Home News Just a check for a problems no noticable symptoms.

Just a check for a problems no noticable symptoms.

15
0

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-02-2021
Ran by scott (administrator) on SCOKAHLE2021 (21-02-2021 22:23:25)
Running from C:UsersscottDownloads
Loaded Profiles: scott
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:Program Files (x86)VMLiteAndroidAppControlleradb.exe
(Advanced Micro Devices, Inc. -> AMD) C:Program FilesAMDPerformance Profile ClientAUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0361132.inf_amd64_4863ccf4c1b997c9B361196atiesrxx.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:Program Files (x86)Foxit SoftwareFoxit ReaderFoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.72GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.72GoogleCrashHandler64.exe
(Institute for Human & Machine Cognition) [File not signed] C:Program FilesIHMC CmapToolsbinCmapTools.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbweCortana.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbweCalculator.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbweWinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2101.9-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2101.9-0NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program FilesIHMC CmapToolsjrebinjavaw.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe
(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe
(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RtkAudUService] => C:WindowsSystem32RtkAudUService64.exe [876536 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [3942864 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM…Run: [LogiOptions] => C:Program FilesLogitechLogiOptionsLogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM…Run: [EvtMgr6] => C:Program FilesLogitechSetPointPSetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.)
HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32…Run: [KeePass 2 PreLoad] => C:Program Files (x86)KeePass Password Safe 2KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32…Run: [Volume2] => C:Program Files (x86)Volume2Volume2.exe [4341248 2021-01-03] (Alexandr Irza) [File not signed]
HKUS-1-5-21-4072992394-420792265-3149577500-1001…PoliciesExplorer: [HideSCAVolume] 0
HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program FilesGoogleChromeApplication88.0.4324.182Installerchrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupGetRight.lnk [2021-01-06]
ShortcutTarget: GetRight.lnk -> C:Program Files (x86)GetRightGetRight.exe (Headlight Software, Inc. -> Headlight Software, Inc.)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupTP-LINK Wireless Configuration Utility.lnk [2020-12-21]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:Program Files (x86)TP-LINKTP-LINK Wireless Configuration UtilityTWCU.exe () [File not signed]
HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: 01B5A09E-CF3F-4A00-83D1-A0A60FF2382C – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-26] (Google LLC -> Google LLC)
Task: 05B25192-0EFE-4A5B-BB5C-0BDBE85A6ACD – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: 28315CB0-C949-4D65-8F7B-F4AB350E8215 – System32TasksAMD ThankingURL => C:Program FilesAMDCIMBin64Setup.exe [1124744 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: 34116F98-42F0-4330-AC33-89B3A396C9F4 – System32TasksAMDInstallLauncher => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1710464 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: 50F41DD4-ABFD-4B0E-BEA3-18C173CA3256 – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [677344 2021-02-09] (Mozilla Corporation -> Mozilla Foundation)
Task: 57BFFC4B-5150-465F-AA2E-3DE35019EA75 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: 676DE8C4-16E5-4402-866F-B45FD1A481FF – System32TasksStartDVR => C:Program FilesAMDCNextCNextRSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: 7D2F8AC8-2435-4F35-8ABE-9DC7784F8A05 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-26] (Google LLC -> Google LLC)
Task: 8245086B-DEDF-4279-8E06-5FF9E2A6992C – System32TasksModifyLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1710464 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: 9ECEE7FD-20BA-42C1-A2BA-3308152CA933 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: AE5989BE-3A3A-4452-A69D-90D6EC5A75B2 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: C6F60983-A587-459F-B3C0-FBE0EF695CC6 – System32TasksStartCN => C:Program FilesAMDCNextCNextcncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: F5F34200-FA53-4708-8AB5-30BC28616270 – System32TasksStartCNBM => C:Program FilesAMDCNextCNextcncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 8.240.242.124 https://t.co/95ncORSXzb
TcpipParameters: [DhcpNameServer] 192.168.86.1
Tcpip..Interfaces4ddad60c-5aac-4cba-b41c-f1ba0e3164f0: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip..Interfaces758228b7-8620-471b-9ac3-ee36b1e2bda3: [NameServer] 208.67.222.222,208.67.220.220
Tcpip..Interfaces758228b7-8620-471b-9ac3-ee36b1e2bda3: [DhcpNameServer] 192.168.86.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersscottAppDataLocalMicrosoftEdgeUser DataDefault [2021-02-12]
Edge Extension: (Outlook) – C:UsersscottAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbjhmmnoficofgoiacjaajpkfndojknpb [2020-12-28]
Edge Extension: (PowerPoint) – C:UsersscottAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsopfacbhaojodjaojgocnibmklknchehf [2020-12-28]

FireFox:
========
FF DefaultProfile: uf0yyalr.default
FF ProfilePath: C:UsersscottAppDataRoamingMozillaFirefoxProfilesuf0yyalr.default [2020-12-21]
FF ProfilePath: C:UsersscottAppDataRoamingMozillaFirefoxProfilesojov1i2q.default-release [2021-02-21]
FF Notifications: MozillaFirefoxProfilesojov1i2q.default-release -> hxxps://calendar.google.com
FF Extension: (Grammarly for Firefox) – C:UsersscottAppDataRoamingMozillaFirefoxProfilesojo[email protected]jetpack.xpi [2021-02-20]
FF Extension: (Privacy Badger) – C:UsersscottAppDataRoamingMozillaFiref[email protected]jetpack.xpi [2021-02-03]
FF Extension: (Show Media Bias / Fact Check ratings for Facebook, Twitter and news websites as you browse) – C:UsersscottAppDataRoamingMozillaFirefox[email protected]drmikecrowe-mbfcext.xpi [2021-02-17]
FF Extension: (Mix) – C:UsersscottAppDataRoamin[email protected]mix.com.xpi [2021-02-20]
FF Extension: (Stopaganda Plus) – C:UsersscottAppDataRoamingMozillaFir[email protected]erikgibbons.com.xpi [2021-02-21]
FF Extension: (LastPass: Free Password Manager) – C:UsersscottAppDataRoaming[email protected]lastpass.com.xpi [2021-02-11]
FF Extension: (Logitech SetPoint) – C:UsersscottAppDataRoamingMozillaFirefoxProfilesojov1i2q.default-releaseExtensions84380428-8c9d-4bdf-913d-b2c34d6562d9.xpi [2020-12-23]
FF Extension: (Awesome RSS) – C:UsersscottAppDataRoamingMozillaFirefoxProfilesojov1i2q.default-releaseExtensions97d566da-42c5-4ef4-a03b-5a2e5f7cbcb2.xpi [2021-01-18]
FF Extension: (Read Aloud: A Text to Speech Voice Reader) – C:UsersscottAppDataRoamingMozillaFirefoxProfilesojov1i2q.default-releaseExtensionsddc62400-f22d-4dd3-8b4a-05837de53c2e.xpi [2021-01-21]
FF HKLM-x32…FirefoxExtensions: [F003DA68-8256-4b37-A6C4-350FA04494DF] – C:Program FilesLogitechSetPointPLogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) – C:Program FilesLogitechSetPointPLogiSmoothFirefoxExt [2020-12-23] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:Program FilesJavajre1.8.0_281bindtpluginnpDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:Program FilesJavajre1.8.0_281binplugin2npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:Program Files (x86)Javajre1.8.0_281bindtpluginnpDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:Program Files (x86)Javajre1.8.0_281binplugin2npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:UsersscottAppDataLocalGoogleChromeUser DataDefault [2021-02-20]
CHR Notifications: Default -> hxxps://voice.google.com
CHR StartupUrls: Default -> “chrome://bookmarks/”
CHR Extension: (Slides) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-12-26]
CHR Extension: (Search Sniper) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsallfhljpdnllkijnhgpocihmolebgcfd [2020-12-26]
CHR Extension: (Docs) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-12-26]
CHR Extension: (Google Drive) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-12-26]
CHR Extension: (Entity Explosion) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsbbcffeclligkmfiocanodamdjclgejcn [2021-01-16]
CHR Extension: (YouTube) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-26]
CHR Extension: (TTS Reader: Speak Kindle Books Aloud) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsboejkcdniilikalcdbigmobbmejjbppf [2021-02-17]
CHR Extension: (Web Paint) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsemeokgokialpjadjaoeiplmnkjoaegng [2021-01-09]
CHR Extension: (DNSSEC Validator) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsfeijekkdahhnjbhpiffgejphmokchdbo [2020-12-26]
CHR Extension: (Sheets) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-12-26]
CHR Extension: (Google Docs Offline) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-26]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionshdhinadidafjejdhmfkjgnolgimiaplp [2021-01-23]
CHR Extension: (LastPass: Free Password Manager) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionshdokiejnpimakedhajhdlcegeplioahd [2021-02-12]
CHR Extension: (WaveNet for Chrome) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsiefankigbnlnlaolflbcopliocibkffc [2021-02-04]
CHR Extension: (Grammarly for Chrome) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionskbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-17]
CHR Extension: (Speechify for Chrome) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsljflmlehinmoeknoonhibbjpldiijjmm [2021-02-14]
CHR Extension: (Google Keep Chrome Extension) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionslpcaedmchfhocbbapmcbpinfpgnhiddi [2021-02-17]
CHR Extension: (Google Play Books) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsmmimngoggfoobjdlefbcabngfnmieonb [2020-12-26]
CHR Extension: (Video Downloader PLUS) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsnjgehaondchbmjmajphnhlojfnbfokng [2020-12-26]
CHR Extension: (Chrome Web Store Payments) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-12-26]
CHR Extension: (Chrome Media Router) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-30]
CHR Extension: (Privacy Badger) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionspkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-02-05]
CHR Extension: (RSS Feed Reader) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionspnjaodmkngahhkoihejjehlcdlnohgmp [2020-12-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AUEPLauncher; C:Program FilesAMDCIM..Performance Profile ClientAUEPLauncher.exe [61832 2020-11-13] (Advanced Micro Devices, Inc. -> AMD)
S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818288 2020-12-22] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 FoxitReaderUpdateService; C:Program Files (x86)Foxit SoftwareFoxit ReaderFoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0NisSrv.exe [2462960 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2101.9-0MsMpEng.exe [128376 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:WindowsSystem32driversamdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:WindowsSysWow64driversAsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:WindowsSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 vgk; C:Program FilesRiot Vanguardvgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:WindowsSystem32driverswdWdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WindowsSystem32driverswdWdFilter.sys [419040 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 vpnva; SystemRootSystem32driversvpnva64-6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 22:23 – 2021-02-21 22:24 – 000020740 _____ C:UsersscottDownloadsFRST.txt
2021-02-21 22:21 – 2021-02-21 22:24 – 000000000 ____D C:FRST
2021-02-21 22:21 – 2021-02-21 22:21 – 002301440 _____ (Farbar) C:UsersscottDownloadsFRST64.exe
2021-02-19 18:41 – 2021-02-19 18:41 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2021-02-17 15:13 – 2021-02-17 15:13 – 000000000 ____H C:Windowssystem32DriversMsft_User_WpdMtpDr_01_11_00.Wdf
2021-02-16 18:29 – 2021-02-16 18:29 – 000000000 ____D C:Usersscott.android
2021-02-16 18:27 – 2021-02-16 18:27 – 000002275 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsVMLite Android App Controller.lnk
2021-02-16 18:27 – 2021-02-16 18:27 – 000002263 _____ C:ProgramDataDesktopVMLite Android App Controller.lnk
2021-02-16 18:27 – 2021-02-16 18:27 – 000000000 ____D C:Program Files (x86)VMLite
2021-02-16 18:23 – 2021-02-16 18:23 – 016490792 _____ (VMLite Corporation) C:UsersscottDownloadsVMLiteAndroidAppControllerSetup.exe
2021-02-16 13:51 – 2021-02-16 13:51 – 000001214 _____ C:UsersscottDesktoppeterswords.txt
2021-02-12 14:39 – 2021-02-18 22:17 – 000000114 _____ C:UsersscottDesktopmominfotoo.txt
2021-02-12 13:12 – 2021-02-12 13:12 – 000811060 _____ C:UsersscottDownloadsPDF Scanner 12-02-2021 1.09.15 PM.pdf
2021-02-12 13:11 – 2021-02-12 13:12 – 000647469 _____ C:UsersscottDownloadsPDF Scanner 12-02-2021 1.07.47 PM.pdf
2021-02-10 23:22 – 2021-02-10 23:22 – 000000000 ____D C:UsersscottAppDataLocalJackbox Games
2021-02-10 23:18 – 2021-02-10 23:18 – 000000223 _____ C:UsersscottDesktopThe Jackbox Party Pack 6.url
2021-02-10 18:04 – 2021-02-10 18:04 – 002755584 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb
2021-02-10 18:03 – 2021-02-10 18:03 – 002755584 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb
2021-02-10 18:03 – 2021-02-10 18:03 – 001314112 _____ (Microsoft Corporation) C:Windowssystem32SecConfig.efi
2021-02-10 18:03 – 2021-02-10 18:03 – 000010892 _____ C:Windowssystem32DrtmAuthTxt.wim
2021-02-10 18:02 – 2021-02-10 18:02 – 000231232 _____ C:Windowssystem32containerdevicemanagement.dll
2021-02-09 23:39 – 2021-02-09 23:39 – 000000000 ____D C:Windowssystem32TasksMozilla
2021-02-09 15:44 – 2021-02-10 20:07 – 000000000 ____D C:Program FilesMozilla Firefox
2021-02-09 14:42 – 2021-02-09 15:17 – 000000271 _____ C:UsersscottDesktopmom info.txt
2021-02-09 06:31 – 2021-02-09 06:32 – 000002275 _____ C:UsersscottDownloadsmeeting-98046948935.ics
2021-02-08 11:21 – 2021-02-08 11:21 – 001246564 _____ C:UsersscottDownloadsdocument.pdf
2021-02-08 11:21 – 2021-02-08 11:21 – 000569596 _____ C:UsersscottDownloadsdocument(1).pdf
2021-02-08 08:47 – 2021-02-08 08:47 – 000000195 _____ C:UsersscottDesktopmental notes hostage neg.txt
2021-02-06 10:22 – 2021-02-06 10:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIHMC CmapTools
2021-02-06 10:22 – 2021-02-06 10:22 – 000000000 ____D C:Program FilesIHMC CmapTools
2021-02-06 10:20 – 2021-02-06 10:21 – 103897112 _____ (Institute for Human & Machine Cognition) C:UsersscottDownloadsWin64CmapTools_v6.04_09-24-19 (1).exe
2021-02-05 08:47 – 2021-02-05 08:47 – 000041262 _____ C:UsersscottDesktopcarlrobertsnew.odt
2021-02-04 08:25 – 2021-02-04 08:25 – 000001631 _____ C:UsersscottDownloadsREADME.txt
2021-02-04 07:53 – 2021-02-04 07:53 – 000000000 ____D C:UsersscottDocumentsAudacity
2021-02-04 07:51 – 2021-02-04 07:51 – 000527423 _____ ( ) C:UsersscottDownloadsLame_v3.99.3_for_Windows.exe
2021-02-04 07:51 – 2021-02-04 07:51 – 000000000 ____D C:Program Files (x86)Lame For Audacity
2021-02-04 07:50 – 2021-02-04 08:31 – 000000000 ____D C:UsersscottAppDataRoamingaudacity
2021-02-04 07:50 – 2021-02-04 07:50 – 000000000 ____D C:UsersscottAppDataLocalAudacity
2021-02-04 07:49 – 2021-02-04 07:50 – 000000000 ____D C:Program Files (x86)Audacity
2021-02-04 07:49 – 2021-02-04 07:49 – 028141904 _____ (Audacity Team ) C:UsersscottDownloadsaudacity-win-2.4.2.exe
2021-02-04 07:49 – 2021-02-04 07:49 – 000001088 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAudacity.lnk
2021-02-04 07:49 – 2021-02-04 07:49 – 000001076 _____ C:ProgramDataDesktopAudacity.lnk
2021-02-04 04:23 – 2021-02-04 04:23 – 000001060 _____ C:ProgramDataDesktopVolume2.lnk
2021-02-04 04:23 – 2021-02-04 04:23 – 000000000 ____D C:UsersscottAppDataRoamingVolume2
2021-02-04 04:23 – 2021-02-04 04:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVolume2
2021-02-04 04:23 – 2021-02-04 04:23 – 000000000 ____D C:Program Files (x86)Volume2
2021-02-03 11:46 – 2021-02-03 11:46 – 000000089 _____ C:UsersscottDesktopfacebookrecovery_codes.txt.html
2021-02-03 09:54 – 2021-02-03 09:54 – 053798904 _____ C:UsersscottDownloadsyubikey-manager-qt-1.1.5-win64.exe
2021-02-03 09:54 – 2021-02-03 09:54 – 000000000 ____D C:UsersscottAppDataLocalYubico
2021-02-03 09:54 – 2021-02-03 09:54 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsYubico
2021-02-03 09:54 – 2021-02-03 09:54 – 000000000 ____D C:Program FilesYubico
2021-02-03 07:21 – 2021-02-03 07:21 – 000000000 ____D C:Usersscott.MCTranscodingSDK
2021-02-03 07:20 – 2021-02-03 07:21 – 000000000 ____D C:ProgramDataDocumentsLightworks
2021-02-03 07:20 – 2021-02-03 07:20 – 000001835 _____ C:ProgramDataDesktoplightworks x64 (2021.1).lnk
2021-02-03 07:20 – 2021-02-03 07:20 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLightworks
2021-02-03 07:20 – 2021-02-03 07:20 – 000000000 ____D C:ProgramDataGeevs
2021-02-03 07:20 – 2021-02-03 07:20 – 000000000 ____D C:Program FilesLightworks
2021-02-03 07:18 – 2021-02-03 07:18 – 081605376 _____ (LWKS Software Ltd.) C:UsersscottDownloadslightworks_2021.1_r126716_64bit_setup.exe
2021-02-02 14:18 – 2021-02-02 14:18 – 000950036 _____ C:UsersscottDownloads755.pdf
2021-02-02 14:18 – 2021-02-02 14:18 – 000432318 _____ C:UsersscottDownloadsFourth- and Fifth-Generation Warfare Technology and Perceptions.pdf
2021-02-02 14:06 – 2021-02-02 14:06 – 001310063 _____ C:UsersscottDownloads6fa588bacd2793ed7ffb64a6920aa9c6129d.pdf
2021-02-01 17:51 – 2021-02-01 17:51 – 000000000 ____D C:UsersscottAppDataLocalOneDrive
2021-01-31 21:19 – 2021-01-31 21:29 – 000000000 ____D C:UsersscottDownloadsTenet.2020.IMAX.BRRip.XviD.AC3-XVID
2021-01-31 21:12 – 2021-01-31 21:12 – 000022710 _____ C:UsersscottDownloadsTenet.2020.IMAX.BRRip.XviD.AC3-XVID-[rarbg.to].torrent
2021-01-31 20:51 – 2021-02-16 07:32 – 000000000 ____D C:UsersscottAppDataRoamingvlc
2021-01-31 20:51 – 2021-01-31 20:51 – 000001139 _____ C:ProgramDataDesktopVLC media player.lnk
2021-01-31 20:51 – 2021-01-31 20:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
2021-01-31 20:50 – 2021-01-31 20:50 – 041436128 _____ C:UsersscottDownloadsvlc-3.0.12-win32.exe
2021-01-31 20:50 – 2021-01-31 20:50 – 000000000 ____D C:Program Files (x86)VideoLAN
2021-01-31 19:37 – 2021-01-31 19:37 – 000000000 ____D C:UsersscottDownloadsTenet.2020.BONUS.DISC.1080p.BluRay.x264.DD2.0-FGT
2021-01-31 19:33 – 2021-01-31 19:35 – 000000000 ____D C:UsersscottDownloadsTenet.2020.BONUS.DISC.BDRip.x264-ION10
2021-01-31 06:50 – 2021-01-31 06:50 – 000000222 _____ C:UsersscottDesktopStar Realms.url
2021-01-30 07:57 – 2021-01-30 07:57 – 092773527 _____ C:UsersscottDownloadsJefferson-Educational-Society-fbdown.net.mp4
2021-01-29 09:47 – 2021-01-29 09:47 – 002029093 _____ C:UsersscottDownloadsThe_Role_Of_The_Computer_In_The_Endtime.pdf
2021-01-24 17:58 – 2021-01-24 17:58 – 000000000 ____D C:UsersscottAppDataRoamingNomad Games
2021-01-24 17:56 – 2021-01-24 17:56 – 000000000 ____D C:UsersscottAppDataRoamingTalisman Prologue
2021-01-24 17:55 – 2021-01-24 17:55 – 000000222 _____ C:UsersscottDesktopTalisman Prologue.url
2021-01-24 17:55 – 2021-01-24 17:55 – 000000222 _____ C:UsersscottDesktopTalisman Digital Edition.url
2021-01-24 17:45 – 2021-01-24 17:45 – 000000000 ____D C:UsersscottAppDataRoamingValve Corporation
2021-01-23 09:49 – 2021-01-23 09:49 – 000000000 ____D C:UsersscottAppDataLocalVALORANT
2021-01-23 09:49 – 2021-01-23 09:49 – 000000000 ____D C:UsersscottAppDataLocalUnrealEngine
2021-01-23 09:26 – 2021-02-10 20:09 – 000000001 _____ C:Windowsvgkbootstatus.dat
2021-01-23 08:57 – 2021-01-23 09:09 – 000001627 _____ C:ProgramDataDesktopVALORANT.lnk
2021-01-23 08:57 – 2021-01-23 08:57 – 000000000 ____D C:UsersscottAppDataRoamingMicrosoftWindowsStart MenuProgramsRiot Games
2021-01-23 08:57 – 2021-01-23 08:57 – 000000000 ____D C:Riot Games
2021-01-23 08:57 – 2021-01-23 08:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games
2021-01-23 08:57 – 2021-01-23 08:57 – 000000000 ____D C:Program FilesRiot Vanguard
2021-01-23 08:56 – 2021-01-27 13:15 – 000000000 ____D C:ProgramDataRiot Games
2021-01-23 08:56 – 2021-01-23 09:49 – 000000000 ____D C:UsersscottAppDataLocalRiot Games
2021-01-23 08:56 – 2021-01-23 08:56 – 068746984 _____ (Riot Games, Inc.) C:UsersscottDownloadsInstall VALORANT.exe
2021-01-22 23:45 – 2021-01-22 23:45 – 000003423 _____ C:UsersscottAppDataLocalrecently-used.xbel
2021-01-22 05:43 – 2021-01-22 05:43 – 130834432 _____ C:UsersscottDownloadscalibre-64bit-5.10.0.msi
2021-01-22 05:20 – 2021-01-22 05:19 – 000192168 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-64.dll
2021-01-22 05:18 – 2021-01-22 05:18 – 000000000 ____D C:UsersscottAppDataLocalLowOracle

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 22:25 – 2020-12-21 12:51 – 000000000 ____D C:UsersscottAppDataRoamingdiscord
2021-02-21 21:47 – 2019-12-07 04:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-02-21 21:10 – 2020-12-21 12:34 – 000000000 ____D C:ProgramDataMozilla
2021-02-21 21:09 – 2020-12-21 19:14 – 000000000 ____D C:Windowssystem32SleepStudy
2021-02-21 21:09 – 2020-12-21 12:34 – 000000000 ____D C:UsersscottAppDataLocalLowMozilla
2021-02-21 21:09 – 2020-12-21 11:53 – 000000000 ____D C:UsersscottAppDataLocalD3DSCache
2021-02-21 20:24 – 2020-12-21 12:01 – 000004166 _____ C:Windowssystem32TasksUser_Feed_Synchronization-30D21E8A-C59C-4B33-8A40-5FC8B1D332C8
2021-02-21 14:52 – 2020-12-21 13:25 – 000000000 ____D C:Program Files (x86)Steam
2021-02-21 05:50 – 2021-01-17 06:40 – 000000000 ____D C:UsersscottDocumentsMy Cmaps
2021-02-21 05:50 – 2021-01-17 06:40 – 000000000 ____D C:UsersscottCmapToolsLogs
2021-02-20 16:45 – 2021-01-17 06:40 – 000000000 ____D C:UsersscottAppDataRoamingCmapTools
2021-02-20 11:33 – 2019-12-07 04:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-02-20 11:33 – 2019-12-07 04:14 – 000000000 ____D C:WindowsAppReadiness
2021-02-20 08:51 – 2020-12-21 16:13 – 000000000 ____D C:UsersscottAppDataRoaming.minecraft
2021-02-19 20:26 – 2020-12-21 16:13 – 000000000 ____D C:Program Files (x86)Minecraft Launcher
2021-02-19 07:46 – 2020-12-28 04:19 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-02-19 07:46 – 2020-12-28 04:19 – 000002276 _____ C:ProgramDataDesktopMicrosoft Edge.lnk
2021-02-17 17:59 – 2020-12-26 12:47 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-02-17 17:59 – 2020-12-26 12:47 – 000002206 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-02-17 15:13 – 2019-12-07 04:13 – 000000000 ____D C:WindowsINF
2021-02-16 18:29 – 2020-12-21 11:38 – 000000000 ____D C:Usersscott
2021-02-16 01:23 – 2020-12-25 11:08 – 000003120 _____ C:Windowssystem32TasksAMDInstallLauncher
2021-02-15 19:01 – 2020-12-25 10:54 – 000000000 ____D C:UsersscottAppDataLocalAMD_Common
2021-02-12 04:31 – 2020-12-21 12:35 – 000000000 _____ C:Windowssystem32Driverslvuvc.hs
2021-02-11 20:18 – 2020-12-21 19:15 – 000000000 ____D C:Windowssystem32Driverswd
2021-02-11 05:40 – 2020-12-28 04:19 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-02-11 05:40 – 2020-12-28 04:19 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-02-10 23:22 – 2020-12-21 11:51 – 000000000 ____D C:ProgramDataPackage Cache
2021-02-10 23:18 – 2020-12-21 13:28 – 000000000 ____D C:UsersscottAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
2021-02-10 20:13 – 2020-12-21 19:26 – 000795738 _____ C:Windowssystem32PerfStringBackup.INI
2021-02-10 20:08 – 2020-12-21 19:14 – 000294904 _____ C:Windowssystem32FNTCACHE.DAT
2021-02-10 20:07 – 2020-12-21 19:15 – 000000006 ____H C:WindowsTasksSA.DAT
2021-02-10 20:07 – 2020-12-21 19:14 – 000008192 ___SH C:DumpStack.log.tmp
2021-02-10 20:07 – 2020-12-21 12:34 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-02-10 20:07 – 2019-12-07 04:14 – 000000000 ____D C:WindowsServiceState
2021-02-10 20:06 – 2020-12-21 11:52 – 000065536 _____ C:Windowssystem32spu_storage.bin
2021-02-10 20:06 – 2019-12-07 04:03 – 000786432 _____ C:Windowssystem32configBBI
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ___RD C:WindowsImmersiveControlPanel
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:WindowsSysWOW64Keywords
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:WindowsSystemResources
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:Windowssystem32oobe
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:Windowssystem32Keywords
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:Windowssystem32es-MX
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:WindowsPolicyDefinitions
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:Windowsbcastdvr
2021-02-10 20:05 – 2019-12-07 04:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-02-10 20:05 – 2019-12-07 04:03 – 000000000 ____D C:Windowsservicing
2021-02-10 18:08 – 2019-12-07 04:03 – 000000000 ____D C:WindowsCbsTemp
2021-02-10 17:53 – 2020-12-22 18:35 – 000000000 ____D C:Windowssystem32MRT
2021-02-10 17:50 – 2020-12-22 18:35 – 130141752 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2021-02-10 15:27 – 2020-12-22 07:02 – 000000000 ____D C:UsersscottAppDataLocalUbisoft Game Launcher
2021-02-10 08:52 – 2021-01-20 13:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
2021-02-09 23:39 – 2020-12-21 12:34 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-02-08 11:52 – 2020-12-21 14:22 – 000000000 ____D C:UsersscottAppDataLocalPlaceholderTileLogoFolder
2021-02-08 11:52 – 2020-12-21 11:39 – 000000000 ____D C:UsersscottAppDataLocalPackages
2021-02-06 06:12 – 2020-12-21 11:42 – 000003372 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-4072992394-420792265-3149577500-1001
2021-02-06 06:12 – 2020-12-21 11:42 – 000000000 ___RD C:UsersscottOneDrive
2021-02-06 06:12 – 2020-12-21 11:38 – 000002363 _____ C:UsersscottAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-02-05 00:52 – 2020-12-26 12:47 – 000003418 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA
2021-02-05 00:52 – 2020-12-26 12:47 – 000003294 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore
2021-02-03 09:36 – 2020-12-23 06:06 – 000018960 _____ (Logitech, Inc.) C:Windowssystem32DriversLNonPnP.sys
2021-02-01 17:37 – 2021-01-04 00:01 – 000000000 ____D C:UsersscottAppDataLocaltransmission
2021-02-01 16:49 – 2021-01-04 00:01 – 000000000 ____D C:ProgramDataTransmission
2021-01-31 22:40 – 2020-12-28 19:48 – 000000000 ____D C:UsersscottAppDataLocalElevatedDiagnostics
2021-01-23 03:26 – 2021-01-06 02:29 – 000000000 ____D C:UsersscottAppDataLocalbabl-0.1
2021-01-22 05:59 – 2020-12-26 09:08 – 000000999 _____ C:ProgramDataDesktopcalibre 64bit – E-book management.lnk
2021-01-22 05:59 – 2020-12-26 09:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramscalibre 64bit – E-book Management
2021-01-22 05:59 – 2020-12-26 09:08 – 000000000 ____D C:Program FilesCalibre2
2021-01-22 05:20 – 2021-01-05 11:31 – 000000000 ____D C:Program Files (x86)Java
2021-01-22 05:20 – 2020-12-24 13:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2021-01-22 05:20 – 2020-12-24 13:44 – 000000000 ____D C:Program FilesJava
2021-01-22 05:19 – 2020-12-24 13:45 – 000192168 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge-64.dll
2021-01-22 05:19 – 2020-12-21 13:48 – 000799104 ____N (Microsoft Corporation) C:Windowssystem32MpSigStub.exe
2021-01-22 05:18 – 2021-01-05 11:31 – 000165032 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-32.dll

==================== Files in the root of some directories ========

2021-01-22 23:45 – 2021-01-22 23:45 – 000003423 _____ () C:UsersscottAppDataLocalrecently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2021
Ran by scott (21-02-2021 22:25:57)
Running from C:UsersscottDownloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-12-22 00:21:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4072992394-420792265-3149577500-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-4072992394-420792265-3149577500-503 – Limited – Disabled)
Guest (S-1-5-21-4072992394-420792265-3149577500-501 – Limited – Disabled)
scott (S-1-5-21-4072992394-420792265-3149577500-1001 – Administrator – Enabled) => C:Usersscott
WDAGUtilityAccount (S-1-5-21-4072992394-420792265-3149577500-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon Kindle (HKUS-1-5-21-4072992394-420792265-3149577500-1001…Amazon Kindle) (Version: 1.30.0.59056 – Amazon)
AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 20.11.2 – Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32…4fedae1b-6980-4848-9ba0-229c946a3dac) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.) Hidden
Anki (HKLM-x32…Anki) (Version: 2.1.38 – )
Assassin’s Creed Valhalla (HKLM-x32…Uplay Install 13504) (Version:  – Ubisoft)
Audacity 2.4.2 (HKLM-x32…Audacity_is1) (Version: 2.4.2 – Audacity Team)
Balabolka (HKLM-x32…Balabolka) (Version: 2.15.0.767 – Ilya Morozov)
Branding64 (HKLM…856DA29A-EA4A-468B-BBC2-B5F60DD75BFE) (Version: 1.00.0002 – Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM…88F95932-F4AF-493A-8CC3-84C4A321A5D7) (Version: 5.10.0 – Kovid Goyal)
Discord (HKUS-1-5-21-4072992394-420792265-3149577500-1001…Discord) (Version: 0.0.309 – Discord Inc.)
eSpeak version 1.48.04 (HKLM-x32…eSpeak_is1) (Version:  – )
Foxit Reader (HKLM-x32…Foxit Reader_is1) (Version: 10.1.1.37576 – Foxit Software Inc.)
Freeplane (HKLM…D3941722-C4DD-4509-88C4-0E87F675A859_is1) (Version: 1.8.10 – Open source)
GetRight (HKLM-x32…GetRight_is1) (Version:  – Headlight Software, Inc.)
GIMP 2.10.22 (HKUS-1-5-21-4072992394-420792265-3149577500-1001…GIMP-2_is1) (Version: 2.10.22 – The GIMP Team)
GLEE (HKLM-x32…990DB057-BB98-4FD8-8442-ACFCB0DB5CAF) (Version: 1.0.000 – Microsoft Research)
Google Chrome (HKLM-x32…Google Chrome) (Version: 88.0.4324.182 – Google LLC)
IHMC CmapTools v6.04 (HKLM…IHMC CmapTools v6.04) (Version: 6.0.4.0 – Institute for Human & Machine Cognition)
Java 8 Update 281 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180281F0) (Version: 8.0.2810.9 – Oracle Corporation)
Java 8 Update 281 (HKLM-x32…26A24AE4-039D-4CA4-87B4-2F32180281F0) (Version: 8.0.2810.9 – Oracle Corporation)
KeePass Password Safe 2.47 (HKLM-x32…KeePassPasswordSafe2_is1) (Version: 2.47 – Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32…LAME_is1) (Version:  – )
Lightworks (HKLM…E94DD4E4-7746-472c-AA7B-1242FED0CFC8) (Version: 14.7.0.0 – LWKS Software Ltd.)
Logitech Options (HKLM…LogiOptions) (Version: 8.36.86 – Logitech)
Logitech SetPoint 6.70 (HKLM…sp6) (Version: 6.70.55 – Logitech)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 88.0.705.74 – Microsoft Corporation)
Microsoft Edge Update (HKLM-x32…Microsoft Edge Update) (Version: 1.3.141.59 – )
Microsoft OneDrive (HKUS-1-5-21-4072992394-420792265-3149577500-1001…OneDriveSetup.exe) (Version: 21.002.0104.0005 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-4072992394-420792265-3149577500-1001…Teams) (Version: 1.3.00.28779 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A) (Version: 2.75.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.27.29016 (HKLM-x32…40d3fee2-b257-46c2-bdc0-cb1088d97327) (Version: 14.27.29016.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…e31cb1a4-76b5-46a5-a084-3fa419e82201) (Version: 14.24.28127.4 – Microsoft Corporation)
Microsoft Windows Desktop Runtime – 3.1.8 (x64) (HKLM-x32…3e04c2ef-ccc7-4fe6-a32f-f36572af0f42) (Version: 3.1.8.29220 – Microsoft Corporation)
Minecraft Launcher (HKLM-x32…27B34E47-68AE-4802-822A-9F0C187AF84A) (Version: 1.0.0.0 – Mojang)
Mozilla Firefox 85.0.2 (x64 en-US) (HKLM…Mozilla Firefox 85.0.2 (x64 en-US)) (Version: 85.0.2 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 84.0 – Mozilla)
OpenOffice 4.1.8 (HKLM-x32…963FD672-F116-4AE3-AE25-84B576E610A7) (Version: 4.18.9803 – Apache Software Foundation)
Outlook (HKUS-1-5-21-4072992394-420792265-3149577500-1001…6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 – Outlook)
PowerPoint (HKUS-1-5-21-4072992394-420792265-3149577500-1001…319814cb56b667dff88f54e08be8f51f) (Version: 1.0 – PowerPoint)
Promontory_GPIO Driver (HKLM-x32…B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32…8833FFB6-5B0C-4764-81AA-06DFEED9A476) (Version: 10.31.828.2018 – Realtek)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.8702.1 – Realtek Semiconductor Corp.)
RedNotebook 2.21 (HKLM-x32…82A7E9C3-D3F3-4B85-9AC3-D0E011D19E50_is1) (Version: 2.21 – Jendrik Seipp)
Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)
SDC Workbench Version 3 (HKLM-x32…BF90C819-DB4A-4519-AF03-B6E07A9CB82A) (Version: 1.0.0 – Support.com)
Skype version 8.68 (HKLM-x32…Skype_is1) (Version: 8.68 – Skype Technologies S.A.)
Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
TP-LINK Archer T6E Driver (HKLM-x32…F2CF3250-3769-431E-A808-056BFA917849) (Version: 1.3.1 – TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32…319D91C6-3D44-436C-9F79-36C0D22372DC) (Version: 1.3.1 – TP-LINK)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM…B206C51C-27D2-4251-95E2-B4B28DE80633) (Version: 3.00.0 – Transmission Project)
Ubisoft Connect (HKLM-x32…Uplay) (Version: 117.0.10324 – Ubisoft)
VALORANT (HKUS-1-5-21-4072992394-420792265-3149577500-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc)
VLC media player (HKLM-x32…VLC media player) (Version: 3.0.12 – VideoLAN)
VMLite Android App Controller (HKLM-x32…571031A-F7C3-4E96-AFB2-8509D66AC636) (Version: 2.0.0 – VMLite)
Volume2 1.1.6 (HKLM-x32…Volume2) (Version: 1.1.6 – Alexandr Irza)
YubiKey Manager (HKLM-x32…yubikey-manager) (Version: 1.1.5 – Yubico AB)
Zoom (HKUS-1-5-21-4072992394-420792265-3149577500-1001…ZoomUMX) (Version: 5.4.7 (59784.1220) – Zoom Video Communications, Inc.)

Packages:
=========
LiquidText -> C:Program FilesWindowsAppsLiquidText.LiquidText_1.5.8.0_x64__rx5mtpcf576t0 [2021-02-20] (LiquidText)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Corporation)
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Corporation)
Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.3.179.0_x64__dt26b99r8h8gj [2021-01-04] (Realtek Semiconductor Corp)
Sentence Diagrammer -> C:Program FilesWindowsApps306891aiway.SentenceDiagrammer_1.0.0.23_neutral__nsvbn86bqbck4 [2021-02-08] (1aiway)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]
Widget Launcher -> C:Program FilesWindowsApps48405AmbientSoftware.WidgetsFree_4.0.5.0_x64__agy8jafheqhng [2021-01-04] (Chan Software Solutions) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-4072992394-420792265-3149577500-1001_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersscottAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-4072992394-420792265-3149577500-1001_ClassesCLSIDCB965DF1-B8EA-49C7-BDAD-5457FDC1BF92InprocServer32 -> C:UsersscottAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Balabolka] -> 6CB83A5A-AA68-4895-9F54-175E789AE149 => C:Program Files (x86)BalabolkaBFileExt.dll [2020-04-04] (Ilya Morozov) [File not signed]
ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:WindowsSystem32atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:Windowssystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersscottAppDataRoamingMicrosoftWindowsStart MenuProgramsOutlook.lnk -> C:Program Files (x86)MicrosoftEdgeApplicationmsedge_proxy.exe (Microsoft Corporation) ->  –profile-directory=Default –app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:UsersscottAppDataRoamingMicrosoftWindowsStart MenuProgramsPowerPoint.lnk -> C:Program Files (x86)MicrosoftEdgeApplicationmsedge_proxy.exe (Microsoft Corporation) ->  –profile-directory=Default –app-id=opfacbhaojodjaojgocnibmklknchehf

==================== Loaded Modules (Whitelisted) =============

2020-03-19 05:40 – 2020-03-19 05:40 – 000912896 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-core.dll
2020-03-19 05:40 – 2020-03-19 05:40 – 003109888 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-s3.dll
2015-02-19 00:13 – 2015-02-19 00:13 – 000817152 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientDevice.dll
2015-02-19 00:13 – 2015-02-19 00:13 – 003650560 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientPlatform.dll
2014-12-02 17:12 – 2014-12-02 17:12 – 000096256 _____ (Google, inc) [File not signed] C:Program Files (x86)VMLiteAndroidAppControllerAdbWinApi.dll
2014-12-02 17:12 – 2014-12-02 17:12 – 000060928 _____ (Google, inc) [File not signed] C:Program Files (x86)VMLiteAndroidAppControllerAdbWinUsbApi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_281binssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Logitech SetPoint -> AF949550-9094-4807-95EC-D1C317803333 -> C:Program FilesLogitechSetPointPSetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_281binjp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: bho2gr Class -> 31FF080D-12A3-439A-A2EF-4BA95A3148E8 -> C:Program Files (x86)GetRightxx2gr.dll [2009-10-19] (Headlight Software, Inc. -> Headlight Software, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_281binssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Logitech SetPoint -> AF949550-9094-4807-95EC-D1C317803333 -> C:Program FilesLogitechSetPointP32-bitSetPointSmooth.dll [2020-11-20] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_281binjp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 04:14 – 2021-01-14 04:32 – 000000864 _____ C:Windowssystem32driversetchosts
8.240.242.124 https://t.co/95ncORSXzb

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program Filesdotnet;C:Program FilesCalibre2
HKUS-1-5-21-4072992394-420792265-3149577500-1001Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperWindowsimg0.jpg
DNS Servers: 208.67.222.222 – 208.67.220.220
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedStartupFolder: => “GetRight.lnk”
HKLM…StartupApprovedRun: => “Logitech Download Assistant”
HKLM…StartupApprovedRun: => “Riot Vanguard”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [48C56081-F430-4EC9-871C-01B5760B0334] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [D15486D3-8599-40F0-8267-6FAD3EE30ABD] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [4009D4A2-BB04-450C-B0E0-6811945700D6] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [D027AE61-9246-40BF-A11A-5F71127BC2E4] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [2C4BBECC-968D-454F-8793-6D0C62EDA70F] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File
FirewallRules: [474E95B5-1812-49EF-9422-55343739DDB1] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File
FirewallRules: [A9AC98E8-E9C5-4091-A138-9483D2683CE4] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [E1046DF7-3CDE-4BF8-897F-4B42ADAD762E] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [A31E96D3-A1F0-423A-BAC2-59AE99C549AA] => (Allow) C:Program Files (x86)Steamsteamappscommon7 Days To Die7dLauncher.exe () [File not signed]
FirewallRules: [967D788D-8567-4D96-B43A-5B459942B7B1] => (Allow) C:Program Files (x86)Steamsteamappscommon7 Days To Die7dLauncher.exe () [File not signed]
FirewallRules: [D10B2FA5-D91D-4E32-8E26-5E1DF83F0BDA] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesAssassin’s Creed ValhallaACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [98009048-2A3C-46D8-BF45-C05F61A1A394] => (Allow) C:ProgramDataLogishrdLogiOptionsSoftwareCurrentLogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query UserD54FABEC-6B20-4DE7-85DF-D7E689638637C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User07920B7E-9BA9-49A7-822E-3E0015BD9F05C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [92A20704-E7F1-46C5-AD3B-6A95A92E7B01] => (Allow) C:Program Files (x86)SteamsteamappscommonBaldurs Gate 3LauncherLariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [9F2A7543-F10A-4840-A2AC-1FF62AEE6C61] => (Allow) C:Program Files (x86)SteamsteamappscommonBaldurs Gate 3LauncherLariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [TCP Query User4733778E-4DE0-4CF2-9B2B-53E6A9501C0AC:program files (x86)steamsteamappscommon7 days to die7daystodie.exe] => (Allow) C:program files (x86)steamsteamappscommon7 days to die7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User86A2186D-B382-4782-A4D3-BEA7E8F936A3C:program files (x86)steamsteamappscommon7 days to die7daystodie.exe] => (Allow) C:program files (x86)steamsteamappscommon7 days to die7daystodie.exe () [File not signed]
FirewallRules: [TCP Query User56D6D69B-2EF8-4209-8227-1DAFB3A5C3DFC:program files (x86)steamsteamappscommonbaldurs gate 3binbg3.exe] => (Allow) C:program files (x86)steamsteamappscommonbaldurs gate 3binbg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query UserF4EF9558-45BE-4CEF-ACAC-0CDB18A725C1C:program files (x86)steamsteamappscommonbaldurs gate 3binbg3.exe] => (Allow) C:program files (x86)steamsteamappscommonbaldurs gate 3binbg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [DBF73729-9B9A-4A7E-9633-0443B8E7D1B4] => (Allow) C:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]
FirewallRules: [1F3E9623-BA73-4B16-8FDC-53375C43B0CF] => (Allow) C:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User2C2D715E-C304-4035-BA6F-D8BF007B4C1FC:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query UserB535A1D8-6C57-465E-85FB-448AF946C959C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query UserA0C37D69-E168-4ECC-BCF9-3BDA87EA7278C:program filestransmissiontransmission-qt.exe] => (Allow) C:program filestransmissiontransmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User92D80E91-45B8-418F-99A1-7259B597E3E8C:program filestransmissiontransmission-qt.exe] => (Allow) C:program filestransmissiontransmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [7AB0FCE0-3D72-4BAF-B710-561756AF3205] => (Allow) C:UsersscottAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [9E9A2770-B51B-4708-B195-44B0BC2015DD] => (Allow) C:UsersscottAppDataRoamingZoombinairhost.exe => No File
FirewallRules: [80469F2D-C31B-404F-BF76-3135A19B8D9A] => (Allow) C:UsersscottAppDataRoamingZoombinairhost.exe => No File
FirewallRules: [D7D7ECD6-2664-45AE-B92D-9B9D8F6F11DA] => (Allow) C:Usersscokahle4979AppDataRoamingZoombinZoom.exe => No File
FirewallRules: [5BF61EC4-6D34-4A79-9BEF-AC436A65949C] => (Allow) C:Usersscokahle4979AppDataRoamingZoombinairhost.exe => No File
FirewallRules: [954516D4-626E-465E-A2A6-727D6B3D78B4] => (Allow) C:Usersscokahle4979AppDataRoamingZoombinairhost.exe => No File
FirewallRules: [TCP Query User6F7BBE6F-4369-45DA-AB39-7A07B0D855BFC:program filesihmc cmaptoolsjrebinjavaw.exe] => (Allow) C:program filesihmc cmaptoolsjrebinjavaw.exe
FirewallRules: [UDP Query UserF20D5250-34CA-4ED6-AD06-FCDE20BBC89EC:program filesihmc cmaptoolsjrebinjavaw.exe] => (Allow) C:program filesihmc cmaptoolsjrebinjavaw.exe
FirewallRules: [B613C779-7796-475E-BC89-C7A96BF44586] => (Allow) C:Program Files (x86)SteamsteamappscommonTalisman PrologueTalisman.exe (Ideaworks Labs (trading as Ideaworks3D Ltd)) [File not signed]
FirewallRules: [C40235ED-8D75-49EC-8DA8-2FB849AEC705] => (Allow) C:Program Files (x86)SteamsteamappscommonTalisman PrologueTalisman.exe (Ideaworks Labs (trading as Ideaworks3D Ltd)) [File not signed]
FirewallRules: [D1005AB9-3AF8-430A-B7F7-77F23272CACD] => (Allow) C:Program Files (x86)SteamsteamappscommonTalismanTalisman.exe () [File not signed]
FirewallRules: [CB7CFBD0-8166-408E-A680-5409407CF3B6] => (Allow) C:Program Files (x86)SteamsteamappscommonTalismanTalisman.exe () [File not signed]
FirewallRules: [TCP Query User98A5CD74-323C-4BC4-A3BD-1F38C8C8A673C:usersscottappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersscottappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User88DD86D7-BF3A-49A3-BCFE-617E2F5FFC4CC:usersscottappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersscottappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [09446F52-C027-4EA0-AA5B-88B3053784BF] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [8EDAA036-FA57-4E30-95E9-2D07826A9B47] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [F42A9FBE-8115-4C17-B028-B1F880143CB2] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [5B7EFEED-28BF-46FE-B7EC-BB1444FACD2A] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [FE4180CD-5B86-4034-8573-4C450C19E448] => (Allow) C:Program Files (x86)SteamsteamappscommonStar RealmsStarRealms.exe () [File not signed]
FirewallRules: [C32128F5-5B5C-4F52-8C68-FE365AB7A75B] => (Allow) C:Program Files (x86)SteamsteamappscommonStar RealmsStarRealms.exe () [File not signed]
FirewallRules: [D5010881-40DD-4776-ABF8-E762037B237F] => (Allow) C:Program Files (x86)SteamsteamappscommonSid Meier’s Civilization VILaunchPadLaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [03BA2C2F-DB0B-4ADF-8D09-9A9A47FB3B37] => (Allow) C:Program Files (x86)SteamsteamappscommonSid Meier’s Civilization VILaunchPadLaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [166D7BBB-D72C-4F20-A59B-C3D87C931A48] => (Allow) C:Program FilesLightworkslightworks.exe (LWKS Software Ltd -> LWKS Software Ltd)
FirewallRules: [AE95F267-66E0-4BF7-A714-8573F1AC99A1] => (Allow) C:Program FilesLightworkslightworks.exe (LWKS Software Ltd -> LWKS Software Ltd)
FirewallRules: [B969AF4B-C866-42C3-B918-081A0FD1FEF6] => (Allow) C:Program FilesLightworksntcardvt.exe (LWKS Software Ltd -> LWKS Software Ltd)
FirewallRules: [C1B9278B-E775-47F5-A3D3-74E0F9ACF09C] => (Allow) C:Program FilesLightworksntcardvt.exe (LWKS Software Ltd -> LWKS Software Ltd)
FirewallRules: [946F3A85-7F66-478D-9E53-464FD4EE84D9] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [EA7F24D1-0B8E-400D-B81A-F1277640D98C] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [0742FFAA-A7B0-476A-A02B-2D1B7B8CD886] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [8FF7F748-5FDC-4261-BAD8-E6EF1A338AD0] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [3F0FB8E8-0AB7-4BC2-B545-C0097A43B8E4] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Jackbox Party Pack 6The Jackbox Party Pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [00C31B46-5C27-4F52-9F9D-387E45C27789] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Jackbox Party Pack 6The Jackbox Party Pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [018BB99D-9DF9-40F1-9FEA-27876309CC54] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User3F1A2BE8-ECE0-4DC1-AEE2-D3E09BEC4665C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [UDP Query UserA7EA4B45-7E5F-4723-9FCF-8CDEA72A7F56C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [C30BCA39-E486-4433-8CCC-679DEDE94D25] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [4239B164-2638-4BAB-8F82-15EDA8B118CB] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [74334B40-39A9-4ABA-AC66-D0580246F876] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [00C047F3-E003-4043-ACB2-05DD68367699] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [F20C79CD-DAC0-4EFB-AF8B-4076A4F61F3A] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [02E1DA5F-5E28-43C3-B525-2256AC002463] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [BFE56C58-C622-415F-AB01-56F85D22EFC2] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [A322ADF9-152F-4865-B7CE-A33923413E19] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

10-02-2021 17:53:34 Windows Modules Installer
16-02-2021 18:26:24 Installed VMLite Android App Controller

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/17/2021 12:23:20 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn’t complete retrim on backup (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/17/2021 12:23:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn’t complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/16/2021 06:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.19041.1, time stamp: 0x25d5450e
Faulting module name: CustomActions.dll, version: 0.0.0.0, time stamp: 0x547e630a
Exception code: 0xc0000005
Fault offset: 0x00001e85
Faulting process id: 0x8700
Faulting application start time: 0x01d704bb3a3bbdd1
Faulting application path: C:Windowssyswow64MsiExec.exe
Faulting module path: C:Program Files (x86)VMLiteAndroidAppControllerCustomActions.dll
Report Id: de1c2896-9694-4a76-a4b9-b9ad0dcd1e65
Faulting package full name:
Faulting package-relative application ID:

Error: (02/09/2021 11:13:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn’t complete retrim on backup (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/09/2021 11:13:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn’t complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/05/2021 08:48:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/05/2021 08:48:14 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/05/2021 08:48:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

System errors:
=============
Error: (02/14/2021 06:46:00 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred. A record describing the condition is contained in the data section of this event.

Error: (02/13/2021 11:29:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/13/2021 11:29:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (02/10/2021 08:12:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (02/08/2021 07:13:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/08/2021 07:13:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (02/08/2021 04:14:52 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred. A record describing the condition is contained in the data section of this event.

Error: (02/05/2021 06:30:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Windows Defender:
================
Date: 2021-02-20 21:52:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-19 21:35:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-18 21:50:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-17 22:08:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-16 22:08:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-05 00:44:06
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

CodeIntegrity:
===============
Date: 2020-12-25 02:21:24
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4WindowsSystem32amdihk64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2203 07/28/2020
Motherboard: ASUSTeK COMPUTER INC. PRIME B450M-A
Processor: AMD Ryzen 5 3600X 6-Core Processor
Percentage of memory in use: 52%
Total physical RAM: 16315.26 MB
Available physical RAM: 7733.71 MB
Total Virtual: 22619.96 MB
Available Virtual: 8578.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.26 GB) (Free:172.46 GB) NTFS
Drive e: (backup) (Fixed) (Total:698.62 GB) (Free:229.21 GB) NTFS

\?Volumedd8b0301-e25b-43d5-bce2-bd99bbf602a8 () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\?Volumea35814bb-f2e6-4546-9ddb-dbf62aa5dc7d () (Fixed) (Total:0 GB) (Free:0 GB)
\?Volume4a5762d5-690d-4b6f-9b32-efdd17280800 () (Fixed) (Total:0 GB) (Free:0 GB)
\?Volume3b1237eb-9138-4ad4-b124-a9c6721d5ab6 () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 000B53A7)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: AA619BED)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================