Inactive Disk internal HD disk going RAW all the time

[GusRPG]

Hi everyone, I have a seagate barracuda 2Tb that I have bought 2 months ago. This disk started to go raw twice a week losing his partiton table since a month ago when when we used (embarrasing) a kmspico 'activator'.
I have to use chkdsk /f and everything goes to normal. I have tested the disk surface multiple times with seagate a western digital tools and everything is ok but this still happens, the disk is going raw all the time.
I have reinstalled windows, but
I there any form to check for virus that are erasing the partiton table? because this still happens.
Thanks in advance

 

[GusRPG]

Im attaching the frst.txt and addition.txt files
I have run malwarebytes and roguekiller with no luck
This disk going raw happens mostry (I guess) when I change between 2 windows partitions that I have on my pc.
Thanks in advance

 

[GusRPG]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by gus (administrator) on DESKTOP-T99JRAI (Gigabyte Technology Co., Ltd. B450M DS3H) (09-06-2021 23:28:39)
Running from D:\instalaciones
Loaded Profiles: gus
Platform: Windows 10 Pro Version 1909 18363.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Sentey 7.1 GAMING HEADSET\CPL\FaceLift_x64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adlice -> ) C:\Users\gus\AppData\Local\Temp\is-FQ6GU.tmp\RogueKiller_setup.tmp
(Adlice -> ) C:\Users\gus\AppData\Local\Temp\is-N71JF.tmp\RogueKiller_setup.tmp
(Adlice -> Adlice Software) D:\instalaciones\RogueKiller_setup.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Focusrite Audio Engineering, Ltd.) [File not signed] C:\Program Files\Focusriteusb\Focusrite Notifier.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [122592 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Cm108BSound] => C:\Program Files\Sentey 7.1 GAMING HEADSET\CPL\FaceLift_x64.exe [2359296 2014-11-10] () [File not signed]
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusriteusb\Focusrite Notifier.exe [5029376 2020-06-02] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-08] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.101\Installer\chrmstp.exe [2021-06-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-03-19] <==== ATTENTION
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-03-19]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A4F899-C317-4EC6-839A-7BD1C69879C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {26D94133-B992-4540-A49F-2E0B0FCD1BA3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4808928 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
Task: {4B3612E8-B3A3-42D6-86CC-9014D65A92BC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-14] (Avast Software s.r.o. -> Avast Software)
Task: {4E8A2B7E-BAB9-4506-9434-5BE0710BBA6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {8D6EF556-85FC-4803-9724-98183C5C9EE3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {C497333D-BD9D-43A0-AEE8-FFD942F43F08} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {FB49FFE9-5828-42BC-AB70-0524B8B897D0} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65448 2021-06-09] (Microsoft Corporation -> Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d36b6cc-e798-45b9-9345-229d8cf6d643}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: hx36lzds.default
FF ProfilePath: C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\hx36lzds.default [2021-01-10]
FF ProfilePath: C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release [2021-06-09]
FF Extension: (AdBlock — best ad blocker) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-06-06]
FF Extension: (AdBlocker for YouTube™) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2021-06-06]
FF Extension: (Allow Right-Click) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\{278b0ae0-da9d-4cc6-be81-5aa7f3202672}.xpi [2021-06-06]
FF Extension: (Steamcito: Steam con impuestos Argentina 2021) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\{4ee0a760-13e0-4ee5-af22-03099a45936d}.xpi [2021-06-06]
FF Extension: (Close Tabs to the Right) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\{588c6fa6-14f9-4826-b769-71a305c80bbb}.xpi [2021-06-06]
FF Extension: (DownThemAll!) - C:\Users\gus\AppData\Roaming\Mozilla\Firefox\Profiles\q5kke6d1.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-06-06]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default [2021-06-09]
CHR HomePage: Default -> hxxp://google.com.ar/
CHR StartupUrls: Default -> "hxxp://google.com.ar/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Extension: (Presentaciones) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-14]
CHR Extension: (Documentos) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-14]
CHR Extension: (Google Drive) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-14]
CHR Extension: (YouTube) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-14]
CHR Extension: (Adblock para Youtube™) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-05-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-04-07]
CHR Extension: (Pixlr-o-matic) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2021-01-14]
CHR Extension: (1clickVPN - VPN gratis para Chrome) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfhplploccackoneaefokcmbjfbkenj [2021-04-23]
CHR Extension: (Hojas de cálculo) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-21]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-21]
CHR Extension: (Guardar en Google Drive) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2021-03-15]
CHR Extension: (Google Keep: notas y listas) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-06-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-04-07]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2021-06-04]
CHR Extension: (DownThemAll!) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljkibfhlpcnanjgbnlnbjecgicbjkge [2021-04-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-11]
CHR Extension: (Gmail) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-14]
CHR Extension: (Chrome Media Router) - C:\Users\gus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [622816 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18832256 2021-02-18] (Native Instruments GmbH -> Native Instruments GmbH)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 Registration for device management; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\Logs\Log\231546531\ssfr.ps1
S3 WaaSMedicSvc; %systemroot%\system32\WaasMedicSvc.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35664 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [216360 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99296 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [17328 2021-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180944 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82856 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851144 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471352 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R3 bomebus; C:\Windows\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 CMUAC; C:\Windows\System32\drivers\CMUAC.sys [613888 2014-10-09] (C-MEDIA ELECTRONICS INC. -> C-MEDIA)
S3 Focusriteusb; C:\Windows\System32\drivers\Focusriteusb.sys [123456 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\Windows\System32\drivers\FocusriteusbSwRoot.sys [92568 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\Windows\system32\drivers\FocusriteusbAudio.sys [87912 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_MIDI; C:\Windows\system32\drivers\FocusriteusbMidi.sys [49808 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26792 2021-01-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [1578128 2013-04-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-06-09] (Adlice -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-01-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 23:28 - 2021-06-09 23:28 - 000000000 ____D C:\FRST
2021-06-09 22:45 - 2021-06-09 22:50 - 000000000 ____D C:\ProgramData\RogueKiller
2021-06-09 22:45 - 2021-06-09 22:45 - 000038032 _____ C:\Windows\system32\Drivers\truesight.sys
2021-06-09 22:45 - 2021-06-09 22:45 - 000000913 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-06-09 22:45 - 2021-06-09 22:45 - 000000913 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2021-06-09 22:45 - 2021-06-09 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-06-09 22:45 - 2021-06-09 22:45 - 000000000 ____D C:\Program Files\RogueKiller
2021-06-09 20:49 - 2021-06-09 20:49 - 000000000 ____D C:\Users\gus\AppData\Local\.IdentityService
2021-06-09 20:48 - 2021-06-09 20:48 - 000000000 ____D C:\Program Files (x86)\Xamarin
2021-06-09 20:48 - 2021-06-09 20:48 - 000000000 ____D C:\Program Files (x86)\Android
2021-06-09 19:18 - 2021-06-09 19:18 - 000000000 ____D C:\Program Files\Android
2021-06-09 19:12 - 2021-06-09 19:12 - 000001814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2021-06-09 19:10 - 2021-06-09 19:10 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2021-06-09 19:10 - 2021-06-09 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-06-09 19:10 - 2021-06-09 19:10 - 000000000 ____D C:\Program Files\Application Verifier
2021-06-09 19:10 - 2021-06-09 19:10 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2021-06-09 18:16 - 2021-06-09 18:16 - 000000000 ____D C:\Users\gus\AppData\Local\Package Cache
2021-06-09 18:16 - 2021-06-09 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.7
2021-06-09 18:11 - 2021-06-09 18:11 - 000000000 ____D C:\Program Files (x86)\NuGet
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\3082
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\2052
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1055
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1049
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1046
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1045
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1042
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1041
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1040
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1036
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1031
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1029
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1028
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\3082
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\2052
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1055
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1049
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1046
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1045
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1042
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1041
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1040
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1036
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1031
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1029
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1028
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Program Files\IIS
2021-06-09 18:10 - 2021-06-09 18:10 - 000000000 ____D C:\Program Files (x86)\IIS
2021-06-09 18:02 - 2021-06-09 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
2021-06-09 18:02 - 2021-06-09 18:02 - 000000000 ____D C:\ProgramData\dftmp
2021-06-09 18:02 - 2021-06-09 18:02 - 000000000 ____D C:\Program Files\VS2012Schemas
2021-06-09 18:02 - 2021-06-09 18:02 - 000000000 ____D C:\Program Files\VS2010Schemas
2021-06-09 18:02 - 2021-06-09 18:02 - 000000000 ____D C:\Program Files\Microsoft SDKs
2021-06-09 18:00 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\SysWOW64\1033
2021-06-09 18:00 - 2021-06-09 18:10 - 000000000 ____D C:\Windows\system32\1033
2021-06-09 18:00 - 2021-06-09 18:00 - 000000000 ____D C:\Users\gus\Documents\My Web Sites
2021-06-09 18:00 - 2021-06-09 18:00 - 000000000 ____D C:\Users\gus\Documents\IISExpress
2021-06-09 17:59 - 2021-06-09 18:00 - 000000000 ____D C:\Program Files\IIS Express
2021-06-09 17:59 - 2021-06-09 18:00 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-06-09 17:50 - 2021-06-09 17:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2021-06-09 17:40 - 2021-06-09 19:15 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-06-09 17:40 - 2021-06-09 19:10 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-06-09 17:40 - 2021-06-09 17:40 - 000000000 ____D C:\Users\gus\.dotnet
2021-06-09 17:37 - 2021-06-09 17:40 - 000000000 ____D C:\Program Files\dotnet
2021-06-09 17:37 - 2021-06-09 17:38 - 000000000 ____D C:\Program Files (x86)\dotnet
2021-06-09 17:37 - 2021-06-09 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2021-06-09 17:37 - 2021-06-09 17:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-06-09 17:31 - 2021-06-09 17:31 - 000001813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2021-06-09 17:28 - 2021-06-09 17:28 - 000001447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2021-06-09 17:28 - 2021-06-09 17:28 - 000000000 ____D C:\Users\gus\AppData\Roaming\Visual Studio Setup
2021-06-09 17:27 - 2021-06-09 17:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-06-09 17:27 - 2021-06-09 17:27 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2021-06-09 17:26 - 2021-06-09 17:27 - 000000000 ____D C:\Users\gus\Desktop\ARBA 2021
2021-06-07 01:05 - 2021-06-07 01:05 - 000000000 ____D C:\Users\gus\AppData\Roaming\Maize Sampler Player
2021-06-06 13:42 - 2021-06-06 13:46 - 000000000 ____D C:\Users\gus\Desktop\VST 2021 Guardar
2021-06-06 03:14 - 2021-06-06 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReValver Mk III
2021-06-06 02:10 - 2021-06-06 02:17 - 000000000 __HDC C:\ProgramData\{0503F8F4-705A-448A-B340-94B42D7504BD}
2021-06-06 02:02 - 2021-06-06 02:02 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-06-06 01:13 - 2021-06-06 13:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-05 21:25 - 2021-06-05 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
2021-06-05 21:25 - 2021-06-05 21:25 - 000000000 ____D C:\Program Files\Focusriteusb
2021-06-05 21:25 - 2020-06-02 15:35 - 000123456 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\Focusriteusb.sys
2021-06-05 21:25 - 2020-06-02 15:35 - 000092568 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\FocusriteusbSwRoot.sys
2021-06-05 21:25 - 2020-06-02 15:35 - 000087912 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\FocusriteusbAudio.sys
2021-06-05 21:25 - 2020-06-02 15:35 - 000049808 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\FocusriteusbMidi.sys
2021-06-05 02:12 - 2021-06-06 02:12 - 000000000 ____D C:\Users\gus\Desktop\Scarlett Drivers and Docs
2021-06-04 17:28 - 2021-06-09 23:14 - 000000000 ____D C:\Users\gus\AppData\Local\Avast Software
2021-06-02 22:34 - 2021-06-02 22:34 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-06-02 22:32 - 2021-06-02 22:32 - 000017328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2021-05-21 01:31 - 2021-05-21 01:31 - 000000000 ____D C:\Users\gus\AppData\Roaming\QtProject
2021-05-21 01:31 - 2019-11-08 10:15 - 003600896 _____ C:\Windows\system32\pwNative.exe
2021-05-21 01:31 - 2019-11-08 10:15 - 000019152 _____ C:\Windows\system32\pwdrvio.sys
2021-05-21 01:31 - 2019-11-08 10:15 - 000012504 _____ C:\Windows\system32\pwdspio.sys
2021-05-21 01:30 - 2021-05-21 01:41 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-05-19 17:08 - 2021-05-19 17:08 - 001319288 _____ (LLVM) C:\Windows\SysWOW64\libomp140d.i386.dll
2021-05-19 17:08 - 2021-05-19 17:08 - 001319288 _____ (LLVM) C:\Windows\SysWOW64\libomp140.i386.dll
2021-05-19 17:06 - 2021-05-19 17:06 - 001664912 _____ (LLVM) C:\Windows\system32\libomp140d.x86_64.dll
2021-05-19 17:06 - 2021-05-19 17:06 - 001664912 _____ (LLVM) C:\Windows\system32\libomp140.x86_64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-09 23:24 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\schemas
2021-06-09 23:22 - 2019-11-15 20:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-09 23:13 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-09 22:47 - 2021-01-10 05:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-09 22:43 - 2021-01-10 06:35 - 000000000 ____D C:\ProgramData\Avast Software
2021-06-09 22:43 - 2019-11-15 20:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-09 22:40 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2021-06-09 19:10 - 2021-01-10 02:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-09 19:10 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2021-06-09 18:10 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2021-06-09 18:03 - 2021-03-11 17:57 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-09 18:00 - 2021-04-24 17:32 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-06-09 18:00 - 2021-04-24 17:32 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-06-09 17:49 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-09 17:40 - 2021-01-09 23:22 - 000000000 ____D C:\Users\gus
2021-06-09 17:12 - 2021-03-13 21:31 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-09 17:12 - 2021-01-14 12:34 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-09 17:12 - 2021-01-14 12:34 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-09 17:12 - 2021-01-14 12:34 - 000002218 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-06-09 00:22 - 2020-12-20 07:26 - 000000000 ____D C:\Ubisoft F
2021-06-09 00:20 - 2020-03-17 13:12 - 000000000 ____D C:\Epic Games
2021-06-07 22:51 - 2020-11-24 20:48 - 000000000 ____D C:\Steam F
2021-06-07 22:42 - 2020-05-25 04:54 - 000000000 ____D C:\00-Varios Mover
2021-06-06 17:49 - 2021-01-14 12:52 - 000000000 ____D C:\Users\gus\Documents\REAPER Media
2021-06-06 13:29 - 2021-01-10 05:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-06 03:32 - 2021-01-10 05:23 - 000000000 ____D C:\Users\gus\AppData\Local\CrashDumps
2021-06-06 02:05 - 2021-03-11 02:12 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-06-06 02:03 - 2021-01-10 05:48 - 000000000 ____D C:\Users\gus\AppData\LocalLow\Mozilla
2021-06-06 02:02 - 2021-01-10 05:48 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-05 22:22 - 2021-01-10 02:38 - 000000000 ____D C:\Users\gus\AppData\Local\PlaceholderTileLogoFolder
2021-06-05 21:19 - 2021-04-27 01:02 - 000000000 ____D C:\Users\gus\AppData\Roaming\discord
2021-06-05 20:42 - 2021-04-27 01:02 - 000000000 ____D C:\Users\gus\AppData\Local\Discord
2021-06-05 01:50 - 2021-01-14 12:50 - 000000000 ____D C:\Users\gus\AppData\Roaming\REAPER
2021-06-05 01:20 - 2021-03-11 05:32 - 000000000 ____D C:\Users\gus\AppData\Roaming\vlc
2021-06-04 22:18 - 2021-01-10 03:18 - 000000000 ____D C:\Users\gus\AppData\Local\D3DSCache
2021-06-04 22:14 - 2021-04-27 01:02 - 000002235 _____ C:\Users\gus\Desktop\Discord.lnk
2021-06-04 22:06 - 2021-03-11 01:38 - 000000000 ____D C:\Users\gus\AppData\Roaming\Telegram Desktop
2021-06-04 18:59 - 2021-03-12 03:28 - 000001324 _____ C:\Users\gus\Desktop\Fantasy Grounds Unity.lnk
2021-06-02 22:41 - 2021-04-06 01:10 - 000000000 ____D C:\Users\gus\AppData\Local\ElevatedDiagnostics
2021-06-02 22:35 - 2021-01-10 06:38 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-06-02 22:34 - 2021-01-10 06:37 - 000851144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000471352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000326976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000250336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000216360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000180944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000099296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000082856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000041296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-06-02 22:34 - 2021-01-10 06:37 - 000035664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-06-02 22:34 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

[GusRPG]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by gus (09-06-2021 23:29:35)
Running from D:\instalaciones
Windows 10 Pro Version 1909 18363.418 (X64) (2021-01-10 02:17:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2055302001-3795474816-1882738526-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2055302001-3795474816-1882738526-503 - Limited - Disabled)
Guest (S-1-5-21-2055302001-3795474816-1882738526-501 - Limited - Disabled)
gus (S-1-5-21-2055302001-3795474816-1882738526-1002 - Administrator - Enabled) => C:\Users\gus
WDAGUtilityAccount (S-1-5-21-2055302001-3795474816-1882738526-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{6BF11ECE-3CE8-4FBA-991A-1F55AA6BE5BF}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.4.2464 - Avast Software)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
DeepL (HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\DeepL) (Version: 2.3.1 - DeepL GmbH)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Engineer Suite version 0.6.28 (HKLM-x32\...\{EBF3B63D-82C0-499E-A6F4-846D4BFF3F71}_is1) (Version: 0.6.28 - Ancient Tree)
Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Fantasy Grounds (HKLM\...\Fantasy Grounds) (Version: - SmiteWorks)
Focusrite Usb 4.65.5.658 (HKLM\...\Focusrite Usb_is1) (Version: 4.65.5.658 - Focusrite Audio Engineering, Ltd.)
GMW Campaign Toolkit (HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\eb456b0e73eadebf) (Version: 1.2.7.231 - GM Wintermute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.101 - Google LLC)
Guitar Pro 6 Demo (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
icecap_collection_neutral (HKLM-x32\...\{1036893D-9917-4E70-B96C-8D72A2B224BC}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{289873DF-80D0-4D7D-8068-D25D342A26FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{D2B4539C-173B-4B8D-A021-E22E9566BC24}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{38CE202D-7880-4101-9739-83619300EC58}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0307C98E-AE82-4A4F-A950-A72FBD805338}) (Version: 10.0.04403 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden
Kontakt 6 PORTABLE (HKLM\...\{9380734D-6F66-4F76-A7D3-6D117FAA4773}_is1) (Version: 6.0.3.54 - Native Instruments)
LibreOffice 7.0.5.2 (HKLM\...\{726F4143-9BAA-4F54-A918-07C139D9C775}) (Version: 7.0.5.2 - The Document Foundation)
Microsoft .NET SDK 5.0.301 (x64) from Visual Studio (HKLM\...\{869D316B-33AD-4466-974C-95820FF40F99}) (Version: 5.3.121.27113 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.6 (HKLM\...\{EDADFA19-7F96-4075-A4AB-2209910626C5}) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.6 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.6) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{8D98AC2C-FC5C-440D-A2D3-6C9655F957D8}) (Version: 17.2.0.1 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30037 (HKLM-x32\...\{dfea0fad-88b2-4a1f-8536-3f8f9391f4ef}) (Version: 14.29.30037.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.10.2174.31177 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{2EC26D34-FB67-4C58-AC20-235697551222}) (Version: 10.0.3802 - Microsoft Corporation)
Mozilla Firefox 89.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 89.0 (x64 es-AR)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Kinetic Treats (HKLM-x32\...\Native Instruments Kinetic Treats) (Version: 1.1.0.4 - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 2.6.0.198 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version: - Native Instruments)
Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version: - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.2.1 - Native Instruments)
Native Instruments Mikro Prism (HKLM-x32\...\Native Instruments Mikro Prism) (Version: 1.1.0.14 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.3.136 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.10.2.5 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.1.0.96 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.4.1512 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.4.0.2 - Native Instruments)
Native Instruments Reaktor Factory Selection R2 (HKLM-x32\...\Native Instruments Reaktor Factory Selection R2) (Version: 1.0.1.7 - Native Instruments)
Native Instruments Skanner (HKLM-x32\...\Native Instruments Skanner) (Version: - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.3.1.45 - Native Instruments)
Native Instruments TRK-01 Bass (HKLM-x32\...\Native Instruments TRK-01 Bass) (Version: 1.0.0.10 - Native Instruments)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Python 3.7.8 (64-bit) (HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\{886f7e19-ca0e-4f00-9cb5-14f6506fea86}) (Version: 3.7.8150.0 - Python Software Foundation)
Python 3.7.8 Core Interpreter (64-bit symbols) (HKLM\...\{D5C2F5B5-AE03-4897-B7EB-88EDEB52E55F}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Core Interpreter (64-bit) (HKLM\...\{8DE1D24F-C0EA-42D5-87D0-7F3071932A15}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Development Libraries (64-bit) (HKLM\...\{BB556C96-3906-453B-B068-E17C1F13C814}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Documentation (64-bit) (HKLM\...\{A90E9216-6C61-4A2B-A18E-85EF9DF6A2C0}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Executables (64-bit symbols) (HKLM\...\{FAF0840F-75F4-4331-819A-C5B88251F402}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Executables (64-bit) (HKLM\...\{0EEFE4AC-ED52-4F6F-A726-A9030991B75D}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 pip Bootstrap (64-bit) (HKLM\...\{AD820C10-4106-47D5-B6BD-4B3CEA93E429}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Standard Library (64-bit symbols) (HKLM\...\{F7B2245C-D3F3-4CCC-A558-702AB2069D57}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Standard Library (64-bit) (HKLM\...\{68A406B0-F664-4882-8035-4015C78DDC93}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Tcl/Tk Support (64-bit symbols) (HKLM\...\{833EA197-6356-48B6-9E90-AE2D2CCC5479}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Tcl/Tk Support (64-bit) (HKLM\...\{223ADA3A-F506-428A-9244-C3EA445AD42A}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Test Suite (64-bit symbols) (HKLM\...\{F0759285-644B-4AAF-BB09-CA4592C12B89}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Test Suite (64-bit) (HKLM\...\{FE029834-AD26-45F1-B622-8DE59A8B1048}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Utility Scripts (64-bit) (HKLM\...\{3BDFA237-E962-435F-A556-A2BE2EE1464C}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B25A5062-540A-4141-80D3-50FA598523F3}) (Version: 3.7.7118.0 - Python Software Foundation)
qBittorrent 4.3.2 (HKLM-x32\...\qBittorrent) (Version: 4.3.2 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.26.328.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version: - )
ReValver Mk III (HKLM-x32\...\ReValver Mk III_is1) (Version: - )
RogueKiller version 14.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.6.0 - Adlice Software)
Scribus 1.5.6.1 (64bit) (HKLM\...\Scribus 1.5.6.1) (Version: 1.5.6.1 - The Scribus Team)
SDK ARM Additions (HKLM-x32\...\{FCF9D89E-6F79-64FB-B08D-B0E69FF54DEE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{72DB07D6-E166-5A3F-B6E6-4664383781B8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Sentey 7.1 GAMING HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006620}) (Version: ¡°1.0.0.6¡± - Sentey Electronics Tech Co,.LTD)
Sentey Zoner Gaming Mouse (HKLM-x32\...\{9BCF4F0F-1499-4ED7-B7E8-B7256933C741}_is1) (Version: 1.0.3 - SENTEY S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steven Slate Steven Slate Drums EX (HKLM-x32\...\Steven Slate Steven Slate Drums EX) (Version: - Steven Slate)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
TypeScript SDK (HKLM-x32\...\{C34D7309-4E94-4B6A-ABE8-C1EE566E9C1F}) (Version: 4.2.4.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{CD06199B-41C1-AE6D-7567-984CC68792C3}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BD75F257-50A4-E0CD-9942-C3550CA3E66A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VB3-II version 1.1.1 (HKLM\...\VB3-II_is1) (Version: 1.1.1 - Genuine Soundware & Instruments & Team V.R)
vcpp_crt.redist.clickonce (HKLM-x32\...\{C1971FA7-C832-480E-91DC-21FBB0794C32}) (Version: 14.29.30037 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\c794f944) (Version: 16.10.31402.337 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{6F7948F9-8EED-4FA5-A1D9-7DD512A2CA26}) (Version: 16.10.31206 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{F2362422-8A5F-473B-B793-E9592B1EA9FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{3751D1CF-9A44-43D2-B4BB-80FA6E7925A8}) (Version: 16.10.31213 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{8B6AE4FB-1E51-4BB4-B52C-CAC8A0340310}) (Version: 16.10.31206 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{B0AA3BF6-3C13-4C9A-A043-4CEFBBE0A2D3}) (Version: 16.10.31206 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{E6B8D127-6C17-4E21-BA5C-B1D0C322BBA2}) (Version: 16.10.31320 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0916C6E1-6A0A-4887-9E00-D96FD44AFACE}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{9A9E968E-1C75-4B85-BCBF-D1E26D6F7A6B}) (Version: 16.10.31205 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{634F7BE2-E181-4544-946F-B8BA774B9059}) (Version: 16.10.31206 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E18618EC-D9DB-4BCE-B382-85ADA2CBB340}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Xamarin Offline Packages (HKLM-x32\...\{3FD115BA-CD0E-4770-AD07-AF0EB6BA15C8}) (Version: 16.10.5 - Xamarin) Hidden
Xamarin PCL Profiles v1.0.9 (HKLM-x32\...\{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 - Xamarin) Hidden
Xamarin Remoted iOS Simulator (HKLM-x32\...\{E07CBF6A-91C5-434C-8520-784D040A3907}) (Version: 16.7.0.0 - Xamarin) Hidden
Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2021-01-10] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-02] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-02-13] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-06-02] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\gus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
==================== Loaded Modules (Whitelisted) =============
2021-03-11 01:28 - 2014-11-10 10:53 - 000247296 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\Sentey 7.1 GAMING HEADSET\CPL\Driver\x64\vista\osConfLib.dll
2021-03-13 05:31 - 2019-02-21 13:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2055302001-3795474816-1882738526-1002\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{96C4F4D4-D206-49BA-B679-720FDF90F756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33E1C90F-D947-4B74-B832-8E6276C49304}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1EA3D85-5A32-4699-8EA4-CE045C0BED62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8AC3DA72-863B-4D9E-99CA-52DDE5A388E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86F9BE1A-8B5F-4348-AC28-CC03290CD3D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4B40AFD-0D90-4B27-B8F5-FF746BDDFC2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97A458CE-5B42-4D0F-A277-5B9489EFA46E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD4703D2-5DA9-44C7-A6DB-95671884D114}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{66A81501-19B0-4D65-8E04-47EB52210C41}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{4FDC6FCB-0051-4C26-8C74-A7031DA2EEBE}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E2738054-7BC1-4A49-AEC0-740D2152A28A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{97798CFE-5474-4ABA-9172-2EB8F5980F84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6ED56BD2-0BEA-4C81-9F74-B472D0CA199A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ABB84257-57CF-434E-BFF9-D9D64443AA09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{773FB56C-BF10-42C6-8A89-69FD41107570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fantasy Grounds Unity\FGUSteamLauncher.exe () [File not signed]
FirewallRules: [{686EE1AC-64D9-46E5-916C-6BABEABC4C04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fantasy Grounds Unity\FGUSteamLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{A5930D02-C900-4CBF-8E28-B39EABCF11EE}C:\program files\smiteworks\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files\smiteworks\fantasy grounds\fantasygrounds.exe (SmiteWorks USA LLC -> )
FirewallRules: [UDP Query User{3C669190-0771-48AF-B63D-7CDD229B7D24}C:\program files\smiteworks\fantasy grounds\fantasygrounds.exe] => (Allow) C:\program files\smiteworks\fantasy grounds\fantasygrounds.exe (SmiteWorks USA LLC -> )
FirewallRules: [TCP Query User{207C6DBF-AB24-4F79-B45F-204FBAF219FC}C:\users\gus\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\gus\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{F563377A-20A5-4C63-835B-11110FC60C67}C:\users\gus\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\gus\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{8828B54E-3B10-4D95-80BD-601096AEE74C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Painter Studio\dps.exe () [File not signed]
FirewallRules: [{E42CB9B6-5764-4B14-B699-250B8FB6E727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Painter Studio\dps.exe () [File not signed]
FirewallRules: [{E28CA5F1-3012-41C9-915C-C9A679AC649A}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{C6BE3D59-A0E7-4150-8C09-67C8F2476211}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe => No File
FirewallRules: [{FAF2B041-AC42-4BA7-95B1-C9CC86FCC35F}] => (Allow) D:\Steam\steamapps\common\Deep Sky Derelicts\Deep Sky Derelicts.exe => No File
FirewallRules: [{EDED0652-A22E-43CB-B799-1C7428DBCFC1}] => (Allow) D:\Steam\steamapps\common\Deep Sky Derelicts\Deep Sky Derelicts.exe => No File
FirewallRules: [{EF799B66-5296-4E7C-98D9-403B5521C839}] => (Allow) D:\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{CCEEBA29-69FB-4E79-B05A-2138CFF2FA51}] => (Allow) D:\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [TCP Query User{130D3288-867F-4020-A862-E73996820F9F}E:\steam h\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) E:\steam h\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{868D9D35-4E0E-4696-86C1-8C413B434DB7}E:\steam h\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) E:\steam h\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{6B5CF6AC-424B-488C-BC8E-C80272E628F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Sky Derelicts\Deep Sky Derelicts.exe () [File not signed]
FirewallRules: [{E1A8B137-9E2E-4C96-85CD-BA9B7071E7FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Sky Derelicts\Deep Sky Derelicts.exe () [File not signed]
FirewallRules: [{C77AF2E3-8BA1-4B68-BB22-E4F4EAA96D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sophies Dice\Sophie's Dice.exe () [File not signed]
FirewallRules: [{CF67F475-90E3-48E6-B319-379EDF6C3E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sophies Dice\Sophie's Dice.exe () [File not signed]
FirewallRules: [{51688C8E-81C0-4753-9524-104139817674}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless RPG Random Dungeon Map Generator\RPGGenerator.exe (HP) [File not signed]
FirewallRules: [{5DD49703-271A-47BD-A6FA-748C4CFE351F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless RPG Random Dungeon Map Generator\RPGGenerator.exe (HP) [File not signed]
FirewallRules: [{509F20C1-070F-4468-9815-D31DE668AEB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Illfloor\win64\illfloor.exe () [File not signed]
FirewallRules: [{D9CA08FA-7228-416C-8665-B70ED6FE8725}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Illfloor\win64\illfloor.exe () [File not signed]
FirewallRules: [{BB4B4572-2353-482F-B22D-ACFCFF280128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlowScape\FlowScape.exe () [File not signed]
FirewallRules: [{692DF4B1-0A6C-488B-A585-4AA68EDFB909}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlowScape\FlowScape.exe () [File not signed]
FirewallRules: [{4EEA7374-303D-46CB-8BDC-60CDB617C2D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RPG Sounds\RPG Sounds\RPG Sounds.exe () [File not signed]
FirewallRules: [{60371684-7EA6-434D-BF2E-6199421932B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RPG Sounds\RPG Sounds\RPG Sounds.exe () [File not signed]
FirewallRules: [{8E282518-4560-4276-81EB-DEB66EEA2962}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TaleSpire\TaleSpire.exe () [File not signed]
FirewallRules: [{05D0D5DF-5E0B-4EF3-BB04-874FB502CB98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TaleSpire\TaleSpire.exe () [File not signed]
FirewallRules: [{1AFDA26C-6FF7-46F6-B6C2-1F33B2EE6832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-06-2021 03:27:47 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/09/2021 05:50:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (06/07/2021 03:47:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (06/07/2021 03:47:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (06/06/2021 03:57:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (06/06/2021 03:57:54 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (06/06/2021 03:32:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: reaper.exe, version: 6.2.5.0, time stamp: 0x6042c489
Faulting module name: ntdll.dll, version: 10.0.18362.387, time stamp: 0xa4208572
Exception code: 0xc0000005
Fault offset: 0x0003e1d0
Faulting process id: 0x2788
Faulting application start time: 0x01d75a950a6e8e7c
Faulting application path: C:\REAPER\reaper.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: e6828039-425f-4408-a55c-a33cb499d5d1
Faulting package full name:
Faulting package-relative application ID:
Error: (06/05/2021 10:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinStore.App.exe, version: 11811.1001.18.0, time stamp: 0x5c40e7b3
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.18362.418, time stamp: 0x253810c2
Exception code: 0xc000027b
Fault offset: 0x0000000000712dc0
Faulting process id: 0x2678
Faulting application start time: 0x01d75a6b1eaf18a6
Faulting application path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: a6c60e83-84eb-4395-9843-e5b7dfafa86c
Faulting package full name: Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (06/05/2021 09:26:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
System errors:
=============
Error: (06/09/2021 10:45:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} did not register with DCOM within the required timeout.
Error: (06/09/2021 10:43:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Registration for device management service failed to start due to the following error:
The system cannot find the file specified.
Error: (06/09/2021 10:43:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
Error: (06/09/2021 10:43:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WaaSMedicSvc service terminated with the following error:
The specified module could not be found.
Error: (06/09/2021 10:42:37 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
Error: (06/09/2021 05:31:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/09/2021 05:31:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (06/09/2021 05:04:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-01-10 02:28:52.686
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2021-01-10 02:23:52.501
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-01-10 02:23:52.501
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-01-10 02:23:52.501
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-01-10 02:23:52.495
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
==================== Memory info ===========================
BIOS: American Megatrends Inc. F2 08/08/2018
Motherboard: Gigabyte Technology Co., Ltd. B450M DS3H-CF
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics
Percentage of memory in use: 27%
Total physical RAM: 16331.23 MB
Available physical RAM: 11910.64 MB
Total Virtual: 17355.23 MB
Available Virtual: 11540.02 MB
==================== Drives ================================
Drive c: (Basic Audio OS) (Fixed) (Total:492.06 GB) (Free:104.63 GB) NTFS
Drive d: (Basic Games) (Fixed) (Total:438.92 GB) (Free:150.13 GB) NTFS
Drive e: (SD 240 19) (Fixed) (Total:223.58 GB) (Free:70.74 GB) NTFS
Drive f: (21A) (Fixed) (Total:976.56 GB) (Free:343.7 GB) NTFS
Drive g: (21B Audio) (Fixed) (Total:886.45 GB) (Free:173.5 GB) NTFS
Drive I: (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive k: (SAM T2) (Fixed) (Total:1863.01 GB) (Free:37.05 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 92966F95)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A11329E2)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=438.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 85F7303A)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: AF0C133D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================

 

[GusRPG]

Sophos found a Generic ML PUA in a vclstyles.dll file (screenshot attached because I dont know how to make a text report with sophos)
Could this be the virus?

 

[GusRPG]

Frpm Sophos:

Potentially unwanted application cleaned
This application is not malicious but has potentially unwanted behavior and has been quarantined
Show Advanced Options

Generic ML PUA
C:\Users\gus\Desktop\Teleport Ultra Installer\ultra.exe
Thursday, June 10, 2021 1:30 AM

Tracking cookies found
These cookies are used to track your browsing between websites. They may affect your privacy


97

Thursday, June 10, 2021 1:19 AM

Scan finished
Finished scanning for malware and potentially unwanted applications


Local

Thursday, June 10, 2021 1:19 AM

Potentially unwanted application cleaned
This application is not malicious but has potentially unwanted behavior and has been quarantined
Show Advanced Options

Generic ML PUA
C:\ProgramData\{9380734D-6F66-4F76-A7D3-6D117FAA4773}\Resources\VclStyles.dll
Thursday, June 10, 2021 1:16 AM

 

[Broni]

I don't see anything suspicious there.
I suggest new topic in hardware section of our forum.

 

[GusRPG]

Ok thank you Broni

 

[Broni]