Solved Unsure where to post, Kaspersky running slow.

tedus987

Posts: 207   +2
Ok, so I wanted to scan my computer as normal after any unknown activity. I use two types of antivirus and on multiple machines they have never had a problem with each other. The first is Malwarebytes and the second is a paid version of Kaspersky total security.

Kaspersky acts as the active protection while Malwarebytes is there for insurance. Again, I have both on multiple rigs and have had no issues.



With my current rig before a few days ago both applications could perform full scans side by side within 2 hours. However, now Malwarebytes still does a full scan in two hours but Kaspersky for some reason get’s to around 100K files (8% complete) before grinding to a near halt and giving an estimated completion time of a several days.



The quick scan function still runs as normal but when trying a full scan it crawls around 8% I only noticed this as of last night when I set my scans to go thinking I would wake up to a clean system only to notice Kaspersky hadn’t moved much in 12 hours. I have followed the initial instructions of trying to see if uninstalling and re-installing it fixes it only to find it doesn't



I would like to ask for help finding out if something is causing interference that Malwarebytes isn’t picking up.
 

tedus987

Posts: 207   +2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by Luke (administrator) on LUKEGAMINGPC (Gigabyte Technology Co., Ltd. X399 AORUS XTREME) (27-01-2021 00:03:21)
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7269\Agent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) E:\Battle.net\Battle.net\Battle.net.exe <4>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\Check_Kill.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <3>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Luke\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Luke\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2101.1002.1.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) E:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-11-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\Run: [Steam] => E:\Steam\steam.exe [3411232 2020-12-20] (Valve -> Valve Corporation)
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\Run: [Battle.net] => E:\Battle.net\Battle.net\Battle.net.exe [1090464 2021-01-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32873544 2021-01-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7611464 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [659976 2021-01-18] (Kaspersky Lab -> AO Kaspersky Lab)
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\Windows\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B1F796-E100-45D1-9046-BED7BCDF5426} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {10775AEF-68B1-4FE9-AAFF-04BAEA21EDB4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {171D62AC-6C65-4996-BC1E-D8C762A9DFC6} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {18E9DDA8-AA32-4172-B9BA-AC5742910DA0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {239B1629-3EE2-4C33-BA2B-8DE4F6F5AA12} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27F7BCE5-6CF1-42DE-B445-094FBBD2C4D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2019-09-28] (Google Inc -> Google Inc.)
Task: {3A74D77E-367A-43D0-8552-5A032229C93B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2019-09-28] (Google Inc -> Google Inc.)
Task: {5EA643BE-D5E6-488E-B2D3-ADA1765E29E9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6F31BD30-DE58-48CC-B6E7-23729E8EBDAF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77122A11-B48D-421D-93FE-8FA65C6CEFBF} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {77D526E0-D8BC-4467-A31A-E92303829A2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A8F44C4-9954-47F4-88DF-B1C80744E9B0} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [253872 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {7C71192B-CD94-4DD3-80F7-6AB49249140F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AE35C313-E617-425F-98BD-611CF379BC93} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE3270AB-23FB-4EAC-BEA9-C122FC974AD6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0C70AE1-1718-4D71-A6E0-982434E177CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C4070AA5-D155-44C0-8698-EB5409C5C31E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2021-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {C65E32CD-49B1-457B-BD74-1D4F1CFDDD76} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [426416 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {E0B02D7A-5708-4A43-94E0-57AB08640746} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25F2067-CC84-4D37-8DFD-ED58AF888BF9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E928BC42-339B-422C-87EE-BDCC9550DBD3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {EAA85933-0049-4843-977F-0E484A54D045} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCE3AF7A-5BBD-43FE-8CDD-5C19E2709CEE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{02aa6f4f-c271-4670-91ff-bfc04c41d643}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{16970ca7-3beb-47f0-bb2b-f610549ebe5d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4476f908-2b58-4148-a515-df5cbfb8ea0c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a5d2af88-08ed-4527-8599-cee1d518c14e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\Luke\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-26]
Edge Extension: (Kaspersky Protection) - C:\Users\Luke\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-01-26]
Edge HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: vk5m180m.default
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\vk5m180m.default [2021-01-26]
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\900l5yyt.default-release-1570229378129 [2021-01-26]
FF Session Restore: Mozilla\Firefox\Profiles\900l5yyt.default-release-1570229378129 -> is enabled.
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2019-11-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default [2021-01-27]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-28]
CHR Extension: (Kaspersky Protection) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-01-26]
CHR Extension: (Docs) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-28]
CHR Extension: (Google Drive) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-01-15]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-28]
CHR Extension: (Sheets) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-28]
CHR Extension: (Google Docs Offline) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-17]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-11-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-11-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [123816 2020-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128944 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2021-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-16] (Malwarebytes Inc -> Malwarebytes)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2522424 2020-11-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3476288 2020-11-07] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 aqnic; C:\WINDOWS\System32\drivers\aqnic650.sys [1150960 2018-03-29] (Aquantia -> Aquantia Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-01-26] (CPUID S.A.R.L.U. -> CPUID)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1081168 2020-11-02] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [44368 2020-11-02] (Creative Technology Ltd -> Creative Technology Ltd)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv; C:\Windows\gdrv.sys [26792 2019-09-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-09-28] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [16712 2019-01-15] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [659768 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1341232 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245784 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2021-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
U3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-16] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50640 2016-09-01] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2021-01-26] (Noriyuki MIYAZAKI -> OpenLibSys.org)

Contuned next post
 

tedus987

Posts: 207   +2
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-27 00:03 - 2021-01-27 00:03 - 000031376 _____ C:\Users\Luke\Desktop\FRST.txt
2021-01-27 00:03 - 2021-01-27 00:03 - 000000000 ____D C:\Users\Luke\Desktop\FRST-OlderVersion
2021-01-27 00:03 - 2021-01-27 00:03 - 000000000 ____D C:\FRST
2021-01-27 00:02 - 2021-01-27 00:03 - 002297344 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe
2021-01-26 23:39 - 2021-01-26 23:39 - 000001303 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2021-01-26 23:39 - 2021-01-26 23:39 - 000001303 _____ C:\ProgramData\Desktop\Kaspersky Password Manager.lnk
2021-01-26 23:38 - 2021-01-26 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2021-01-26 20:11 - 2021-01-26 20:11 - 000310232 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-01-26 20:00 - 2021-01-26 20:00 - 000257208 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-01-26 20:00 - 2021-01-26 20:00 - 000207352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-01-26 20:00 - 2021-01-26 20:00 - 000116888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-01-26 20:00 - 2021-01-26 20:00 - 000099152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2021-01-26 20:00 - 2021-01-26 20:00 - 000002170 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2021-01-26 20:00 - 2021-01-26 20:00 - 000002170 _____ C:\ProgramData\Desktop\Kaspersky Total Security.lnk
2021-01-26 20:00 - 2021-01-26 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-01-26 20:00 - 2021-01-26 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2021-01-26 20:00 - 2020-10-21 23:12 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-01-26 19:59 - 2021-01-26 20:00 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-01-26 19:59 - 2020-10-21 23:11 - 001025336 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-01-26 19:59 - 2020-10-21 23:11 - 000523576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-01-26 04:53 - 2021-01-26 04:53 - 000000000 ____D C:\Users\Luke\AppData\Local\Kaspersky Lab
2021-01-17 01:45 - 2021-01-17 01:45 - 000000000 ____D C:\Users\Luke\AppData\Roaming\NVIDIA
2021-01-16 21:38 - 2021-01-16 21:38 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-16 21:37 - 2021-01-16 21:37 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-16 21:37 - 2021-01-16 21:37 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-16 21:37 - 2021-01-16 21:37 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-16 21:37 - 2021-01-16 21:37 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-16 21:37 - 2021-01-16 21:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-16 21:37 - 2021-01-16 21:37 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-16 21:37 - 2021-01-16 21:37 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-16 21:37 - 2021-01-16 21:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-16 21:37 - 2021-01-16 21:37 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-16 21:37 - 2021-01-16 21:37 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-16 21:37 - 2021-01-16 21:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-16 21:37 - 2021-01-16 21:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-16 21:37 - 2021-01-16 21:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-16 21:37 - 2021-01-16 21:37 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-16 21:37 - 2021-01-16 21:37 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-16 21:36 - 2021-01-16 21:36 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-16 21:36 - 2021-01-16 21:36 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-16 21:36 - 2021-01-16 21:36 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-16 21:36 - 2021-01-16 21:36 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-16 21:36 - 2021-01-16 21:36 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-16 21:36 - 2021-01-16 21:36 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-16 21:36 - 2021-01-16 21:36 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-16 21:36 - 2021-01-16 21:36 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-16 21:36 - 2021-01-16 21:36 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-16 21:35 - 2021-01-16 21:35 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-16 21:35 - 2021-01-16 21:35 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-16 21:35 - 2021-01-16 21:35 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-16 21:35 - 2021-01-16 21:35 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-16 21:35 - 2021-01-16 21:35 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-16 21:35 - 2021-01-16 21:35 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-16 21:35 - 2021-01-16 21:35 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-16 21:35 - 2021-01-16 21:35 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-16 21:34 - 2021-01-16 21:34 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-16 21:34 - 2021-01-16 21:34 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-16 21:34 - 2021-01-16 21:34 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-16 21:34 - 2021-01-16 21:34 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-16 21:34 - 2021-01-16 21:34 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-16 01:50 - 2021-01-16 01:50 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-16 01:50 - 2021-01-16 01:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-15 20:09 - 2021-01-15 20:09 - 000000000 ____D C:\Users\Luke\AppData\LocalLow\MohawkGames
2021-01-15 20:09 - 2021-01-15 20:09 - 000000000 ____D C:\Users\Luke\AppData\Local\Stardock
2021-01-15 20:09 - 2021-01-15 20:09 - 000000000 ____D C:\ProgramData\Stardock
2021-01-15 20:06 - 2021-01-15 20:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-15 20:03 - 2021-01-26 19:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-29 21:38 - 2020-12-29 21:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-29 21:38 - 2020-12-29 21:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-29 21:37 - 2020-12-29 21:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-29 21:37 - 2020-12-29 21:37 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-29 21:37 - 2020-12-29 21:37 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-29 21:37 - 2020-12-29 21:37 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-29 21:37 - 2020-12-29 21:37 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-29 21:37 - 2020-12-29 21:37 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-29 21:37 - 2020-12-29 21:37 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-29 21:37 - 2020-12-29 21:37 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-29 21:37 - 2020-12-29 21:37 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-29 21:29 - 2020-12-29 21:29 - 000001199 _____ C:\Users\Public\Desktop\iCUE.lnk
2020-12-29 21:29 - 2020-12-29 21:29 - 000001199 _____ C:\ProgramData\Desktop\iCUE.lnk
2020-12-29 21:29 - 2020-12-29 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2020-12-29 20:28 - 2020-12-12 14:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-29 20:28 - 2020-12-12 14:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-29 20:28 - 2020-12-12 14:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-29 20:28 - 2020-12-12 14:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-29 20:28 - 2020-12-12 14:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-29 20:28 - 2020-12-12 14:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-29 20:28 - 2020-12-12 14:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-29 20:28 - 2020-12-12 14:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-29 20:28 - 2020-12-12 14:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-29 20:28 - 2020-12-12 14:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-29 20:28 - 2020-12-12 14:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-29 20:28 - 2020-12-12 14:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-29 20:28 - 2020-12-12 14:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-29 20:28 - 2020-12-12 14:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-29 20:28 - 2020-12-12 03:59 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-27 00:02 - 2019-10-04 09:33 - 000000000 ____D C:\Users\Luke\AppData\Local\Battle.net
2021-01-26 23:50 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-26 23:31 - 2019-09-28 16:53 - 000000000 ___RD C:\Users\Luke\OneDrive
2021-01-26 23:14 - 2020-08-29 19:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-26 20:13 - 2019-09-28 18:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-26 20:07 - 2020-08-29 19:26 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-26 20:07 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-26 20:01 - 2020-08-29 19:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-26 20:01 - 2020-08-29 19:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-26 20:00 - 2020-08-29 19:23 - 000003240 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-01-26 20:00 - 2019-12-07 09:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-26 20:00 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-26 20:00 - 2019-11-05 20:13 - 000000000 ____D C:\Users\Luke\AppData\Local\CrashDumps
2021-01-26 20:00 - 2019-09-28 18:35 - 000000000 ____D C:\Program Files\Common Files\AV
2021-01-26 20:00 - 2019-09-28 18:35 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-01-26 19:59 - 2019-12-07 09:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-26 19:52 - 2019-09-28 18:06 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-26 19:23 - 2019-09-28 18:27 - 000000000 ____D C:\Users\Luke\AppData\LocalLow\Mozilla
2021-01-26 19:19 - 2019-09-28 18:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-26 04:58 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-26 04:58 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-23 01:50 - 2020-06-27 19:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-22 04:15 - 2020-08-29 19:23 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-22 04:15 - 2020-08-29 19:23 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-22 04:15 - 2019-09-29 12:07 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-17 05:42 - 2020-08-29 19:16 - 000308288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-17 05:40 - 2019-12-07 14:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-17 05:40 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-17 05:39 - 2019-12-07 14:49 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-17 05:39 - 2019-12-07 14:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-17 05:39 - 2019-12-07 14:49 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-17 05:39 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-16 21:40 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-16 21:34 - 2020-08-29 19:18 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-16 20:20 - 2019-09-28 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-16 01:50 - 2020-08-29 16:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-16 01:50 - 2019-09-28 18:29 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-16 01:50 - 2019-09-28 18:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-16 01:50 - 2019-09-28 18:29 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-15 21:15 - 2019-09-28 18:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 21:14 - 2019-09-28 18:10 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 20:09 - 2019-10-04 00:29 - 000000000 ____D C:\Users\Luke\Documents\my games
2021-01-15 20:06 - 2019-09-28 18:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-11 23:28 - 2019-09-28 17:15 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-11 23:28 - 2019-09-28 17:15 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-11 23:28 - 2019-09-28 17:15 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-29 21:46 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-29 21:46 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-29 20:29 - 2020-11-06 21:19 - 000000000 ____D C:\Users\Luke\AppData\Local\NVIDIA

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

tedus987

Posts: 207   +2
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by Luke (27-01-2021 00:05:19)
Running from C:\Users\Luke\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-08-29 19:23:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2510698397-3664597415-1653284245-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2510698397-3664597415-1653284245-503 - Limited - Disabled)
Guest (S-1-5-21-2510698397-3664597415-1653284245-501 - Limited - Disabled)
Luke (S-1-5-21-2510698397-3664597415-1653284245-1001 - Administrator - Enabled) => C:\Users\Luke
WDAGUtilityAccount (S-1-5-21-2510698397-3664597415-1653284245-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@Bios (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0619.1 - GIGABYTE) Hidden
@Bios (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0619.1 - GIGABYTE)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Core Temp 1.16 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.16 - ALCPU)
CORSAIR iCUE Software (HKLM-x32\...\{74AF4222-AABF-462F-B0CC-59A4BF827F8C}) (Version: 3.36.125 - Corsair)
CPUID CPU-Z Aorus 1.84 (HKLM\...\CPUID CPU-Z Aorus_is1) (Version: 1.84 - CPUID, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: - Electronic Arts, Inc.)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.18.0208.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.18.0208.1 - GIGABYTE)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5311.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Outlook 2013 - en-us (HKLM\...\OutlookRetail - en-us) (Version: 15.0.5311.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-GB)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5311.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5311.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5311.1000 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.87.45080 - Electronic Arts, Inc.)
paint.net (HKLM\...\{2025DAA7-0653-4F18-B66F-900E6F2320EC}) (Version: 4.2.13 - dotPDN LLC)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.00 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{0edb50a3-501b-40f9-b197-0d143fdef576}) (Version: 1.00.00 - Patriot Memory)
QModManager (Subnautica) (HKLM-x32\...\{52CC87AA-645D-40FB-8411-510142191678}_is1) (Version: 4.0.2.3 - QModManager)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0905.1 - GIGABYTE)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.19.0522.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.19.0522.1 - GIGABYTE)
Sound Blaster Z-Series (HKLM-x32\...\{39FD096B-055A-4D68-8DEB-071EA0361B2F}) (Version: 1.01.06 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.50.3.0_x86__kgqvnymyfvs32 [2021-01-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-26] (king.com)
Disgaea 4 Complete+ -> C:\Program Files\WindowsApps\NISAmericaInc.Disgaea4Complete_1.0.68.0_x64__f6hsb3tktby1t [2020-11-14] (NIS America, Inc.)
DQXI_S_WW -> C:\Program Files\WindowsApps\39EA002F.DQXISWW_1.0.4.0_x64__n746a19ndrrjg [2020-11-14] (SQUARE ENIX CO. LTD.)
FINAL FANTASY IX -> C:\Program Files\WindowsApps\39EA002F.FINALFANTASYIX_1.4.10.2_x64__n746a19ndrrjg [2020-08-29] (SQUARE ENIX CO. LTD.)
FINAL FANTASY VII WINDOWS EDITION -> C:\Program Files\WindowsApps\39EA002F.FINALFANTASYVII_1.0.1.0_x64__n746a19ndrrjg [2020-09-04] (SQUARE ENIX CO. LTD.)
FINAL FANTASY VIII Remastered WINDOWS EDITION -> C:\Program Files\WindowsApps\39EA002F.FINALFANTASYVIIIRemastered_1.0.1.0_x64__n746a19ndrrjg [2020-11-14] (SQUARE ENIX CO. LTD.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-15] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0 [2021-01-25] (Spotify AB) [Startup Task]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\shellex.dll [2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\shellex.dll [2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\shellex.dll [2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\shellex.dll [2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Luke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-11-23 17:42 - 2020-11-23 17:42 - 000356352 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-11-23 17:04 - 2020-11-23 17:04 - 000759808 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-11-23 17:04 - 2020-11-23 17:04 - 000743936 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-11-23 17:03 - 2020-11-23 17:03 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-11-23 17:04 - 2020-11-23 17:04 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-11-23 17:03 - 2020-11-23 17:03 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-11-23 17:02 - 2020-11-23 17:02 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2020-04-30 15:28 - 2020-04-30 15:28 - 001866752 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2017-12-01 12:43 - 2017-12-01 12:43 - 000141824 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\ycc.dll
2019-06-28 09:51 - 2019-06-28 09:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 104873984 _____ () [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\libcef.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000112128 _____ () [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\libEGL.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 006227456 _____ () [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\libGLESv2.dll
2020-01-17 13:17 - 2009-03-18 16:00 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2014-07-03 17:22 - 2014-07-03 17:22 - 000555008 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTAudEp.dll
2011-09-16 17:04 - 2011-09-16 17:04 - 000238080 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTLoadRs.dll
2013-02-27 11:29 - 2013-02-27 11:29 - 000251904 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\HKDetect.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2019-08-16 15:46 - 2019-08-16 15:46 - 000289280 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVBIOSLib.dll
2019-09-02 10:37 - 2019-09-02 10:37 - 000445952 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 18:53 - 2018-09-11 18:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2019-08-30 20:45 - 2019-08-30 20:45 - 002057216 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2019-09-28 22:45 - 2019-02-21 16:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-10-29 10:25 - 2018-10-29 10:25 - 000372736 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2020-10-21 09:59 - 2020-10-21 09:59 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000810496 _____ (The Chromium Authors) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\chrome_elf.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\LIBEAY32.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\ssleay32.dll
2020-11-23 17:02 - 2020-11-23 17:02 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-11-23 17:02 - 2020-11-23 17:02 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Origin\platforms\qwindows.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Core.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Gui.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Network.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5WebSockets.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Widgets.dll
2020-11-07 02:26 - 2020-11-07 02:26 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Xml.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000047104 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\audio\qtaudio_windows.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000026112 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qgif.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000027136 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qico.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000243712 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qjpeg.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000223744 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qmng.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000020992 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qsvg.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000332288 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\imageformats\qtiff.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 001140224 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\platforms\qwindows.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000041984 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQml\Models.2\modelsplugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick.2\qtquick2plugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000084480 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000267776 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000071680 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000211456 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\qml\QtQuick\Window.2\windowplugin.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 004943360 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Core.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 005022208 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Gui.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000626176 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Multimedia.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000877056 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Network.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 002908672 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Qml.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 003078656 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Quick.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000096256 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5QuickControls2.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000681472 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5QuickTemplates2.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000259072 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Svg.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 004718080 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Widgets.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000439296 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5WinExtras.dll
2021-01-08 17:20 - 2021-01-08 17:20 - 000159232 _____ (The Qt Company Ltd.) [File not signed] E:\Battle.net\Battle.net\Battle.net.12601\Qt5Xml.dll
2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2019-03-27 13:15 - 2019-03-27 13:15 - 008703488 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
2017-10-05 14:26 - 2017-10-05 14:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 07:22 - 2018-12-08 07:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2019-09-02 19:16 - 2019-09-02 19:16 - 000433664 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2019-09-05 15:22 - 2019-09-05 15:22 - 002105344 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
2017-07-24 15:36 - 2017-07-24 15:36 - 000481792 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-06-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-06-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-22] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2019-11-23] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 07:31 - 2018-09-15 07:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2510698397-3664597415-1653284245-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\shadow.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==
 

tedus987

Posts: 207   +2
==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D88D7E0D-A6C6-4B71-8CE7-C61767A1D852}] => (Allow) LPort=9009
FirewallRules: [{B6A75189-C5B9-45F7-B83B-17E9B60A736E}] => (Allow) LPort=9009
FirewallRules: [{8D52A7A0-9B19-445D-BB52-ECC9132D05A6}] => (Allow) LPort=9009
FirewallRules: [{DFDFB665-B691-4641-A123-2105FAB8632A}] => (Allow) LPort=9009
FirewallRules: [{0087D9CE-6F2E-4201-8AA6-B266653AC503}] => (Allow) LPort=9009
FirewallRules: [{80997DDA-7987-44D0-B77A-12FDDF5B29AD}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D005F9B4-64E0-48CE-ADC4-C983FA0E9484}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{6747CB6C-9B28-4EC6-B7F8-FD1A4D728218}] => (Allow) LPort=9009
FirewallRules: [{E09E9CF8-4179-48BF-B332-7BB5B181BFBF}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{7672C5E2-078F-44CD-A4EB-9E9B2A6B486E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{BA44769C-15E6-4282-B78A-6D1AEBA52750}] => (Allow) LPort=9009
FirewallRules: [{B94F5E19-48D1-4F03-B7F1-73BBCADE5999}] => (Allow) LPort=9009
FirewallRules: [{47CBCEBA-C72F-4605-91F1-75AE145FB537}] => (Allow) LPort=9009
FirewallRules: [{37289605-779F-4453-BEA5-A1F40AFC1ED1}] => (Allow) LPort=9009
FirewallRules: [{9F1AF0D4-3667-416D-9D24-6DF96952A0A9}] => (Allow) LPort=9009
FirewallRules: [{89D2FF95-218F-433F-BA93-88BF4629C6FD}] => (Allow) LPort=9009
FirewallRules: [{91B1D142-8697-4E14-9E86-58EDDB231E7F}] => (Allow) LPort=9009
FirewallRules: [{828C2383-8286-49D8-8851-77CCC393E9CA}] => (Allow) LPort=9009
FirewallRules: [{9120F938-76A1-4C84-9CA9-89301DF55560}] => (Allow) LPort=9009
FirewallRules: [{980E1F11-3A47-4727-B6F2-6390429BD064}] => (Allow) LPort=9009
FirewallRules: [{0FE030F3-D139-4617-91C7-8CAEEFEEA896}] => (Allow) LPort=9009
FirewallRules: [{897BC89C-FD2D-4E31-92BB-EADFD8B90120}] => (Allow) LPort=9009
FirewallRules: [{F0520047-7B9B-480C-98D3-A0A1253C6E10}] => (Allow) LPort=9009
FirewallRules: [{8183578E-85D3-410A-BF25-985C2C75C938}] => (Allow) LPort=9009
FirewallRules: [{3AF51B59-BCFC-4B79-A4D0-0D6C65CDE341}] => (Allow) LPort=9009
FirewallRules: [{4D373B8F-DF08-463C-B79B-73734731845E}] => (Allow) E:\Steam\steamapps\common\Chrono Trigger\Chrono Trigger.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{FD471422-492C-497F-A00F-0DC20DE047E1}] => (Allow) E:\Steam\steamapps\common\Chrono Trigger\Chrono Trigger.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{F4CA16A9-C0F5-40DC-A9F2-F16142DF1784}] => (Allow) LPort=9009
FirewallRules: [{4947A964-90F0-4F4E-89B7-B69CBDE2DF8D}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{6657ACB7-7115-401D-B341-44417840B7E4}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{BBF43E19-A96A-44D8-AB33-C5335AE13DB9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D58CDB7-B777-4399-9AED-67183D3937ED}] => (Allow) LPort=9009
FirewallRules: [{88648B1E-0636-4B86-A738-423C117F3575}] => (Allow) LPort=9009
FirewallRules: [{2A550CD6-3D2B-41DC-8455-A53598A3F0FA}] => (Allow) LPort=9009
FirewallRules: [{17E5EC3E-D82A-4DC5-96A6-494A718FE256}] => (Allow) LPort=9009
FirewallRules: [{E025AB31-E30D-4D07-96D5-84DDC8BE9D2D}] => (Allow) LPort=9009
FirewallRules: [{B2E60EE9-5571-49BA-BDEC-C787CEE7AD66}] => (Allow) LPort=9009
FirewallRules: [{E9EB134C-AF50-4FA1-A5CF-983C26CF62D8}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{91ECDCCA-B34E-4027-B0FA-5BC4AF446836}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3F931168-2F83-447E-BD58-6578A78816F1}] => (Allow) LPort=9009
FirewallRules: [{341DA32C-1FBB-4487-8D4C-115735BC078A}] => (Allow) LPort=9009
FirewallRules: [{79BE9F52-13F7-4942-8177-943752B4182A}] => (Allow) LPort=9009
FirewallRules: [{D806E589-9193-405C-8F65-43B7F125F64B}] => (Allow) LPort=9009
FirewallRules: [{DA742669-0201-4BDD-9A39-F4D9395FAE48}] => (Allow) LPort=9009
FirewallRules: [{A67184C3-DE20-4A99-95DB-90D9B65E854F}] => (Allow) LPort=9009
FirewallRules: [{3D5E4CB3-C066-4395-85CF-D75F557D11A8}] => (Allow) LPort=9009
FirewallRules: [{6DB87959-A347-4CF0-B395-DB20594163C3}] => (Allow) LPort=9009
FirewallRules: [{FCBD915C-724E-4A04-B40D-8B3B64FD9A74}] => (Allow) LPort=9009
FirewallRules: [{55A06E53-F418-4DFA-A055-B513F92B01D9}] => (Allow) LPort=9009
FirewallRules: [{CD684949-7297-49BD-AEEF-E62481056132}] => (Allow) LPort=9009
FirewallRules: [{327C4F92-EF9B-46B5-B6A0-4C61FF4B2588}] => (Allow) LPort=9009
FirewallRules: [{5621A3D4-9BCF-4A21-B9BB-EAA66D08A913}] => (Allow) LPort=9009
FirewallRules: [{1A5E14C1-038C-4A67-88D3-ACD3F62C306E}] => (Allow) LPort=9009
FirewallRules: [{05DDBE64-737F-4D80-86B6-2770D781EB0D}] => (Allow) LPort=9009
FirewallRules: [{795EABCA-6F6B-49AC-B0A1-8C53849C9048}] => (Allow) LPort=9009
FirewallRules: [{F47AB70A-AEB7-4F37-8D38-676DA1E6386C}] => (Allow) LPort=9009
FirewallRules: [{FD9B22A5-38EB-4F0F-ABCA-6F6D34197555}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{219AC140-96E0-468B-9513-CB45FA17B192}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{03B1DF6F-2CFA-4D37-A71F-9592849FDEDC}] => (Allow) LPort=9009
FirewallRules: [{3C857892-B110-4F89-B169-987E4B82378C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{99DAB549-155A-4E31-A1B0-8E9D8377A4D5}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{07CE9A65-67F5-4195-AC2B-DF1422186C28}] => (Allow) LPort=9009
FirewallRules: [{3E49906B-1970-40DC-94E9-F6C9315CFBDF}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BE69A9E7-9B41-4F9A-A2E8-03541F4324FE}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{81D317C4-818C-4707-8A62-852E00DE56A4}] => (Allow) LPort=9009
FirewallRules: [{6A683EF1-8197-448B-88F2-B7DCFED5CF80}] => (Allow) LPort=9009
FirewallRules: [{1D2F5A53-FCE2-4262-9FD1-78DD67381F98}] => (Allow) LPort=9009
FirewallRules: [{12170D4C-28A4-4AF8-B8A2-B183923A4078}] => (Allow) LPort=9009
FirewallRules: [{58AD49F1-4724-4172-886E-211C58B7EFE1}] => (Allow) LPort=9009
FirewallRules: [{7AF55F13-8F42-47E5-A3AB-A0B67BE94806}] => (Allow) LPort=9009
FirewallRules: [{DBAD28C4-709B-455C-BFE3-4BA231A7C184}] => (Allow) LPort=9009
FirewallRules: [{F6325860-ECB6-4907-AF6F-0A1A2FEA789E}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{CA875311-7417-456B-9822-0FDD590F415C}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{AF87FEB0-D3E3-45E6-9D2F-7E8B4C0A9F4E}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{769D241C-CD2B-4E1D-A654-9DBD06B3E449}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{BF705BF9-FB22-4D3B-86C7-7D58D4E92220}] => (Allow) LPort=9009
FirewallRules: [{327EB9D5-D9BA-4856-9F07-2FF12278099F}] => (Allow) LPort=9009
FirewallRules: [{03FBF509-C2AE-4475-B451-4A31786734F2}] => (Allow) LPort=9009
FirewallRules: [{F0ED948B-7D33-4F47-A7D9-A9EDFF643802}] => (Allow) LPort=9009
FirewallRules: [{C5F7666A-B68A-4406-BEF9-9355C44F6DCF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{C0320113-EA81-4603-8562-10483EB3F64C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{89C49C47-4CD4-45DF-90BA-17F6A02CB7B6}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{89B5F8D5-4FB7-4CD2-86E4-2791B964AAE1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{ECB48B6E-743C-4769-83EA-D7775F2E1F0B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{8B6E0A60-D6E2-43E7-9253-0FAD335278AF}] => (Allow) LPort=9009
FirewallRules: [{EA02E904-BA86-4D16-A2DB-E2A064B8B6CD}] => (Allow) LPort=9009
FirewallRules: [{BC440185-CD3B-4B80-972A-8FD92C7156B4}] => (Allow) LPort=9009
FirewallRules: [{607731F8-2915-4E42-A23D-3C7A7B74F095}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BC0C80C2-FB14-48EE-82E7-89887BDD0CA9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{832CCBBB-57C2-40DF-9471-8D88E98E611D}] => (Allow) LPort=9009
FirewallRules: [{E111E09C-F84D-4569-91A9-04C1BE9D1B4A}] => (Allow) LPort=9009
FirewallRules: [{575C1D47-DAD9-409C-B0A8-B0116FF01FAE}] => (Allow) LPort=9009
FirewallRules: [{3D71C0D6-ABB2-4640-B38A-B6D5A153BC7D}] => (Allow) LPort=9009
FirewallRules: [{9225EEAC-DE58-4131-ACE0-59089B517D48}] => (Allow) LPort=9009
FirewallRules: [{18C413A6-FE60-4386-A7EA-CCC396F8952F}] => (Allow) LPort=9009
FirewallRules: [{21A12F21-8139-4E59-B11F-08AB9BEE6137}] => (Allow) E:\Steam\steamapps\common\King's Quest Collection\2016_KingsQuestCollection\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{13FAD78D-60C6-4A30-AEBD-BCB65D2930FE}] => (Allow) E:\Steam\steamapps\common\King's Quest Collection\2016_KingsQuestCollection\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{48B742A9-CC94-4E9F-8D0A-840286BEEDB7}] => (Allow) E:\Steam\steamapps\common\King's Quest Collection\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{3557431B-C63E-4DCA-A092-58652B8BD29F}] => (Allow) E:\Steam\steamapps\common\King's Quest Collection\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{B7964793-8AC9-4C97-AD08-116F03BF96E6}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{EC8F71F2-FB49-484B-9613-7C79E18CCF59}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{F7D249ED-2655-43E4-9807-228774620800}] => (Allow) LPort=9009
FirewallRules: [{D1BAD6A1-8548-4B6D-9DFB-55A435AA7203}] => (Allow) LPort=9009
FirewallRules: [{7F62712B-981E-4A1F-B90F-A7206DDA5EFF}] => (Allow) LPort=9009
FirewallRules: [{CC13E970-3698-4E65-8882-2561AFE97D45}] => (Allow) LPort=9009
FirewallRules: [{4E1595C3-8C91-4E89-9AD2-5838DF1379F5}] => (Allow) LPort=9009
FirewallRules: [{8291F128-5B2A-4E9E-9E46-F5240F03761A}] => (Allow) LPort=9009
FirewallRules: [{F4DC956E-E76F-44E4-9277-48680EB19ACF}] => (Allow) LPort=9009
FirewallRules: [{E6EA1A6E-CEC0-4547-991B-5E35966F53EF}] => (Allow) LPort=9009
FirewallRules: [{F96D76D0-4A5B-403C-A856-E9D2B115A5ED}] => (Allow) LPort=9009
FirewallRules: [{9970AFC3-73D4-431A-9C8D-0523732EDB4B}] => (Allow) LPort=9009
FirewallRules: [{E1D34FA4-014D-45AB-B3F0-EA89C0090162}] => (Allow) LPort=9009
FirewallRules: [{2FE9670D-0083-493E-8E44-068BE97F778B}] => (Allow) LPort=9009
FirewallRules: [{82109D3E-765C-4813-899E-BCC632CEA93C}] => (Allow) LPort=9009
FirewallRules: [{9208D060-CB88-4284-A8E3-2C6151508AE9}] => (Allow) LPort=9009
FirewallRules: [{C2FAF76D-7EF0-4784-9E70-4230B632E9AE}] => (Allow) LPort=9009
FirewallRules: [{83A94482-7B22-4A50-8261-2D1E1D9D1C12}] => (Allow) LPort=9009
FirewallRules: [{B273BA83-CBD3-4D26-96FB-10E379BB4E2E}] => (Allow) LPort=9009
FirewallRules: [{57351D8D-0D0F-4D18-B23D-417C73A55A99}] => (Allow) LPort=9009
FirewallRules: [{B7ECE23F-9CD2-42A6-B82F-E3483C430492}] => (Allow) LPort=9009
FirewallRules: [{92581CC7-4FEF-4B07-B8F4-C4E6D5C951E6}] => (Allow) LPort=9009
FirewallRules: [{1F4ADDEF-5C48-4A79-B8B9-4D1D5C7F785D}] => (Allow) LPort=9009
FirewallRules: [{E68D4927-5EBB-4C1E-85C4-0E94F7B04C6A}] => (Allow) LPort=9009
FirewallRules: [{FBF25134-D3FD-4899-B057-42EB8639B82F}] => (Allow) LPort=9009
FirewallRules: [{44490058-C22B-4445-8651-3B05CED738EC}] => (Allow) E:\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{DA883D32-AB7D-4542-B112-C113105FB49A}] => (Allow) E:\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{C6274896-2995-443F-916A-22E89A65B3F8}] => (Allow) LPort=9009
FirewallRules: [{2A8D5662-2429-4927-8C94-8A3D9AA5CE57}] => (Allow) LPort=9009
FirewallRules: [{267E240E-7B0E-4A28-868B-52F0AE2C1747}] => (Allow) LPort=9009
FirewallRules: [{F6AE5FA4-D417-451D-94E9-9854DC68B143}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DACF413-6991-481E-9F1C-32505A3CA05D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A87ED43E-F39B-48FF-B383-7B0A01711507}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3D77D463-3F93-4032-B34C-161FDA7CD628}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7CF4C54D-7BA3-4C04-9140-9F332E7B45A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F14DF21D-CC40-42ED-9C1D-86D9D12D4D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C5F67AA-A41E-4FDD-9719-7CDDEE3AE296}] => (Allow) LPort=9009
FirewallRules: [{E667725B-34FB-4D9A-BB8F-A29615C1CED5}] => (Allow) LPort=9009
FirewallRules: [{B0906AAE-B055-4CCC-A3BD-D2D4126FD0EB}] => (Allow) LPort=9009
FirewallRules: [{ECC886FC-8CD3-4DE9-B4C0-A6054546D0F8}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{5C650EAB-9AE8-49EE-BF2C-461D10542082}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D6B134DE-999C-4BEB-86D0-0D7F5D26D424}] => (Allow) LPort=9009
FirewallRules: [{5E35352F-F007-482D-9C36-4C547D8D224C}] => (Allow) LPort=9009
FirewallRules: [{DA1F976A-8900-4B15-990E-22555C8663A9}] => (Allow) LPort=9009
FirewallRules: [{07BEC437-6E13-4444-BEAE-B7259FE36631}] => (Allow) LPort=9009
FirewallRules: [{F653331E-50FB-4918-9D33-46D010DD24BB}] => (Allow) LPort=9009
FirewallRules: [{250BB582-50AA-4BD6-8D47-15154DFBFDBE}] => (Allow) E:\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{EB7D317B-808E-45A8-A504-192C5D0C4397}] => (Allow) E:\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{11AAFB26-8A72-4B3E-BBFB-07E87C271CBE}] => (Allow) E:\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{43A7892B-D283-454F-A70D-2FE5E432133F}] => (Allow) E:\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{33259044-BA36-4666-8E08-452EA5B5E682}] => (Allow) E:\Steam\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{80B991D2-69BD-42BE-A638-57B56EAA05A9}] => (Allow) E:\Steam\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{03CDF5E1-02CC-40AC-AA55-FE006623BB20}] => (Allow) LPort=9009
FirewallRules: [{42A2620B-06E5-4C75-9B61-F98B7DB476B4}] => (Allow) LPort=9009
FirewallRules: [{C4092B17-F8A3-42EA-BE7E-70AACF00D4B1}] => (Allow) LPort=9009
FirewallRules: [{0902213A-DDC4-411D-ADC8-AC35AAFEDB2D}] => (Allow) LPort=9009
FirewallRules: [{D7DBAA33-1112-4A0C-807D-EC304C9C9929}] => (Allow) LPort=9009
FirewallRules: [{464AF374-A395-484A-B014-42F07136370D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{14A284EA-A743-48BC-9484-227B840E98D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B6F79B3-E00A-41E7-9E48-CD7A0663E2E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B847B37-FA64-44FB-9784-4D5A08F6280D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A87223AD-CF84-4CB8-81A6-BA421CA5C770}] => (Allow) LPort=9009
FirewallRules: [{46D822BA-381E-4585-B44A-CFA0F598BA67}] => (Allow) LPort=9009
FirewallRules: [{B6076F58-111A-4E80-B9B0-C1759F679033}] => (Allow) LPort=9009
FirewallRules: [{1DACCA71-EECA-41F2-945F-57658FD2ACD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F34E24CF-BC0F-4C8D-9028-FDC4615E61CB}] => (Allow) LPort=9009
FirewallRules: [{C6145FAE-0ADC-4484-9228-9C2D07B3A321}] => (Allow) LPort=9009
FirewallRules: [{8DE4E370-6E90-4131-81A2-4459B208EFAF}] => (Allow) LPort=9009
FirewallRules: [{717D2DC1-35D4-4293-A6FB-A138B8DEBE7E}] => (Allow) LPort=9009
FirewallRules: [{9C7AA8A5-8A02-483C-9E84-145A8723DB17}] => (Allow) LPort=9009
FirewallRules: [{91973DCC-3DB2-4673-BE0E-34B864651567}] => (Allow) LPort=9009
FirewallRules: [{72E860B4-4001-4196-803A-D803298303B2}] => (Allow) LPort=9009
FirewallRules: [{FDF8A933-04BF-4D71-B8CC-F5204800CEF7}] => (Allow) LPort=9009
FirewallRules: [{B845F411-418D-4AA6-8727-BDCEEEA82D49}] => (Allow) LPort=9009
FirewallRules: [{09A65F90-4F67-41D0-9885-0A6703CF369D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D92599C8-4A15-4855-AE2E-ABA3E31AFF09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E89D47CC-2E2B-409E-9652-0126368147DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF782B8-CB64-4455-B4A5-BB7F08451D8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D30E65B1-5224-4FF2-905F-F72FB44923A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{62E1F460-3A2D-4C08-9358-08707EE02C39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A867DDB3-3765-4BA1-9EE2-0FAD8B9683CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E556996-7A2F-4F04-896E-3E5600C19BDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9CD590A8-9DA7-4553-8CDE-CADA280C7266}] => (Allow) LPort=9009
FirewallRules: [{73C28840-3DB1-499C-95EC-10B5216BFDF7}] => (Allow) LPort=9009
FirewallRules: [{0E2BE51C-C723-42F3-BB1D-FE4BC8B40451}] => (Allow) LPort=9009
FirewallRules: [{6C7B4AED-C408-47B5-BC39-ACB7C975761E}] => (Allow) LPort=9009
FirewallRules: [{FED5A358-219F-47B3-AC56-9A4749200025}] => (Allow) E:\Steam\steamapps\common\Dungeons2\Dungeons2.exe () [File not signed]
FirewallRules: [{A8CE176E-F80C-45F5-B79E-CDA5CF33B9FF}] => (Allow) E:\Steam\steamapps\common\Dungeons2\Dungeons2.exe () [File not signed]
FirewallRules: [{B1089F95-5B5A-451A-BFF9-FE529124CE23}] => (Allow) E:\Steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{0AB2F52C-135D-46FE-AE73-D54A93ACC334}] => (Allow) E:\Steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{CCD3ED14-479C-4FA7-836F-57692858A068}] => (Allow) LPort=9009
FirewallRules: [{8E0C7C37-D7B8-4DF2-AE2E-2750BC1FEFB5}] => (Allow) LPort=9009

==================== Restore Points =========================

16-01-2021 01:43:26 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
22-01-2021 04:14:28 Windows Backup
25-01-2021 01:36:53 Windows Backup
26-01-2021 04:38:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/26/2021 08:13:35 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Application: Kaspersky Total Security -- Error 1704. An installation for Kaspersky Password Manager is currently paused. Changes made by this installation will be canceled. Start the installation again after the process shutdown.<<1704>>

Error: (01/26/2021 08:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RGBFusion.exe, version: 1.0.0.0, time stamp: 0x5d5fa24f
Faulting module name: KERNELBASE.dll, version: 10.0.19041.746, time stamp: 0x197b16c5
Exception code: 0xc000041d
Fault offset: 0x0012a842
Faulting process ID: 0x2520
Faulting application start time: 0x01d6f41d8d7eb30b
Faulting application path: C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 3a0255fa-5e25-4b9b-bade-cf50a35c357e
Faulting package full name:
Faulting package-relative application ID:

Error: (01/26/2021 08:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RGBFusion.exe, version: 1.0.0.0, time stamp: 0x5d5fa24f
Faulting module name: KERNELBASE.dll, version: 10.0.19041.746, time stamp: 0x197b16c5
Exception code: 0xe0434352
Fault offset: 0x0012a842
Faulting process ID: 0x2520
Faulting application start time: 0x01d6f41d8d7eb30b
Faulting application path: C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: bc0f8e1b-34e2-4bf8-84d1-32b3929b8ec0
Faulting package full name:
Faulting package-relative application ID:

Error: (01/26/2021 08:00:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: RGBFusion.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
at System.Diagnostics.Process.Kill()
at SelLEDControl.CommUI.Kill_Process(System.String, Boolean)
at RGBFusion.MainWindow.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (01/26/2021 07:52:42 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (01/26/2021 01:53:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RGBFusion.exe, version: 1.0.0.0, time stamp: 0x5d5fa24f
Faulting module name: KERNELBASE.dll, version: 10.0.19041.746, time stamp: 0x197b16c5
Exception code: 0xc000041d
Fault offset: 0x0012a842
Faulting process ID: 0x216c
Faulting application start time: 0x01d6f39effbbed6e
Faulting application path: C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 7f7b9c30-8bb4-44e5-83be-2dd1670ad75b
Faulting package full name:
Faulting package-relative application ID:

Error: (01/26/2021 01:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RGBFusion.exe, version: 1.0.0.0, time stamp: 0x5d5fa24f
Faulting module name: KERNELBASE.dll, version: 10.0.19041.746, time stamp: 0x197b16c5
Exception code: 0xe0434352
Fault offset: 0x0012a842
Faulting process ID: 0x216c
Faulting application start time: 0x01d6f39effbbed6e
Faulting application path: C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: fd71f7d6-4c29-4ff6-a445-6e1b27571fb6
Faulting package full name:
Faulting package-relative application ID:

Error: (01/26/2021 01:53:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: RGBFusion.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
at System.Diagnostics.Process.Kill()
at SelLEDControl.CommUI.Kill_Process(System.String, Boolean)
at RGBFusion.MainWindow.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)


System errors:
=============
Error: (01/26/2021 08:01:25 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI15

Error: (01/26/2021 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/26/2021 08:00:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKEGAMINGPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2021-01-26 20:03:48.6030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:48.5870000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:47.6310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:47.6220000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:42.5340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:42.5270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 20:03:42.5150000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-01-26 19:53:53.7860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F4 10/04/2018
Motherboard: Gigabyte Technology Co., Ltd. X399 AORUS XTREME-CF
Processor: AMD Ryzen Threadripper 1900X 8-Core Processor
Percentage of memory in use: 14%
Total physical RAM: 65429.04 MB
Available physical RAM: 55964.64 MB
Total Virtual: 75157.04 MB
Available Virtual: 60420.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:208.55 GB) (Free:116.22 GB) NTFS
Drive e: (Gaming Drive) (Fixed) (Total:1863.04 GB) (Free:1457.14 GB) NTFS
Drive g: (Media Hardline) (Fixed) (Total:3725.9 GB) (Free:2987.33 GB) NTFS

\\?\Volume{e374e709-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{3024d580-de67-13e0-3e3b-320bc664b284}\ () (Fixed) (Total:3.43 GB) (Free:0 GB) NTFS
\\?\Volume{8716dade-e274-2cb1-8e9a-7a945a9141e2}\ () (Fixed) (Total:30.39 GB) (Free:0 GB) NTFS
\\?\Volume{9b945542-a714-ec96-d2d1-40070ea79649}\ () (Fixed) (Total:2.69 GB) (Free:0 GB) NTFS
\\?\Volume{321c87fc-325c-da7c-f30e-e54497cbac2a}\ () (Fixed) (Total:6.13 GB) (Free:0 GB) NTFS
\\?\Volume{e374e709-0000-0000-0000-30183a000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: 96EA1F6C)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 9.

==================== End of Addition.txt =======================
 

tedus987

Posts: 207   +2
I have just been informed by my fiancée that her copy of Kaspersky has also ground to a halt. her system is brand new and arround a day old as well as being more powerful than mine.

so it's not something on my system blocking it but an issue with the app itself. I will now be contacting kaspersky.
 

Broni

Posts: 55,721   +501
I don't see anything malicious there.
Being you I'd inquire at Malwarebytes or Kaspersky forum, or both.