Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2022
Ran by u_u (27-05-2022 13:42:52)
Running from C:\Users\u_u\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2021-08-08 22:27:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2736231629-3607526208-3142971229-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2736231629-3607526208-3142971229-503 - Limited - Disabled)
Guest (S-1-5-21-2736231629-3607526208-3142971229-501 - Limited - Disabled)
u_u (S-1-5-21-2736231629-3607526208-3142971229-1001 - Administrator - Enabled) => C:\Users\u_u
WDAGUtilityAccount (S-1-5-21-2736231629-3607526208-3142971229-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.07 (x64) (HKLM-x32\...\7-Zip) (Version: 21.07 - Igor Pavlov)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
CPUID CPU-Z 2.01 (HKLM-x32\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM-x32\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
Dell Power Manager Service (HKLM-x32\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.10.0 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.0.0 - Dell Inc.)
Documentation Manager (HKLM-x32\...\{E6D708BA-9130-4926-AA3E-AEBB5DE1E60B}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
DriverFix 4.2021.1.29 (HKLM-x32\...\DriverFix_is1) (Version: - DriverFix, Inc)
DSC/AA Factory Installer (HKLM-x32\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM-x32\...\{9DE7A0A5-C13D-4FDD-B78B-53C744C82F1A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
f.lux (HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\Flux) (Version: - f.lux Software LLC)
Firestorm-Releasex64 (HKLM-x32\...\Firestorm-Releasex64) (Version: 6.5.3.65658 - The Phoenix Firestorm Project, Inc.)
GIMP 2.8.22 (HKLM-x32\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
HakuNeko Desktop (HKLM-x32\...\HakuNeko Desktop_is1) (Version: 6.1.7 - Ronny Wegener <
wegener.ronny@gmail.com>)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{a47edec4-fa11-4d02-b329-4424d0197af8}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{c49f9463-8ca3-4422-82b0-c06c7a9640ed}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Icls (HKLM-x32\...\{AE33809B-734E-4A79-BBDC-0DDE03950065}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM-x32\...\{4479B4B8-D77B-474A-ABC5-1E5A4356F7DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{1A9FE6B4-801A-4AF0-AEDB-EA49BD80C9F2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2205.15.0.2623 - Intel Corporation)
Intel(R) Management Engine Driver (HKLM-x32\...\{F0A3D842-E346-45C5-9546-90FEFD477F6E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4944 - Intel Corporation)
Intel(R) Serial IO (HKLM-x32\...\{06534C2E-CDD8-440B-A370-13E2E1C45FDC}) (Version: 30.100.2020.7 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM-x32\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002110-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.110.2.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{0164812d-0965-4e5d-8ebd-6e2b5d181d4a}) (Version: 20.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM-x32\...\{F70E0149-0BD0-4933-ADD0-1DC74D8F513B}) (Version: 20.40.0.1365 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{094650cc-6461-47bb-96c0-4ec910a08b94}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{bbc40478-54e7-4914-965f-de8043a2ed0e}) (Version: 22.100.0.3 - Intel Corporation) Hidden
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )
LatencyMon 7.00 (HKLM-x32\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
M64Py 0.2.5 (HKLM-x32\...\M64Py_is1) (Version: - )
Malwarebytes version 4.5.9.198 (HKLM-x32\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Mozilla Firefox (x64 en-US) (HKLM-x32\...\Mozilla Firefox 100.0.2 (x64 en-US)) (Version: 100.0.2 - Mozilla)
MPC-HC 1.9.21.2 (6167a9d8c) Nightly (64-bit) (HKLM-x32\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.21.2 - MPC-HC Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OpenHashTab version v3.0.1 (HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\{C0EEE3CD-665D-4E4E-B3BC-ADCD0FE73C0F}_is1) (Version: v3.0.1 - namazso)
OpenVPN Connect (HKLM-x32\...\{45C65CE3-C105-4C48-B334-3E22FDCF4AD0}) (Version: 3.3.6 - OpenVPN Technologies)
OptaneDowngradeGuard (HKLM-x32\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Pale Moon 31.0.0 (x64 en-US) (HKLM-x32\...\Pale Moon 31.0.0 (x64 en-US)) (Version: 31.0.0 - Moonchild Productions)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9167.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM-x32\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SanityCheck 3.52 (HKLM-x32\...\SanityCheck_is1) (Version: 3.52 - Resplendence Software Projects Sp.)
simplewall (HKLM-x32\...\simplewall) (Version: 3.6.3 - Henry++)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
SumatraPDF (HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\SumatraPDF) (Version: 3.4.1 - Krzysztof Kowalczyk)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Tixati (HKLM-x32\...\tixati) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM-x32\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM-x32\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM-x32\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-12-10] (Dell Inc)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-27] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2021-02-20] (Waves Audio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\u_u\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001_Classes\CLSID\{23b5bdd4-7669-42b8-9cdc-beebc8a5baa9}\InprocServer32 -> C:\Users\u_u\AppData\Local\Programs\OpenHashTab\OpenHashTab.dll (namazso) [File not signed]
CustomCLSID: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\u_u\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\u_u\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-13] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-13] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_fd5032f7e49f5212\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-02-21 20:12 - 2022-04-15 08:00 - 000376832 _____ () [File not signed] C:\Program Files\MPC-HC\LAVFilters64\libbluray.dll
2022-03-17 11:44 - 2022-03-17 11:44 - 002772480 _____ () [File not signed] C:\Program Files\OpenVPN Connect\ffmpeg.dll
2022-03-17 11:44 - 2022-03-17 11:44 - 000379904 _____ () [File not signed] C:\Program Files\OpenVPN Connect\libegl.dll
2022-03-17 11:44 - 2022-03-17 11:44 - 007863296 _____ () [File not signed] C:\Program Files\OpenVPN Connect\libglesv2.dll
2022-03-17 11:44 - 2022-03-17 11:44 - 000147456 _____ () [File not signed] C:\Program Files\OpenVPN Connect\resources\app.asar.unpacked\keytar.node
2022-03-17 11:44 - 2022-03-17 11:44 - 005680640 _____ () [File not signed] C:\Program Files\OpenVPN Connect\resources\app.asar.unpacked\napi.node
2022-03-17 11:44 - 2022-03-17 11:44 - 000690688 _____ () [File not signed] C:\Program Files\OpenVPN Connect\resources\app.asar.unpacked\pkcs11.node
2021-02-21 20:12 - 2022-04-15 08:00 - 000302592 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\LAVAudio.ax
2021-02-21 20:12 - 2022-04-15 08:00 - 000650240 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\LAVSplitter.ax
2022-05-25 15:14 - 2022-04-15 08:00 - 014077052 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avcodec-lav-59.dll
2022-05-25 15:14 - 2022-04-15 08:00 - 005105276 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avformat-lav-59.dll
2022-05-25 15:14 - 2022-04-15 08:00 - 000679548 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avutil-lav-57.dll
2022-05-25 15:14 - 2022-04-15 08:00 - 000123516 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\swresample-lav-4.dll
2021-02-21 20:12 - 2020-06-21 17:28 - 000180224 _____ (Idol Software) [File not signed] C:\Program Files\MPC-HC\CrashReporter\crashrpt.dll
2022-05-23 20:22 - 2021-12-26 07:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 06:46 - 2022-04-29 12:43 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\Control Panel\Desktop\\Wallpaper -> c:\users\u_u\desktop\nhk2.png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "SetupRST_ModeSwitch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Cloudflare WARP.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2736231629-3607526208-3142971229-1001\...\StartupApproved\Run: => "DriverFix"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{C39451E5-BF06-495B-B6A8-7A010BC23181}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [UDP Query User{7E65A558-7E1E-4532-B790-E3FC82FC25EB}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [{697B02FF-722E-4046-8482-41FCD8AD346D}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3AA8D29B-2DB8-42F4-99C1-D27D4ADF8C2B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5FAE41FC-1D87-45EA-937E-4C0CEEF96C3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{03778120-0621-4125-871F-9FEAFA5918B5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F9C83DC4-B496-4076-95D7-8CD7A8E8BF69}] => (Allow) D:\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{D75ECBD0-DF3E-4927-8372-4C647BEAFEC2}] => (Allow) D:\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{5567452E-50E8-413D-A947-85371C4D0090}] => (Allow) G:\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{0A8CA457-0874-4D8E-8F19-709612AA8E4C}] => (Allow) G:\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{433FBC26-7FA7-439E-AF59-8F7C155943BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{526433EE-DD3C-49FE-AF6A-848D36A34456}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{D636D84D-8263-46A8-BF6A-FF8CE5C80DE5}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{1F7BD2B8-EE03-4DFC-8E6D-AB8880E932EB}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{8257AA13-916A-465B-93E2-5E7C96690244}] => (Allow) G:\SteamLibrary\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{DD5BA207-8BAB-4CAD-82FE-1F6411C69A5F}] => (Allow) G:\SteamLibrary\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [TCP Query User{A4A310AD-3615-4F70-8C42-9DF515ED2EB6}D:\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) D:\steam\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{4662EAA5-7C45-43DB-9F57-031FD3A70A4E}D:\steam\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) D:\steam\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{39CDB7E0-B6BE-425E-A478-15519E43A6D7}] => (Allow) G:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{5B53F427-A748-41E8-8254-74891EA211B1}] => (Allow) G:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{E29C02A3-B7FF-40E0-953B-5B1A1CE57CC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hypnagogia Boundless Dreams\Hypnagogia Boundless Dreams.exe () [File not signed]
FirewallRules: [{E202A2EF-9CBD-4B07-A30D-2978754F523F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hypnagogia Boundless Dreams\Hypnagogia Boundless Dreams.exe () [File not signed]
FirewallRules: [{890D7A02-3EBC-4CC9-9DFA-39C8F8B16380}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{C9ACF3FA-9B83-4A3F-8AD8-F268230CA56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B0CA183C-00BA-4574-A224-30B4539EEB45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcc\binaries\win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{F6FB2F54-36F0-46B7-AB49-4D4323E8F6E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcc\binaries\win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
==================== Restore Points =========================
25-05-2022 21:54:54 Windows Modules Installer
26-05-2022 09:36:32 O&O ShutUp10++
26-05-2022 10:00:07 Installed Dell Update.
26-05-2022 10:07:27 Windows Modules Installer
26-05-2022 10:26:51 Windows Modules Installer
26-05-2022 10:27:43 Windows Modules Installer
26-05-2022 14:04:16 May 26th 2022 (fresh, updated, and clean backup)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/27/2022 01:34:35 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (05/27/2022 01:34:35 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/26/2022 11:49:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bg3.exe version 4.1.152.4131 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2034
Start Time: 01d8713135a0d165
Termination Time: 9
Application Path: D:\Steam\steamapps\common\Baldurs Gate 3\bin\bg3.exe
Report Id: bda48d91-7eca-4c50-8f49-a5b3f80cbf8f
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (05/26/2022 11:09:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (05/26/2022 11:08:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (05/26/2022 10:37:47 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (05/26/2022 10:37:47 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (05/26/2022 10:37:47 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
System errors:
=============
Error: (05/27/2022 01:28:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/27/2022 01:28:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/27/2022 01:27:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the Dnscache service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/26/2022 08:19:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/26/2022 08:19:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/26/2022 08:19:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/26/2022 08:19:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/26/2022 01:56:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Remote Access Connection Manager service depends on the DNS Client service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Windows Defender:
================
Date: 2022-05-26 10:26:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2022-05-24 17:25:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-05-26 09:51:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.367.457.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2022-05-26 09:18:20
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.367.457.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2022-05-25 16:59:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.367.457.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2022-05-25 14:17:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.367.457.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2022-05-25 14:06:02
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.1148.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2022-05-27 13:42:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.21.0 04/14/2022
Motherboard: Dell Inc. 0KXXWY
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 30%
Total physical RAM: 16211.6 MB
Available physical RAM: 11227.5 MB
Total Virtual: 18643.6 MB
Available Virtual: 12331.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.34 GB) (Free:196.17 GB) (Model: NVMe ADATA SX6000PNP) NTFS
Drive d: (MyData01) (Fixed) (Total:199.65 GB) (Free:48.73 GB) (Model: ST1000LM035-1RK172) NTFS
Drive e: (MyData02) (Fixed) (Total:238.42 GB) (Free:150.91 GB) (Model: ST1000LM035-1RK172) NTFS
Drive f: (MyData03) (Fixed) (Total:240.37 GB) (Free:239.23 GB) (Model: ST1000LM035-1RK172) NTFS
Drive g: (MyData04) (Fixed) (Total:241.43 GB) (Free:148.88 GB) (Model: ST1000LM035-1RK172) NTFS
Drive y: (10GigsExtra) (Fixed) (Total:11.4 GB) (Free:11.27 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{0e4be202-5ee6-433f-9eaa-05b5072fe51b}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.45 GB) NTFS
\\?\Volume{8295fa55-1f5a-4bc7-897d-bde19411a8a7}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D85BA26C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 46CDB94D)
Partition: GPT.
==================== End of Addition.txt =======================