faulting package deal full identify:
Faulting package-relative utility ID:
Grasp kind: Unknown
System errors:
=============
Error: (09/18/2020 03:02:06 PM) (Supply: Service Management Supervisor) (EventID: 7022) (Person: )
Description: The System Guard Runtime Monitor Dealer service held on beginning.
Error: (09/18/2020 03:00:05 PM) (Supply: Service Management Supervisor) (EventID: 7022) (Person: )
Description: The Downloaded Maps Supervisor service held on beginning.
Error: (09/18/2020 02:56:51 PM) (Supply: DCOM) (EventID: 10010) (Person: CALS-PC)
Description: The server AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc!App.AppX5egradqnfhm079htg5w68rv4v0zy0a97.mca didn’t register with DCOM throughout the required timeout.
Error: (09/18/2020 11:26:08 AM) (Supply: DCOM) (EventID: 10010) (Person: CALS-PC)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} didn’t register with DCOM throughout the required timeout.
Error: (09/18/2020 11:25:08 AM) (Supply: Service Management Supervisor) (EventID: 7023) (Person: )
Description: The wuauserv service terminated with the next error:
The system can not discover the file specified.
Error: (09/18/2020 11:25:08 AM) (Supply: DCOM) (EventID: 10010) (Person: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} didn’t register with DCOM throughout the required timeout.
Error: (09/18/2020 11:23:08 AM) (Supply: Service Management Supervisor) (EventID: 7023) (Person: )
Description: The wuauserv service terminated with the next error:
The system can not discover the file specified.
Error: (09/18/2020 11:20:44 AM) (Supply: Service Management Supervisor) (EventID: 7000) (Person: )
Description: The ChromeUpdater service failed to start out because of the following error:
The service didn’t reply to the beginning or management request in a well timed style.
Home windows Defender:
===================================
Date: 2020-09-18 11:28:34.268
Description:
Home windows Defender Antivirus has detected malware or different doubtlessly undesirable software program.
For extra data please see the next:
Identify: Trojan:Win32/Glupteba!atmn
ID: 2147756932
Severity: Extreme
Class: Trojan
Path: file:_C:UserscjshiAppDataRoamingc959dfd3e5cdc959dfd3e5cd.exe; regkey:_HKCU@S-1-5-21-184074726-1042131089-445855423-1001SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNCloudNet; runkey:_HKCU@S-1-5-21-184074726-1042131089-445855423-1001SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUNCloudNet
Detection Origin: Native machine
Detection Sort: Concrete
Detection Supply: Actual-Time Safety
Course of Identify: C:UserscjshiAppDataLocalTempcsrsscloudnet.exe
Safety intelligence Model: AV: 1.323.1360.0, AS: 1.323.1360.0, NIS: 1.323.1360.0
Engine Model: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-18 11:28:22.187
Description:
Home windows Defender Antivirus has detected malware or different doubtlessly undesirable software program.
For extra data please see the next:
Identify: Trojan:Win32/Glupteba!atmn
ID: 2147756932
Severity: Extreme
Class: Trojan
Path: file:_C:UserscjshiAppDataRoamingc959dfd3e5cdc959dfd3e5cd.exe
Detection Origin: Native machine
Detection Sort: Concrete
Detection Supply: Actual-Time Safety
Course of Identify: C:UserscjshiAppDataLocalTempcsrsscloudnet.exe
Safety intelligence Model: AV: 1.323.1360.0, AS: 1.323.1360.0, NIS: 1.323.1360.0
Engine Model: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-18 11:24:21.204
Description:
Home windows Defender Antivirus has detected malware or different doubtlessly undesirable software program.
For extra data please see the next:
Identify: Trojan:Win32/Ceprolad.A
ID: 2147726914
Severity: Extreme
Class: Trojan
Detection Origin: Unknown
Detection Sort: Concrete
Detection Supply: System
Course of Identify: Unknown
Safety intelligence Model: AV: 1.323.1360.0, AS: 1.323.1360.0, NIS: 1.323.1360.0
Engine Model: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-18 11:24:02.309
Description:
Home windows Defender Antivirus has detected malware or different doubtlessly undesirable software program.
For extra data please see the next:
Identify: Trojan:Win32/Ceprolad.A
ID: 2147726914
Severity: Extreme
Class: Trojan
Detection Origin: Unknown
Detection Sort: Concrete
Detection Supply: System
Course of Identify: Unknown
Safety intelligence Model: AV: 1.323.1360.0, AS: 1.323.1360.0, NIS: 1.323.1360.0
Engine Model: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-18 11:22:50.488
Description:
Home windows Defender Antivirus has detected malware or different doubtlessly undesirable software program.
For extra data please see the next:
Identify: Trojan:Win32/Ceprolad.A
ID: 2147726914
Severity: Extreme
Class: Trojan
Detection Origin: Unknown
Detection Sort: Concrete
Detection Supply: System
Course of Identify: Unknown
Safety intelligence Model: AV: 1.323.1360.0, AS: 1.323.1360.0, NIS: 1.323.1360.0
Engine Model: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-17 16:24:13.361
Description:
Home windows Defender Antivirus has encountered an error attempting to replace safety intelligence.
New safety intelligence Model:
Earlier safety intelligence Model: 1.323.1287.0
Replace Supply: Microsoft Malware Safety Middle
Safety intelligence Sort: AntiVirus
Replace Sort: Full
Present Engine Model:
Earlier Engine Model: 1.1.17400.5
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-09-16 20:40:36.434
Description:
Home windows Defender Antivirus has encountered an error attempting to replace safety intelligence.
New safety intelligence Model:
Earlier safety intelligence Model: 1.323.1287.0
Replace Supply: Microsoft Malware Safety Middle
Safety intelligence Sort: AntiVirus
Replace Sort: Full
Present Engine Model:
Earlier Engine Model: 1.1.17400.5
Error code: 0x800704e8
Error description: The distant system will not be accessible. For details about community troubleshooting, see Home windows Assist.
Date: 2020-09-16 20:40:36.434
Description:
Home windows Defender Antivirus has encountered an error attempting to replace safety intelligence.
New safety intelligence Model:
Earlier safety intelligence Model: 1.323.1287.0
Replace Supply: Microsoft Malware Safety Middle
Safety intelligence Sort: AntiSpyware
Replace Sort: Full
Present Engine Model:
Earlier Engine Model: 1.1.17400.5
Error code: 0x800704e8
Error description: The distant system will not be accessible. For details about community troubleshooting, see Home windows Assist.
Date: 2020-09-16 20:40:36.434
Description:
Home windows Defender Antivirus has encountered an error attempting to replace safety intelligence.
New safety intelligence Model:
Earlier safety intelligence Model: 1.323.1287.0
Replace Supply: Microsoft Malware Safety Middle
Safety intelligence Sort: AntiVirus
Replace Sort: Full
Present Engine Model:
Earlier Engine Model: 1.1.17400.5
Error code: 0x800704e8
Error description: The distant system will not be accessible. For details about community troubleshooting, see Home windows Assist.
Date: 2020-09-14 16:53:00.847
Description:
Home windows Defender Antivirus has encountered an error attempting to replace safety intelligence.
New safety intelligence Model:
Earlier safety intelligence Model: 1.323.1154.0
Replace Supply: Microsoft Malware Safety Middle
Safety intelligence Sort: AntiVirus
Replace Sort: Full
Present Engine Model:
Earlier Engine Model: 1.1.17400.5
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===================================
Date: 2020-09-18 11:59:58.884
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64CassiniMLKOSD.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:58.881
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64DellInc.AlienwareSoundCenterDevProps2.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:58.872
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64CassiniMLKOSD.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:58.869
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64DellInc.AlienwareSoundCenterDevProps2.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:57.405
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64CassiniMLKOSD.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:57.377
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64DellInc.AlienwareSoundCenterDevProps2.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:57.356
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64CassiniMLKOSD.dll that didn’t meet the Microsoft signing stage necessities.
Date: 2020-09-18 11:59:57.277
Description:
Code Integrity decided {that a} course of (DeviceHarddiskVolume4WindowsSystem32CastSrv.exe) tried to load DeviceHarddiskVolume4ProgramDataA-VoluteDellInc.AlienwareSoundCenterModulesScheduledModulesx64DellInc.AlienwareSoundCenterDevProps2.dll that didn’t meet the Microsoft signing stage necessities.
==================== Reminiscence data ===========================
BIOS: Alienware 1.0.9 06/03/2020
Motherboard: Alienware 0T76PD
Processor: Intel® Core i5-9400 CPU @ 2.90GHz
Proportion of reminiscence in use: 67%
Whole bodily RAM: 8019.1 MB
Out there bodily RAM: 2633.01 MB
Whole Digital: 19283.1 MB
Out there Digital: 10728.74 MB
==================== Drives ================================
Drive c: (OS) (Mounted) (Whole:914.23 GB) (Free:555.1 GB) NTFS
Drive d: (Excessive SSD) (Mounted) (Whole:465.76 GB) (Free:200.32 GB) exFAT
Drive e: () (Detachable) (Whole:28.64 GB) (Free:28.48 GB) FAT32
?Quantity{49137c95-c1ae-406b-ae92-c6fe4d7f7104} (WINRETOOLS) (Mounted) (Whole:0.97 GB) (Free:0.38 GB) NTFS
?Quantity{e99d057c-0e7a-404e-b676-080d3eaec0f4} (Picture) (Mounted) (Whole:14.13 GB) (Free:0.15 GB) NTFS
?Quantity{90d9ef6b-3cd6-4316-866b-f35841eab948} (DELLSUPPORT) (Mounted) (Whole:1.42 GB) (Free:0.48 GB) NTFS
?Quantity{5764db9b-4aee-417e-aa89-c691f69eeb87} (ESP) (Mounted) (Whole:0.63 GB) (Free:0.55 GB) FAT32
==================== MBR & Partition Desk ====================
==========================================================
Disk: 0 (Dimension: 931.5 GB) (Disk ID: C978F8D4)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Home windows XP) (Dimension: 465.8 GB) (Disk ID: 0099C2ED)
Partition 1: (Not Lively) – (Dimension=465.8 GB) – (Sort=07 NTFS)
==========================================================
Disk: 2 (Protecting MBR) (Dimension: 28.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Finish of Addition.txt =======================
