Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Windows 10: Schadsoftware bringt Programme zum Absturz

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 21.11.2021, 16:10   #1
TomDev
 
Windows 10: Schadsoftware bringt Programme zum Absturz - Standard

Windows 10: Schadsoftware bringt Programme zum Absturz



Schadsoftware bringt das gerade genutzte Programm zum Absturz.
Wie kann Mann die finden und entfernen?

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Ran by tom (administrator) on TOM-Z390-MASTER (Gigabyte Technology Co., Ltd. Z390 AORUS MASTER) (21-11-2021 15:55:24)
Running from E:\Downloads
Loaded Profiles: tom
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373142.inf_amd64_ed00e225cfc8dfad\B373020\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373142.inf_amd64_ed00e225cfc8dfad\B373020\atiesrxx.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\OnOffCharge2\QCharge.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_518f2921ba495409\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_518f2921ba495409\IntelCpHeciSvc.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nookkin) [File not signed] C:\Applications\MultiscreenBlank2\MultiscreenBlank2.exe
(Oliver Schwendener) [File not signed] C:\Program Files\ueli\ueli.exe <4>
(RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Viewer\vncviewer.exe <3>
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(WinLaunch.org) [File not signed] C:\Program Files\WinLaunch\WinLaunch.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1591560 2020-05-28] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\Run: [RtkAudUService] => "C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_69a2b93320d3df04\RtkAudUService64.exe" -background (No File)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-10-27] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ATNSOFT Key Manager] => C:\Program Files (x86)\ATNSOFT Key Manager\keymanager.exe [3136984 2019-01-04] (ATNSOFT -> ATNSOFT)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-02] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-20] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe [2533880 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267944 2021-11-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [MultiscreenBlank] => C:\Applications\MultiscreenBlank2\MultiscreenBlank2.exe [315392 2021-09-18] (Nookkin) [File not signed]
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-19] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13926752 2021-11-10] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [WinLaunch] => C:\Program Files\WinLaunch\WinLaunch.exe [1731584 2018-10-07] (WinLaunch.org) [File not signed]
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [electron.app.ueli] => C:\Program Files\ueli\ueli.exe [126203904 2021-06-10] (Oliver Schwendener) [File not signed]
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2144704 2021-11-18] (Wargaming.net Limited -> Wargaming.net)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Processor Identification Utility.lnk [2021-10-24]
ShortcutTarget: Intel® Processor Identification Utility.lnk -> C:\Program Files (x86)\Intel Corporation\Intel Processor Identification Utility\ProcID.exe (Intel(R) Processor Identification Utility -> Intel Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B511F7D-1B50-45EB-B589-DF38F1CA8C35} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [257408 2021-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {0ECCEEF7-6BBF-48E0-8413-1476EB206959} - System32\Tasks\cFos\Registration Tasks\Open Browser => "c:\program files\mozilla firefox\firefox.exe" -osint -url "hxxp://localhost:1487/cfosspeed/console.htm" -osint -url "hxxp://localhost:1487/cfosspeed/console.htm" (No File)
Task: {139A543A-B169-44B8-AA75-30BBF4874CCB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1656171C-7856-4104-B015-006EF3037DC5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9DED23DF4360B491 => C:\Program Files\mozilla firefox\default-browser-agent.exe [682936 2021-11-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {3B44395B-CE10-4D32-9F18-D9755903850E} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [389504 2021-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {3C2BF48B-61CA-4B33-9C17-EB938C2D51A0} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {46CE6D82-6492-419A-9900-D9311819B23D} - System32\Tasks\TurboCharger => C:\Program Files (x86)\GIGABYTE\OnOffCharge2\QCharge.exe [1321392 2018-09-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {54C6C9BF-93D5-472D-B952-9DD81306C3A2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [837344 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5F749C64-016D-4C03-BF0B-CB647E831864} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {6284652E-3441-451C-AC6C-785CB53F1602} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {7E819D62-5970-4EE3-AD4C-C169EEB5B904} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {7F4AED47-41C1-418D-85EF-9F7CD7E32FD3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8C9D294A-AF66-4F54-924D-57655B3518F3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3826085885-2121510062-472148381-500 => C:\Users\tom\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {A720E86D-135D-451A-B909-31FBFDEA2EE2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CADC072A-0675-43C5-B516-F4259EDD94DB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D24225B4-A178-49F8-875B-157CF8ACB691} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E60B12C1-BA2F-4901-BD50-A13EF96961EC} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {F79C7C1B-9925-4369-80AD-DDCCDC78F870} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {F83950AA-9306-44CF-872B-5BD3CBA0BDF1} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [19840 2021-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 15 C:\Windows\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{70f2f577-d247-47b6-97f3-ee07236344e3}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tom\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-15]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\tom\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2021-11-15]

FireFox:
========
FF DefaultProfile: 4w5psqrb.default
FF ProfilePath: C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\ps2t8uhg.default-release-1 [2021-03-29]
FF Extension: (Dark Reader) - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\ps2t8uhg.default-release-1\Extensions\addon@darkreader.org.xpi [2021-03-07]
FF ProfilePath: C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\4w5psqrb.default [2021-01-28]
FF ProfilePath: C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9r36eex1.default-release [2021-11-21]
FF DownloadDir: E:\Downloads
FF Session Restore: Mozilla\Firefox\Profiles\9r36eex1.default-release -> is enabled.
FF Extension: (Dark Reader) - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9r36eex1.default-release\Extensions\addon@darkreader.org.xpi [2021-11-09]
FF Extension: (uBlock Origin) - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9r36eex1.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-21]
FF Extension: (Dark Mode) - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\9r36eex1.default-release\Extensions\{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2021-08-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-11-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-07] (Giga-Byte Technology -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [611080 2020-05-28] (cFos Software GmbH -> cFos Software GmbH)
R2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9875352 2021-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-03-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [147328 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [18944 2021-04-09] () [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1990496 2021-11-10] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [130432 2021-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11162688 2021-11-19] (Logitech Inc -> Logitech, Inc.)
S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [304640 2021-11-12] (Microsoft Windows -> Microsoft Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2052400 2021-11-13] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amducsi; C:\Windows\System32\drivers\amducsi.sys [74016 2021-07-09] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0373142.inf_amd64_ed00e225cfc8dfad\B373020\amdkmdag.sys [80536104 2021-11-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [2028336 2020-05-28] (cFos Software GmbH -> cFos Software GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183408 2021-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [124496 2021-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2021-10-25] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [201984 2021-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43920 2021-10-27] (ESET, spol. s r.o. -> ESET)
R2 EnergyDriver; C:\Program Files\Intel\Power Gadget 3.6\EnergyDriver.sys [26376 2020-12-07] (Intel Corporation -> )
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [69736 2021-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107456 2021-10-27] (ESET, spol. s r.o. -> ESET)
S3 fiddrv64; no ImagePath
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2021-09-02] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:\Windows\gdrv3.sys [36352 2021-05-10] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 logi_audio_surround; C:\Windows\system32\drivers\logi_audio_surround.sys [44096 2021-02-24] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-04-03] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-04-03] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-04-03] (Logitech Inc -> Logitech)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2021-05-12] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 UimBus; C:\Windows\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\Windows\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [60344 2021-10-21] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [67072 2021-10-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-21 15:54 - 2021-11-21 15:55 - 000000000 ____D C:\FRST
2021-11-19 19:32 - 2021-11-19 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-11-19 19:32 - 2021-11-19 19:32 - 000000000 ____D C:\Program Files\LGHUB
2021-11-17 17:22 - 2021-11-17 17:22 - 000000000 ____D C:\Users\Public\AppData\Local\F-Secure
2021-11-17 17:22 - 2021-11-17 17:22 - 000000000 ____D C:\Users\Default\AppData\Local\F-Secure
2021-11-17 17:22 - 2021-11-17 17:22 - 000000000 ____D C:\ProgramData\AppData\Local\F-Secure
2021-11-16 20:14 - 2021-11-16 20:15 - 001953188 _____ C:\Windows\Minidump\111621-10046-01.dmp
2021-11-15 21:01 - 2021-11-15 21:01 - 002110044 _____ C:\Windows\Minidump\111521-9906-01.dmp
2021-11-15 17:45 - 2021-10-21 21:02 - 000114232 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2021-11-15 17:45 - 2021-10-21 21:02 - 000060344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2021-11-15 17:45 - 2021-08-16 18:23 - 000048224 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2021-11-15 17:45 - 2021-08-16 18:23 - 000044128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2021-11-15 17:44 - 2021-11-15 17:44 - 000000000 ____D C:\Program Files\Common Files\VMware
2021-11-15 17:44 - 2021-10-21 21:08 - 001301880 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2021-11-15 17:44 - 2021-10-21 21:07 - 000426360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2021-11-15 17:44 - 2021-10-21 21:07 - 000381816 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2021-11-15 17:44 - 2021-10-21 21:06 - 000119792 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
2021-11-15 17:44 - 2021-10-21 21:06 - 000044544 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2021-11-15 17:44 - 2021-10-11 04:26 - 000084480 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2021-11-15 17:12 - 2021-11-15 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-11-15 17:12 - 2021-11-15 17:12 - 000000000 ____D C:\ProgramData\ESET
2021-11-15 17:12 - 2021-11-15 17:12 - 000000000 ____D C:\Program Files\ESET
2021-11-15 16:59 - 2021-11-15 17:13 - 000000000 ____D C:\Users\tom\AppData\Local\ESET
2021-11-15 16:59 - 2021-11-15 16:59 - 000000575 _____ C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-15 16:48 - 2021-11-17 17:22 - 000000000 ____D C:\Users\tom\AppData\Local\F-Secure
2021-11-15 16:48 - 2021-11-17 17:22 - 000000000 ____D C:\ProgramData\F-Secure
2021-11-14 17:09 - 2021-11-14 18:53 - 000000000 ____D C:\Users\tom\AppData\Roaming\Notepad++
2021-11-14 17:06 - 2021-11-14 17:06 - 000000595 _____ C:\Users\tom\Documents\Windows Apps.txt
2021-11-13 16:59 - 2021-11-13 16:59 - 000000000 ____D C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.2.1
2021-11-13 15:53 - 2021-11-13 15:53 - 000231818 _____ C:\Users\tom\Documents\bookmarks.html
2021-11-12 02:40 - 2021-11-12 02:40 - 001328408 _____ C:\Windows\system32\FaceTrackerInternal.dll
2021-11-12 02:40 - 2021-11-12 02:40 - 001321984 _____ C:\Windows\system32\FaceProcessor.dll
2021-11-12 02:40 - 2021-11-12 02:40 - 000503576 _____ C:\Windows\system32\FaceProcessorCore.dll
2021-11-12 02:40 - 2021-11-12 02:40 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-12 02:40 - 2021-11-12 02:40 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-12 02:40 - 2021-11-12 02:40 - 000151352 _____ C:\Windows\system32\nmscrub.exe
2021-11-12 02:40 - 2021-11-12 02:40 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-12 02:40 - 2021-11-12 02:40 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-12 02:37 - 2021-11-12 02:37 - 000000000 ___HD C:\$WinREAgent
2021-11-10 02:41 - 2021-11-10 02:41 - 000000000 ____D C:\ProgramData\Twitch
2021-11-10 01:47 - 2021-11-10 01:47 - 000000000 ____D C:\Users\tom\AppData\Local\IO Interactive
2021-11-10 01:46 - 2021-11-10 01:46 - 000000000 ____D C:\Users\tom\AppData\Roaming\IO Interactive
2021-11-05 02:32 - 2021-11-07 01:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-04 02:32 - 2021-11-04 02:32 - 000000000 ____D C:\Users\tom\AppData\Local\DBG
2021-11-04 02:32 - 2021-11-04 02:32 - 000000000 ____D C:\Users\tom\AppData\Local\CrashReportClient
2021-11-04 02:27 - 2021-11-04 02:27 - 000000000 ____D C:\Users\tom\AppData\LocalLow\The Irregular Corp
2021-11-04 02:27 - 2021-11-04 02:27 - 000000000 ____D C:\Users\tom\AppData\Local\Epic Games
2021-11-04 01:30 - 2021-11-04 01:30 - 000000000 ____D C:\Users\tom\AppData\LocalLow\AMD
2021-11-04 01:26 - 2021-11-21 15:23 - 000003114 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-11-04 01:26 - 2021-11-04 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-11-04 01:26 - 2021-11-04 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-11-04 01:26 - 2021-11-04 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-11-04 01:23 - 2021-11-03 01:35 - 001860656 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 001860656 _____ C:\Windows\system32\vulkaninfo.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 001440320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 001440320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 001107176 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 001107176 _____ C:\Windows\system32\vulkan-1.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000959872 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000959872 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000788528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000665648 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000548912 _____ C:\Windows\system32\GameManager64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000492096 _____ C:\Windows\system32\dgtrayicon.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 000482864 _____ C:\Windows\system32\EEURestart.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 000410160 _____ C:\Windows\SysWOW64\GameManager32.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000335408 _____ C:\Windows\system32\clinfo.exe
2021-11-04 01:23 - 2021-11-03 01:35 - 000193072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000172592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000149552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000134208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000082480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000067120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000038464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000035376 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000019928 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2021-11-04 01:23 - 2021-11-03 01:35 - 000019920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 084027968 _____ C:\Windows\system32\amd_comgr.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 069085760 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 001528352 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 001386528 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000839744 _____ (AMD) C:\Windows\system32\atieclxx.exe
2021-11-04 01:23 - 2021-11-03 01:34 - 000516136 _____ C:\Windows\system32\atieah64.exe
2021-11-04 01:23 - 2021-11-03 01:34 - 000460352 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000384552 _____ C:\Windows\SysWOW64\atieah32.exe
2021-11-04 01:23 - 2021-11-03 01:34 - 000251968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000211008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000193424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000170032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000158256 _____ (AMD) C:\Windows\system32\atimuixx.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000157352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000141856 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000132656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000130592 _____ C:\Windows\system32\atidxx64.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000124968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000122944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000104488 _____ C:\Windows\SysWOW64\atidxx32.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000101424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2021-11-04 01:23 - 2021-11-03 01:34 - 000061992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 069800496 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 001689392 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 001368248 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000933416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000760880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000548912 _____ C:\Windows\system32\amdgfxinfo64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000535576 _____ C:\Windows\system32\amdmiracast.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000458272 _____ C:\Windows\system32\amdlogum.exe
2021-11-04 01:23 - 2021-11-03 01:33 - 000412208 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000150088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000139712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000139704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000125608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000111072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2021-11-04 01:23 - 2021-11-03 01:33 - 000111064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2021-11-04 01:23 - 2021-10-28 07:44 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2021-11-04 01:23 - 2021-10-28 07:44 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2021-11-04 01:23 - 2021-10-28 07:22 - 058565784 _____ C:\Windows\system32\amdxc64.so
2021-11-04 01:23 - 2021-10-28 07:22 - 000562704 _____ C:\Windows\SysWOW64\atiapfxx.blb
2021-11-04 01:23 - 2021-10-28 07:22 - 000562704 _____ C:\Windows\system32\atiapfxx.blb
2021-11-01 20:36 - 2021-11-01 20:30 - 000002017 _____ C:\Users\tom\Documents\W10 Key.txt
2021-10-31 21:06 - 2021-10-31 21:06 - 000000000 ____D C:\Users\tom\Documents\FeedbackHub
2021-10-29 02:00 - 2021-10-29 02:00 - 000000000 ____D C:\ProgramData\EaseUS Todo PCTrans
2021-10-27 15:14 - 2021-10-27 15:14 - 000201984 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2021-10-27 15:14 - 2021-10-27 15:14 - 000183408 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2021-10-27 15:14 - 2021-10-27 15:14 - 000124496 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2021-10-27 15:14 - 2021-10-27 15:14 - 000107456 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2021-10-27 15:14 - 2021-10-27 15:14 - 000069736 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2021-10-27 15:14 - 2021-10-27 15:14 - 000043920 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2021-10-27 00:34 - 2021-10-31 22:57 - 000000000 ____D C:\Users\tom\AppData\Roaming\ProMod
2021-10-26 23:37 - 2021-10-26 23:37 - 000003755 _____ C:\Users\tom\Documents\CPU-Mitigations.txt
2021-10-26 23:26 - 2021-10-27 00:16 - 000000000 ____D C:\Users\tom\AppData\Roaming\Wargaming.net
2021-10-26 23:25 - 2021-10-26 23:27 - 000000000 ____D C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-10-26 15:28 - 2021-10-26 15:28 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-26 15:28 - 2021-10-26 15:28 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-26 02:06 - 2021-10-26 02:06 - 000000000 ____D C:\ProgramData\Wargaming.net
2021-10-26 01:16 - 2021-10-26 01:18 - 000000400 __RSH C:\ProgramData\ntuser.pol
2021-10-26 01:16 - 2021-10-26 01:16 - 000000000 ____D C:\Users\tom\AppData\Local\Rufus
2021-10-26 01:13 - 2021-10-26 01:13 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-10-26 01:12 - 2021-10-26 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2021-10-26 01:12 - 2021-10-26 01:12 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-10-25 17:30 - 2021-10-25 17:30 - 000015824 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2021-10-24 01:45 - 2021-10-24 01:45 - 000002689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Processor Diagnostic Tool 64bit.lnk
2021-10-24 01:45 - 2021-10-24 01:45 - 000000000 ____D C:\Program Files\Intel Corporation
2021-10-22 01:07 - 2021-10-22 01:07 - 000000000 ____D C:\Users\tom\AppData\Local\ATI
2021-10-22 01:04 - 2021-11-21 15:23 - 000003074 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-10-22 01:04 - 2021-11-04 01:26 - 000003488 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2021-10-22 01:04 - 2021-11-04 01:26 - 000000000 ____D C:\Users\tom\AppData\Local\AMD
2021-10-22 01:03 - 2021-11-04 01:26 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-10-22 01:03 - 2021-11-04 01:26 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2021-10-22 01:03 - 2021-10-28 07:56 - 002413536 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2021-10-22 01:02 - 2021-11-04 01:26 - 000000000 ____D C:\Program Files\AMD
2021-10-22 01:02 - 2021-10-22 01:04 - 000000000 ____D C:\ProgramData\AMD
2021-10-22 01:01 - 2021-10-22 01:01 - 000000000 ____D C:\Users\tom\AppData\Roaming\ATI

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-21 15:55 - 2021-01-18 04:53 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-21 15:29 - 2021-01-28 23:35 - 000000000 ____D C:\Users\tom\AppData\LocalLow\Mozilla
2021-11-21 15:29 - 2020-11-19 08:54 - 000845070 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-21 15:29 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-11-21 15:26 - 2021-01-20 01:31 - 000000000 ____D C:\Users\tom\AppData\Local\RealVNC
2021-11-21 15:25 - 2021-01-28 23:35 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-21 15:23 - 2021-09-08 21:33 - 000000000 ____D C:\Users\tom\AppData\Roaming\ueli
2021-11-21 15:23 - 2021-02-24 03:28 - 000000000 ____D C:\Users\tom\AppData\Roaming\LGHUB
2021-11-21 15:23 - 2021-02-24 03:28 - 000000000 ____D C:\Users\tom\AppData\Local\LGHUB
2021-11-21 15:23 - 2021-01-18 06:19 - 000001156 _____ C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cFosSpeed.lnk
2021-11-21 15:22 - 2021-04-10 23:06 - 000000000 ____D C:\ProgramData\VMware
2021-11-21 15:22 - 2021-01-19 23:24 - 000000000 __SHD C:\Users\tom\IntelGraphicsProfiles
2021-11-21 15:22 - 2021-01-19 23:24 - 000000000 ____D C:\Intel
2021-11-21 15:22 - 2021-01-18 00:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-21 15:22 - 2020-11-19 08:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-21 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-11-21 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-20 18:05 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-20 18:03 - 2021-04-03 20:33 - 000000000 ____D C:\Users\tom\AppData\Local\CrashDumps
2021-11-20 18:03 - 2021-02-10 02:37 - 000000000 ____D C:\Users\tom\AppData\Roaming\WeMod
2021-11-20 16:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-11-20 16:51 - 2021-01-17 16:56 - 000000000 ____D C:\Users\tom\AppData\Local\AMD_Common
2021-11-20 16:49 - 2021-02-24 03:27 - 000000000 ____D C:\ProgramData\LGHUB
2021-11-19 19:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-18 17:19 - 2021-01-20 00:02 - 000000000 ____D C:\Users\tom\AppData\Local\Ubisoft Game Launcher
2021-11-18 16:53 - 2020-11-19 08:46 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-18 16:53 - 2020-11-19 08:46 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-17 17:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-11-16 20:56 - 2021-01-17 16:17 - 000000000 ____D C:\Users\tom
2021-11-16 20:14 - 2021-05-12 22:43 - 000000000 ____D C:\Windows\Minidump
2021-11-16 20:14 - 2020-11-19 08:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-15 17:44 - 2021-04-10 23:06 - 000859078 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-11-15 17:42 - 2021-04-11 03:15 - 000000000 ____D C:\Users\tom\AppData\Local\VMware
2021-11-15 17:39 - 2021-04-11 03:15 - 000000000 ____D C:\Users\tom\AppData\Roaming\VMware
2021-11-15 16:53 - 2021-01-17 16:19 - 000000000 ____D C:\Users\tom\AppData\Local\D3DSCache
2021-11-14 18:52 - 2021-02-10 02:37 - 000000000 ____D C:\Users\tom\AppData\Local\WeMod
2021-11-14 18:52 - 2021-02-10 02:37 - 000000000 ____D C:\Users\tom\AppData\Local\SquirrelTemp
2021-11-14 17:09 - 2021-09-19 16:00 - 000000830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-11-14 16:36 - 2020-11-19 08:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-14 16:28 - 2020-11-19 08:48 - 000000000 ____D C:\ProgramData\Packages
2021-11-13 17:05 - 2021-02-17 18:23 - 000000000 ____D C:\Users\tom\AppData\Local\ElevatedDiagnostics
2021-11-13 16:59 - 2021-09-08 22:54 - 000000000 ____D C:\Program Files\EqualizerAPO
2021-11-13 15:37 - 2021-09-09 14:20 - 000000000 ____D C:\Users\tom\Documents\Trackmania
2021-11-13 15:37 - 2021-09-09 14:20 - 000000000 ____D C:\ProgramData\Trackmania
2021-11-13 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-11-13 01:36 - 2020-11-19 08:43 - 000267376 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-13 01:35 - 2021-09-06 17:24 - 000000000 ____D C:\Users\tom\AppData\Roaming\itch
2021-11-13 01:35 - 2021-04-11 03:31 - 000000000 ___SD C:\Windows\SysWOW64\lxss
2021-11-13 01:35 - 2021-04-11 03:31 - 000000000 ___SD C:\Windows\system32\lxss
2021-11-13 01:35 - 2019-12-07 10:54 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-13 01:35 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-13 01:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-13 01:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-11-13 01:27 - 2021-09-06 17:12 - 000000000 ____D C:\Users\tom\AppData\Local\Battle.net
2021-11-13 00:17 - 2021-09-06 17:24 - 000000000 ____D C:\Users\tom\AppData\Roaming\gops
2021-11-13 00:04 - 2021-09-06 17:26 - 000000000 ____D C:\Program Files\EA Games
2021-11-12 23:56 - 2021-09-06 17:11 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-11-12 02:42 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-12 02:35 - 2021-01-30 23:14 - 000000000 ____D C:\Windows\system32\MRT
2021-11-12 02:34 - 2021-01-30 23:14 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-10 02:35 - 2021-09-06 17:20 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-11-10 01:31 - 2021-01-18 05:07 - 000000000 ____D C:\Applications
2021-11-07 01:46 - 2021-01-28 23:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-06 01:50 - 2021-02-13 01:53 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-06 01:50 - 2021-01-28 23:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-04 01:24 - 2020-11-19 08:43 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-11-04 01:23 - 2021-01-17 16:49 - 000000000 ____D C:\AMD
2021-11-03 01:34 - 2021-10-07 19:02 - 001839656 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2021-11-03 01:34 - 2021-10-07 19:02 - 001386528 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2021-11-03 01:33 - 2021-10-07 19:01 - 000202680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2021-11-03 01:33 - 2021-10-07 19:01 - 000170232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2021-11-02 01:48 - 2021-01-17 16:18 - 000000000 ____D C:\Users\tom\AppData\Local\Packages
2021-11-01 21:20 - 2021-03-02 23:38 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-11-01 21:20 - 2021-01-18 05:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-31 16:30 - 2021-09-11 00:04 - 000003652 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-10-29 13:04 - 2021-07-30 13:17 - 000586680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrsr.exe
2021-10-29 13:04 - 2021-07-30 13:17 - 000147872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendr.sys
2021-10-29 13:04 - 2021-07-30 13:17 - 000025016 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendrmgr.sys
2021-10-27 00:05 - 2021-01-17 16:51 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-26 23:52 - 2021-03-07 16:37 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-10-26 23:52 - 2021-03-07 16:36 - 000000000 ____D C:\Program Files\Rockstar Games
2021-10-26 01:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-10-26 01:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-10-24 01:43 - 2021-04-19 19:10 - 000002502 _____ C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel® Processor Identification Utility.lnk
2021-10-22 01:04 - 2021-01-17 16:19 - 000000000 ____D C:\Windows\system32\AMD

==================== Files in the root of some directories ========

2021-01-18 06:04 - 2021-01-19 23:35 - 002128896 _____ () C:\Users\tom\AppData\Local\file__0.localstorage

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021
Ran by tom (21-11-2021 15:56:15)
Running from E:\Downloads
Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) (2021-01-17 15:14:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3826085885-2121510062-472148381-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3826085885-2121510062-472148381-503 - Limited - Disabled)
Guest (S-1-5-21-3826085885-2121510062-472148381-501 - Limited - Disabled)
tom (S-1-5-21-3826085885-2121510062-472148381-1001 - Administrator - Enabled) => C:\Users\tom
WDAGUtilityAccount (S-1-5-21-3826085885-2121510062-472148381-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.0414.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.0414.1 - GIGABYTE)
3DOSD (HKLM-x32\...\{F0D1FAA5-F9F8-4524-9B65-A5BFDDD5A29B}) (Version: 1.00.0051 - GIGABYTE) Hidden
3DOSD (HKLM-x32\...\InstallShield_{F0D1FAA5-F9F8-4524-9B65-A5BFDDD5A29B}) (Version: 1.00.0051 - GIGABYTE)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Amazon Games (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.1.5699.1 - Amazon.com Services, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.11.1 - Advanced Micro Devices, Inc.)
AntiMicro (HKLM-x32\...\{584F5685-C0E5-4D84-B6F2-045B801A0BA1}) (Version: 2.20.2 - AntiMicro)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.21.0426.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.21.0426.1 - GIGABYTE)
AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 7.3 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CloudStation (HKLM-x32\...\{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0028 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0028 - GIGABYTE)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.161.5048 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{da57370a-5d54-48a5-948a-1185bfea35a0}) (Version: 12.0.161.5048 - Electronic Arts)
EaseUS Todo PCTrans 12.2 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.0414.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.0414.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0427.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0427.1 - GIGABYTE)
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0f607f07-7957-4887-9d5e-be8efe9595a9}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{33f042cf-0ae3-4241-b8c8-7f544533ea8e}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
ESET Security (HKLM\...\{4DB10B50-978B-4DB0-8127-79F8D302AC5A}) (Version: 15.0.18.0 - ESET, spol. s r.o.)
Everything 1.4.1.1009 (x64) (HKLM\...\Everything) (Version: 1.4.1.1009 - voidtools)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.0414.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.0414.1 - GIGABYTE)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0007 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0007 - Gigabyte)
Gigabyte Speed 11.04 (HKLM\...\Gigabyte Speed) (Version: 11.04 - cFos Software GmbH, Bonn)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWiNFO64 Version 7.10 (HKLM\...\HWiNFO64_is1) (Version: 7.10 - Martin Malik - REALiX)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{6E05E656-6ED8-49DE-AA9C-C4677F7086C5}) (Version: 4.1.5 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{ff864c57-6291-492e-9245-1ac896bfcba3}) (Version: 7.5.1.3 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Network Connections 25.4.0.6 (HKLM\...\PROSetDX) (Version: 25.4.0.6 - Intel)
Intel(R) Power Gadget 3.6 (HKLM\...\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}) (Version: 3.6 - Intel)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Processor Identification Utility (HKLM-x32\...\{9D71B3E2-1887-416C-8E37-81EE12101B96}) (Version: 6.6.15.0316 - Intel Corporation)
itch (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\itch) (Version: 25.5.1 - itch corp.)
Key Manager 1.13 (HKLM-x32\...\Key Manager_is1) (Version: 1.13.0.416 - ATNSOFT)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.12.4779 - Logitech)
MacroRecorder v2.0.68 (HKLM-x32\...\MacroRecorder_is1) (Version: 2.0.68 - Bartels Media GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{f407f141-a702-406f-beab-318b6291e9bd}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.1 (x64 en-US)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.9.1 - Notepad++ Team)
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE) Hidden
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE)
Paragon Backup & Recovery™ 17 CE (HKLM\...\{505143F0-48A3-4ABD-A1FE-F77425BFBF66}) (Version: 17.9.3.4927 - Paragon Software) Hidden
Paragon Backup & Recovery™ 17 CE (HKLM-x32\...\{37102375-99b6-4ec1-af7d-ec77bb61cd49}) (Version: 17.9.3.4927 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{49AED3CA-E137-4E65-9555-D05C60281BAC}) (Version: 24.60.0.460 - Paragon Software) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Peace (HKLM\...\Peace) (Version: 1.5.9.1 - P.E. Verbeek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.21.0420.1 - GIGABYTE)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.51.568 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.0426.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.0426.1 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.18.0911.1 - GIGABYTE)
SmartHUD (HKLM-x32\...\{9809628D-07F9-4D28-A3E8-CCCB8250430A}) (Version: 1.18.0731.1 - GIGABYTE) Hidden
SmartHUD (HKLM-x32\...\InstallShield_{9809628D-07F9-4D28-A3E8-CCCB8250430A}) (Version: 1.18.0731.1 - GIGABYTE)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version:  - Ubisoft)
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version:  - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
ueli 8.13.0 (HKLM\...\cfbc84b5-4a27-5e8d-8800-3f9c64bdb18d) (Version: 8.13.0 - Oliver Schwendener)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
USB DAC-UP2 (HKLM-x32\...\{3F99EB82-D129-4B27-9ECF-B5F549FCC53B}) (Version: 1.19.0226.1 - GIGABYTE) Hidden
USB DAC-UP2 (HKLM-x32\...\InstallShield_{3F99EB82-D129-4B27-9ECF-B5F549FCC53B}) (Version: 1.19.0226.1 - GIGABYTE)
VcXsrv (HKLM\...\VcXsrv) (Version: 1.20.9.0 - marha@users.sourceforge.net)
VNC Viewer 6.20.529 (HKLM\...\{DCF5BBEA-3BDB-4E03-BF06-03836F320CA6}) (Version: 6.20.529.42646 - RealVNC Ltd)
Wargaming.net Game Center (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\Wargaming.net Game Center) (Version: 21.7.3.7062 - Wargaming.net)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WeMod (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\WeMod) (Version: 7.1.21 - WeMod)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
WinLaunch (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\WinLaunch) (Version:  - )
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WizTree v4.01 (HKLM\...\WizTree_is1) (Version: 4.01 - Antibody Software)
World of Tanks EU (HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)

Packages:
=========
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-09-02] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Ubuntu 20.04 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu20.04onWindows_2004.2021.825.0_x64__79rhkp1fndgsc [2021-09-02] (Canonical Group Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\tom\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-3826085885-2121510062-472148381-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Applications\Notepad++\NppShell_06.dll [2021-08-21] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-10-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-10-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2021-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2021-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-11-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-10-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-11-19 19:32 - 2021-11-19 15:15 - 000635904 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-11-21 15:23 - 2021-11-21 15:23 - 001453056 _____ () [File not signed] \\?\C:\Users\tom\AppData\Local\Temp\c7132610-88ae-45a8-aa8a-3703258426d1.tmp.node
2021-02-22 00:41 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-02-22 00:41 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-02-22 00:41 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-06-10 12:21 - 2019-06-10 12:21 - 000668160 _____ () [File not signed] C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2017-07-08 11:52 - 2017-07-08 11:52 - 002983917 _____ () [File not signed] C:\Program Files\EqualizerAPO\libfftw3f-3.dll
2015-11-22 21:05 - 2015-11-22 21:05 - 001530880 _____ () [File not signed] C:\Program Files\EqualizerAPO\libsndfile-1.dll
2021-09-08 21:33 - 2021-06-10 15:01 - 002823680 _____ () [File not signed] C:\Program Files\ueli\ffmpeg.dll
2021-09-08 21:33 - 2021-06-10 15:01 - 000449024 _____ () [File not signed] C:\Program Files\ueli\libegl.dll
2021-09-08 21:33 - 2021-06-10 15:01 - 007620096 _____ () [File not signed] C:\Program Files\ueli\libglesv2.dll
2021-10-28 02:27 - 2021-10-28 02:27 - 001711616 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2021-03-09 22:00 - 2021-03-09 22:00 - 000205824 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV3.dll
2021-03-09 22:00 - 2021-03-09 22:00 - 000205824 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\SIV\yccV3.dll
2021-01-19 23:28 - 2013-03-08 20:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\RescuePlan.dll
2021-01-19 23:28 - 2014-09-16 01:52 - 000705536 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\srpCore.dll
2021-05-17 13:28 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2021-02-22 00:41 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-11-19 20:19 - 2021-11-19 20:19 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2020-12-16 18:08 - 2020-12-16 18:08 - 002001920 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-3826085885-2121510062-472148381-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3826085885-2121510062-472148381-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2021-04-11 04:12 - 2021-04-19 18:10 - 000000442 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.28.80.1 tom-Z390-MASTER.mshome.net # 2026 4 6 18 17 10 14 986

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Player\bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tom\Pictures\Wallpapers\Wallpaper 2.jfif
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "ATNSOFT Key Manager"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\StartupFolder: => "Intel® Processor Identification Utility.lnk"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3826085885-2121510062-472148381-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6F23A3BC-EB11-4087-A978-178265C3E23B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29441DA5-BCF4-415E-87D4-1FE5F553330C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{388C929C-9C38-4946-A895-3C2212633662}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F41C08F2-8DA9-4ED2-95BE-9A5DAC200590}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F86261A6-AFE1-4DE2-811B-E958705EA982}] => (Allow) LPort=9009
FirewallRules: [{389C7745-BE8D-4E4C-BF4A-FDFD6C780340}] => (Allow) LPort=9009
FirewallRules: [{8BE2EE1E-7AD1-426F-9319-BC2169E485E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{356DADE9-E8B2-4E59-B41D-973187A0BE16}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{A928A5C4-0DD0-49D7-8E3B-E06EE8897BE7}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{EA85B3BD-6D13-482F-9E7E-37CF312781D1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{7598F128-E727-4A5E-8DBF-318F6AAAA096}] => (Allow) LPort=9009
FirewallRules: [{ECD63EB9-EE8C-411E-A4A5-A4867381A8BA}] => (Allow) LPort=9009
FirewallRules: [{34BE9E20-B532-4AE4-9B4D-EAF67099D935}] => (Allow) LPort=9009
FirewallRules: [{32F5E10F-B6B0-4C27-942F-EC4C4F0E032F}] => (Allow) LPort=9009
FirewallRules: [{1A7FD76A-4B44-4846-8C47-048EBF05E09B}] => (Allow) LPort=9009
FirewallRules: [{DF1407FF-9B9A-4A5E-B5C2-1440A8DD2240}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19069755-F7AA-44B1-85AF-558A2595F32C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90F45020-5A38-4EBB-AB1E-E23D92C2288A}] => (Allow) LPort=9009
FirewallRules: [{32B23756-9C8E-47DC-A491-5A9ADE834B93}] => (Allow) LPort=9009
FirewallRules: [{66FFE109-088D-4D5A-8FB5-316763190A19}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{53DF4297-FBF1-45F3-A42B-ED4D56ACD411}D:\tom clancy's ghost recon wildlands\grw.exe] => (Allow) D:\tom clancy's ghost recon wildlands\grw.exe => No File
FirewallRules: [UDP Query User{9C199B01-9E0E-46E4-A184-F8D4F26C2516}D:\tom clancy's ghost recon wildlands\grw.exe] => (Allow) D:\tom clancy's ghost recon wildlands\grw.exe => No File
FirewallRules: [{079BB20C-77D1-426A-AD68-5ABCE3F15FC1}] => (Allow) LPort=9009
FirewallRules: [{3230525D-598C-40B7-B66B-4F4882183FE9}] => (Allow) LPort=9009
FirewallRules: [{B2095A72-787C-49B9-B8E2-74602BC599E5}] => (Allow) LPort=9009
FirewallRules: [{14C8ED2E-50BC-4DAC-B783-FD9393C66809}] => (Allow) LPort=9009
FirewallRules: [{A7CFC256-239F-4020-8EB4-16505D185433}] => (Allow) LPort=9009
FirewallRules: [{2F59A990-8965-421E-AB86-DAD4C670E2E6}] => (Allow) LPort=9009
FirewallRules: [{2CE49375-8CFC-40AF-BA12-FAD725CFD62B}] => (Allow) LPort=9009
FirewallRules: [{4B3B9BF7-04C6-4E6D-A39A-36707C08DFFB}] => (Allow) LPort=9009
FirewallRules: [{E142743D-3571-4178-8EE1-243539B8DD40}] => (Allow) LPort=9009
FirewallRules: [{33F0AF6B-1303-4D36-B097-2BF18B799AF6}] => (Allow) LPort=9009
FirewallRules: [{A6AF10BE-0415-406B-88B3-B148539273EA}] => (Allow) LPort=9009
FirewallRules: [{D5DEF447-EBCE-4852-8BD0-856A1202D8D6}] => (Allow) LPort=9009
FirewallRules: [{C7A73FD7-DEED-4D17-9FEC-026C7B3B04D3}] => (Allow) LPort=9009
FirewallRules: [{E8638133-B68C-4A12-9DD0-E814A208BF48}] => (Allow) LPort=9009
FirewallRules: [{DCB6D2EF-131C-4104-BE07-E1131987C260}] => (Allow) LPort=9009
FirewallRules: [{BC38F554-E744-4782-9827-F27B62C96525}] => (Allow) LPort=9009
FirewallRules: [{17A4EE82-E4D0-4693-96B4-4295A9E9B955}] => (Allow) LPort=9009
FirewallRules: [{54E5C1ED-3537-4C61-8DC9-7274A521F7E5}] => (Allow) LPort=9009
FirewallRules: [{72BBB4E4-FC1F-4CA1-A3C9-4EC8AF68CA93}] => (Allow) LPort=9009
FirewallRules: [{4C20C453-3A76-4B04-AB02-55AB5E834CEE}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{57DD6E38-4450-48F7-B762-EA0DD206A1DB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{03D439EF-417A-4F34-88C2-70A898321591}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{243B00C5-F59A-495E-8DFB-26071B37570E}] => (Allow) LPort=9009
FirewallRules: [{30514451-E801-4E09-897B-A6D6861DD15F}] => (Allow) LPort=9009
FirewallRules: [{CA6DC693-1034-4070-A0F2-461EE2576DFA}] => (Allow) LPort=9009
FirewallRules: [{824EE8F1-87FD-429E-A42E-D466A9A7711D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{C8B60112-0792-45AD-85BB-DC59D22936AC}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DE4DBCFD-814D-41AA-BDA1-2544DDCD89ED}] => (Allow) LPort=9009
FirewallRules: [{2835F3A9-0129-4E7C-829B-99B5BB3019F6}] => (Allow) LPort=9009
FirewallRules: [{35292530-C6EE-4757-B688-814ED104C1A0}] => (Allow) LPort=9009
FirewallRules: [{A4B2DE98-41F0-4BE3-B381-96403335A7A2}] => (Allow) LPort=9009
FirewallRules: [{EABE53FB-9BEF-4A4C-9400-5A93F09FE4F2}] => (Allow) LPort=9009
FirewallRules: [{E4CE623F-2F28-4665-9CD6-4A4229401971}] => (Allow) LPort=9009
FirewallRules: [{E92E87E5-D5BC-4EFA-B9EA-D37692202A7A}] => (Allow) LPort=9009
FirewallRules: [{2718562A-52E6-4057-BF7D-1A863E1DE2C2}] => (Allow) LPort=9009
FirewallRules: [{3984CA56-D14F-4FFF-9BD9-29BD927187AE}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{0E149DD8-D43F-4F0E-A219-BCA4C4A01D0C}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FBFB3527-9018-4D12-9107-F4FA068AEFBA}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [{C1F9C58D-2555-4B79-9710-ED25FBBAACE2}] => (Allow) LPort=9009
FirewallRules: [{D0DEF63A-D6ED-4590-BA8F-F1AC49E3013E}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{CD39E288-72EA-4C8D-AA79-6EF170413376}E:\forhonor\forhonor.exe] => (Allow) E:\forhonor\forhonor.exe => No File
FirewallRules: [UDP Query User{839B0C0C-20B8-4E6C-8BD1-82261938DCBD}E:\forhonor\forhonor.exe] => (Allow) E:\forhonor\forhonor.exe => No File
FirewallRules: [{5566A6C4-6527-476F-B383-8DAC87BEC78F}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{7492F827-7A57-4594-B425-0EE689F388BF}E:\ubisoftlibrary\forhonor\forhonor.exe] => (Allow) E:\ubisoftlibrary\forhonor\forhonor.exe => No File
FirewallRules: [UDP Query User{BBE69C2C-DD2F-44F9-B37D-C19DB055317C}E:\ubisoftlibrary\forhonor\forhonor.exe] => (Allow) E:\ubisoftlibrary\forhonor\forhonor.exe => No File
FirewallRules: [{82515AE1-F1E0-4CBF-B794-51D070A32092}] => (Allow) LPort=9009
FirewallRules: [{80670A67-7077-4582-A4CF-92EE3B83A684}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{CF24D330-1B4A-460F-ACA6-96BB7702A56D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{83161D27-C75B-47E8-9002-71BAEA22B525}] => (Allow) E:\UbiSoftLibrary\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{DB7A1B3A-28E7-48A8-BA44-D7F1DF6B73E8}] => (Allow) E:\UbiSoftLibrary\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{F47AB536-EE78-44FA-8946-122A94F2BBB3}] => (Allow) LPort=9009
FirewallRules: [{0226FA0A-30CE-4AEE-AD44-D9C69E511B34}] => (Allow) LPort=9009
FirewallRules: [{AC949591-9ED1-4920-89FE-08A63B6197CC}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{561B8F0C-94D5-438D-A550-D03CB5F297BB}E:\epiclibrary\gtav\gta5.exe] => (Allow) E:\epiclibrary\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{EFDA7168-13E4-47DA-A455-DB8A8FECDC0D}E:\epiclibrary\gtav\gta5.exe] => (Allow) E:\epiclibrary\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7E096708-209D-4319-959F-505AB604A63B}] => (Block) E:\epiclibrary\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1E400EB4-C343-479A-876C-4E055C5AC922}] => (Block) E:\epiclibrary\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{569B19B3-AA4F-46ED-B28C-CB53A0E56897}] => (Allow) LPort=9009
FirewallRules: [{3646D91F-0E13-4D73-AB1A-13E1AF9AB848}] => (Allow) LPort=9009
FirewallRules: [{E61CB72B-6E8D-4E97-AC09-D2E791C65A75}] => (Allow) LPort=9009
FirewallRules: [{BB045130-A231-4ABE-AB21-F1C6ED052291}] => (Allow) LPort=9009
FirewallRules: [{82888F07-9870-40EE-B3A4-587B91E31654}] => (Allow) LPort=9009
FirewallRules: [{81A56D91-2382-41A6-9CDA-EF3542E2D0E9}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{0B644E96-975A-46E2-BF8D-2FC918554373}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{17DFBC4A-FE4A-4D1E-88AC-262E8C95B264}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4E128D59-FDE8-47A0-AA5C-6AAC85462454}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2482B4DA-8E57-46A2-874A-138C054214E1}] => (Allow) LPort=9009
FirewallRules: [{30EFD13B-1815-48AF-B253-70A5DBBD1A80}] => (Allow) LPort=9009
FirewallRules: [{B6820F03-3243-471A-BE72-6FA2CF5F1853}] => (Allow) LPort=9009
FirewallRules: [{D879684B-B809-4860-88D7-EEB179920214}] => (Allow) E:\SteamLibrary\steamapps\common\Quake II RTX\q2rtx.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [{B257129C-9DAA-426E-A5AF-CDE4AF0EC123}] => (Allow) E:\SteamLibrary\steamapps\common\Quake II RTX\q2rtx.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [{32BCBB9C-0FE3-411F-AAC0-32611A51FF7B}] => (Allow) LPort=9009
FirewallRules: [{4BC39334-3525-4E05-AF4E-9C006BF5AE23}] => (Allow) LPort=9009
FirewallRules: [{8A6648F4-A864-48FC-BADE-6D805AF6D47A}] => (Allow) LPort=9009
FirewallRules: [{B8E6D03D-551A-45D9-B1E6-7A1A600CEBC7}] => (Allow) LPort=9009
FirewallRules: [{96E9E0D6-888A-4240-8CAA-1201CE6453B8}] => (Allow) LPort=9009
FirewallRules: [{B126BD08-386D-4B20-805A-6CE349D4CC97}] => (Allow) LPort=9009
FirewallRules: [{4EDA7297-B2CF-40FB-B0EF-C1648B31D56C}] => (Allow) LPort=9009
FirewallRules: [{66A76CF8-156B-429E-A0AA-D540CE88B7C7}] => (Allow) LPort=9009
FirewallRules: [{7DD0A37D-BB15-4294-A432-F231F3DCB751}] => (Allow) LPort=9009
FirewallRules: [{04157965-29D5-4B11-8BB6-899E79949B62}] => (Allow) LPort=9009
FirewallRules: [{E1CAB9FC-F0E1-4EEF-A337-7E8FC0614A60}] => (Allow) LPort=9009
FirewallRules: [{139306F5-A5DD-4B9A-8DFE-6C0F4324AD3F}] => (Allow) LPort=9009
FirewallRules: [{ACE73118-A773-4698-A1D8-CECCA28500DF}] => (Allow) LPort=9009
FirewallRules: [{079BF5E3-4BC3-4CB3-BC4B-60D13C4DC13B}] => (Allow) LPort=9009
FirewallRules: [{0EE1A160-D9E5-4FD6-9508-CD4C8C76B65C}] => (Allow) LPort=9009
FirewallRules: [{68C05454-963E-488F-ACCB-787754EC1259}] => (Allow) LPort=9009
FirewallRules: [{84F7B990-E1BF-4159-8B49-F3753D1779A6}] => (Allow) E:\UbiSoftLibrary\Trackmania\trackmania.exe (NADEO SASU -> Nadeo)
FirewallRules: [{2A481DEA-8C45-4663-AFA6-BCCF55B7EFE5}] => (Allow) E:\UbiSoftLibrary\Trackmania\trackmania.exe (NADEO SASU -> Nadeo)
FirewallRules: [{44A470B3-EE09-4908-B65B-71C2C50E0FE1}] => (Allow) LPort=9009
FirewallRules: [{691F9A69-C71C-4BC3-B0D4-200F784AA414}] => (Allow) LPort=9009
FirewallRules: [{20EDCEE2-3601-4A38-A15E-42D19417A634}] => (Allow) LPort=9009
FirewallRules: [{8D847F52-6478-4FBA-89A5-702D7548CBBD}] => (Allow) LPort=9009
FirewallRules: [{B6E1004F-8170-44D0-85A8-F88C47F499F8}] => (Allow) LPort=9009
FirewallRules: [{2E214329-446E-4713-864C-F3237C933DA0}] => (Allow) LPort=9009
FirewallRules: [{39F90197-B6E0-4479-BDF7-50C38192AF85}] => (Allow) LPort=9009
FirewallRules: [{0AACAA4A-AACF-4125-A518-9A3518E9CD40}] => (Allow) LPort=9009
FirewallRules: [{621213B9-1502-4D41-AA31-01C9B8AB10BA}] => (Allow) LPort=9009
FirewallRules: [{8D30BA8F-3A30-4B0D-8FFA-07DD3653C103}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{CBC8647B-3F61-40EF-967F-1F4A3CB36978}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{9B0E3B49-FC29-4C81-8F85-AA73B283FD1C}] => (Allow) E:\SteamLibrary\steamapps\common\Starship Troopers - Terran Command Demo\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{CAA7724F-778C-4C0C-A044-425D9D91B104}] => (Allow) E:\SteamLibrary\steamapps\common\Starship Troopers - Terran Command Demo\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{EE082DC4-9E93-4145-AFCF-3D4AD5FF5485}] => (Allow) LPort=9009
FirewallRules: [{2867BF25-67F8-4B69-9171-B01E16EA26E4}] => (Allow) LPort=9009
FirewallRules: [{6F8A42FB-16B2-41C0-93F8-DF4CCF9B0B6D}] => (Allow) LPort=9009
FirewallRules: [{3288D81E-82E4-40E8-A0A1-FEECF8D398E2}] => (Allow) LPort=9009
FirewallRules: [{0DACBB70-9603-4707-9ADD-392643463F35}] => (Allow) LPort=9009
FirewallRules: [{502C5617-D89E-411B-A640-36C0DD594770}] => (Allow) LPort=9009
FirewallRules: [{4C39C5CA-202A-40C1-9B7C-A6DD026D7224}] => (Allow) LPort=9009
FirewallRules: [{1AC1B83F-5A5B-4457-881E-25DC19DA292A}] => (Allow) LPort=9009
FirewallRules: [{750DA776-7D54-4CCC-8163-6AED633C49DC}] => (Allow) LPort=9009
FirewallRules: [{A8CE2DD9-A26B-4930-BAA4-6ADA16ECE1A5}] => (Allow) LPort=9009
FirewallRules: [{19EFD295-E546-44A8-B312-FF6A3B56CC21}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe (CHENGDU YIWO Tech Development Co., Ltd. -> EaseUS)
FirewallRules: [{2FF46790-555C-4CFC-A2F0-3EF4254B3F5A}] => (Allow) LPort=9009
FirewallRules: [{32B0E8C1-2BDB-4F87-85AA-BBB307B387F0}] => (Allow) LPort=9009
FirewallRules: [{881066DF-84E0-4984-B9E4-29C9596E4420}] => (Allow) LPort=9009
FirewallRules: [{B3E5287F-B6AF-4180-807E-0439968D337D}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{73D3A036-6DD1-4747-B131-A7953F538E8A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B32B45E0-BFD0-49B4-B41E-6210885AF711}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{ACC9D11A-6F41-4A0E-B34B-B3A878E15F75}E:\wargaminglibrary\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\wargaminglibrary\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A730C543-75F0-4237-B5B2-35ED01E8DFF1}E:\wargaminglibrary\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\wargaminglibrary\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F61ABDDE-FD4C-4D1B-8327-7AAC7D4A847D}] => (Allow) LPort=9009
FirewallRules: [{29122AC9-C9E8-4574-83E1-F79F48EE4676}] => (Allow) LPort=9009
FirewallRules: [{523DEA66-1677-47F6-81C4-D8D5106C0CA1}] => (Allow) LPort=9009
FirewallRules: [{82C8FC15-E724-4428-AB70-15A5DBA9091C}] => (Allow) LPort=9009
FirewallRules: [{0C08F156-FF07-4E65-9F7D-0AD0A869AB31}] => (Allow) LPort=9009
FirewallRules: [{9D16DD5E-DBE1-435C-AE14-7F3ABFDDC8AB}] => (Allow) LPort=9009
FirewallRules: [{3FC728B5-32F9-42DE-8B07-D91383CE3F5F}] => (Allow) LPort=9009
FirewallRules: [{4186F32A-B526-46B2-99F5-80B39523691D}] => (Allow) LPort=9009
FirewallRules: [{FEE89215-C41C-45F8-94EC-19BAE66FF830}] => (Allow) LPort=9009
FirewallRules: [{5E22D233-6193-4841-8742-EBBFC43A7C0D}] => (Allow) LPort=9009
FirewallRules: [{7A71440F-5545-4ABB-8534-8A877E9DF665}] => (Allow) LPort=9009
FirewallRules: [{0DC568D4-F7F3-46BB-A317-946FB6A8F698}] => (Allow) LPort=9009
FirewallRules: [{B48CCE29-3284-4CBC-9903-39C0AD1AC0D1}] => (Allow) LPort=9009
FirewallRules: [{3047309D-843B-480D-AC6A-9051E35FAD72}] => (Allow) LPort=9009
FirewallRules: [{679CF44B-FDA5-4360-9A81-FCB45161580B}] => (Allow) LPort=9009
FirewallRules: [{4844AC72-35EC-4476-8CBF-B8DA485F36B0}] => (Allow) LPort=9009
FirewallRules: [{DA085640-4D41-45F7-A76A-44886E719D06}] => (Allow) LPort=9009
FirewallRules: [{3007D01E-FC98-40EA-84DA-D1ED116C7039}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DC1B02D-5679-4716-AF69-F7E758F34630}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{804DDECD-7649-4134-BF27-9FCDC40673A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{474236C6-4D57-4D7C-9CBF-2A7C89ABBD48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4E40C7A5-6F4B-4CBD-B0BE-0FD72A466E78}] => (Allow) LPort=9009
FirewallRules: [{F0A406A9-4F0E-4740-A5FA-9015B4FEF235}] => (Allow) LPort=9009
FirewallRules: [{8F3ABA81-F150-4AD7-AEA3-15DBCC4C5BE4}] => (Allow) E:\SteamLibrary\steamapps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{3C3D04D6-F6BE-485C-962C-E26CC8DB8692}] => (Allow) E:\SteamLibrary\steamapps\common\HITMAN2\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{8C7B78AB-8E49-4C7B-B916-C367C63AEDCC}] => (Allow) LPort=9009
FirewallRules: [{C966AE10-A0C5-46EE-BC6D-88C2496D6038}] => (Allow) LPort=9009
FirewallRules: [{31D2187D-0254-4BB8-A3F5-6AEDF939B8FC}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{E1CCD8F0-9AC9-4D6E-B5E5-32383542090C}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{98277D6C-CE51-413C-8642-B456C559076F}] => (Allow) LPort=9009
FirewallRules: [{F4618158-F558-41ED-8828-BB7E0E49F3AA}] => (Allow) LPort=9009
FirewallRules: [{01889C97-19E1-4FB1-A766-13ACDC30A7A5}] => (Allow) LPort=9009
FirewallRules: [{9A9EEDC9-6020-43D9-AA46-D163C2DB11D9}] => (Allow) LPort=9009
FirewallRules: [{BD7793C6-2994-4B0A-A76E-7977FE24DDC2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0ACCB7DF-91E2-4703-86D1-6D4B3D839B2A}] => (Allow) LPort=9009
FirewallRules: [{4C42F7CA-3CDF-46E8-A00D-B2EAE36F2843}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{ABE2A3ED-33CA-42FC-8BA7-77F920EFC632}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9CCC829E-6C3E-494D-A92A-4712A3C63C22}] => (Allow) LPort=9009
FirewallRules: [{C70BF49A-53C0-4EB9-AA3E-E37ECF95321D}] => (Allow) LPort=9009
FirewallRules: [{702A5DB1-B45F-4C76-8A5D-96037D9FD771}] => (Allow) LPort=9009
FirewallRules: [{609BF776-9256-4867-80C5-526AF2B8B988}] => (Allow) LPort=9009
FirewallRules: [{368097D1-7FFA-43F9-B910-B7C4E1B10772}] => (Allow) LPort=9009
FirewallRules: [{71B2A979-6283-4F03-96F6-9041DDDBDCE6}] => (Allow) LPort=9009
FirewallRules: [{8F26BF0E-07FC-4803-8CF4-EFD757A8ED02}] => (Allow) LPort=9009
FirewallRules: [{9BCB17FB-381C-4484-BDAE-D12D191A1E1F}] => (Allow) LPort=9009
FirewallRules: [{F065C9B5-89F2-4847-8BC2-FF29FFD1B0EF}] => (Allow) LPort=9009
FirewallRules: [{921D24D4-C723-499D-9BBD-8884246089EC}] => (Allow) LPort=9009
FirewallRules: [{5F3981C5-E28E-49F6-98A6-3D4438E2075A}] => (Allow) LPort=9009
FirewallRules: [{BDB76F25-D9F1-419A-91E5-927BD7944883}] => (Allow) LPort=9009
FirewallRules: [{6540CC4C-B625-4482-BC3B-5DD4105FCB8F}] => (Allow) LPort=9009

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/20/2021 06:03:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Exception code: 0xc0000005
Fault offset: 0x00000000018fdde9
Faulting process id: 0xab4
Faulting application start time: 0x01d7de2dd8f311db
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Report Id: acf95545-2f83-44f5-9c15-0a77a28a2831
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/20/2021 05:44:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Exception code: 0xc0000005
Fault offset: 0x0000000001a6f0be
Faulting process id: 0x3a60
Faulting application start time: 0x01d7de2da2facebb
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Report Id: 48d312fe-a5af-4c3e-9023-c520943eb804
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/20/2021 05:43:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 94.0.1.7977, time stamp: 0x6182a725
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffa87d10699
Faulting process id: 0x2e80
Faulting application start time: 0x01d7de265a66c9f1
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: unknown
Report Id: 925f2fc5-c00e-4d55-8461-4fe878ab943e
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/20/2021 05:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Exception code: 0xc0000005
Fault offset: 0x0000000001a6f0be
Faulting process id: 0x30bc
Faulting application start time: 0x01d7de2af7aeb66d
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Report Id: 09c2808f-0c16-4cd2-8eb3-738016bf964a
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/20/2021 05:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Exception code: 0xc0000005
Fault offset: 0x00000000036e9eb2
Faulting process id: 0x3968
Faulting application start time: 0x01d7de268d3886a7
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Report Id: 13e9f1fe-4287-428d-bdc5-35e80a7084d6
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/19/2021 08:36:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: CELib_x64.dll, version: 6.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000000000b48e
Faulting process id: 0x2650
Faulting application start time: 0x01d7dd74ff7e4a78
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: C:\Users\tom\AppData\Local\WeMod\app-7.1.21\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x64.dll
Report Id: b0c2f2b1-72d2-4fad-8776-79f4f7df58b3
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/19/2021 07:30:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Faulting module name: re8.exe, version: 1.0.0.4, time stamp: 0x61527ac4
Exception code: 0xc0000005
Fault offset: 0x0000000003a7bc03
Faulting process id: 0x3760
Faulting application start time: 0x01d7dd640aa96cb9
Faulting application path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Faulting module path: E:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe
Report Id: 214ab0a9-abfd-4c2e-ad14-611bd0beb342
Faulting package full name: 
Faulting package-relative application ID:

Error: (11/19/2021 07:30:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.19041.746, time stamp: 0x6be51595
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1348, time stamp: 0x76fcd692
Exception code: 0xe0464645
Fault offset: 0x000000000010b302
Faulting process id: 0x1fcc
Faulting application start time: 0x01d7dd73862c232b
Faulting application path: C:\Windows\system32\dwm.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 17fdc8d6-0030-4046-966a-314b1897290e
Faulting package full name: 
Faulting package-relative application ID:


System errors:
=============
Error: (11/20/2021 04:51:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (11/20/2021 04:51:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (11/17/2021 09:03:36 PM) (Source: DCOM) (EventID: 10010) (User: TOM-Z390-MASTER)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.

Error: (11/17/2021 08:47:34 PM) (Source: DCOM) (EventID: 10010) (User: TOM-Z390-MASTER)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

Error: (11/16/2021 08:15:05 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff8032448b30c, 0xfffffb05cebbf798, 0xffffc0017f899920). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: caad5263-d700-4b60-a00e-2c25774296db.

Error: (11/16/2021 08:14:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:13:20 on ‎16/‎11/‎2021 was unexpected.

Error: (11/15/2021 09:03:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/15/2021 09:01:25 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000061941, 0x0000000029470d38, 0x000000000000000f, 0xffffd2078c14fa00). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 8c959ae7-3fb7-4bc7-a0bf-73492360af6b.


Windows Defender:
================
Date: 2021-10-06 01:13:31
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\tom\Desktop\EC_MultiHack_Engine_2.8.4\EC MultiHack Engine 2.8.4\Installer.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.349.2012.0, AS: 1.349.2012.0, NIS: 1.349.2012.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-08 22:24:31
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Presenoker&threatid=242420&enterprise=0
Name: PUA:Win32/Presenoker
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\tom\AppData\Local\Temp\is-M7B7F.tmp\prod0_extract\WcInstaller0421.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\tom\AppData\Local\Temp\is-P8JQ0.tmp\CheatEngine73.tmp
Security intelligence Version: AV: 1.349.377.0, AS: 1.349.377.0, NIS: 1.349.377.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Event[0]:

Date: 2021-09-19 17:31:39
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.349.988.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18500.10
Error code: 0x80072f8f
Error description: A security error occurred 

Date: 2021-09-18 23:36:51
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.349.622.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18500.10
Error code: 0x80072f8f
Error description: A security error occurred 

CodeIntegrity:
===============
Date: 2021-11-21 15:24:49
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. F11l 09/16/2020
Motherboard: Gigabyte Technology Co., Ltd. Z390 AORUS MASTER-CF
Processor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Percentage of memory in use: 19%
Total physical RAM: 32628.41 MB
Available physical RAM: 26294.78 MB
Total Virtual: 43380.41 MB
Available Virtual: 33671.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.77 GB) (Free:13.8 GB) NTFS
Drive d: (Qemu macOS) (Fixed) (Total:238.36 GB) (Free:238.35 GB) exFAT
Drive e: (WORK_SSD) (Fixed) (Total:977.86 GB) (Free:139.44 GB) exFAT

\\?\Volume{5973757f-421a-437b-8b63-26cc968928ea}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.17 GB) FAT32
\\?\Volume{a907ed59-0cfc-41f7-b117-54e730a4b190}\ () (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32
\\?\Volume{406c3169-32b8-4738-ae31-9cdca9ff825b}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.18 GB) FAT32
\\?\Volume{380cbdf8-ff6a-4eca-9210-a01802ac4ad0}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.18 GB) FAT32
\\?\Volume{4d6d612b-5f3f-45b4-a989-b2450c8ac300}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.18 GB) FAT32
\\?\Volume{d434707f-1ce0-4d7b-9684-01e2b3f746cb}\ () (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32
\\?\Volume{fec495be-ce23-4b1a-94da-01da4bb3449a}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 29.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 978.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
         

Geändert von cosinus (21.11.2021 um 16:46 Uhr) Grund: code tags

Alt 21.11.2021, 16:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: Schadsoftware bringt Programme zum Absturz - Standard

Windows 10: Schadsoftware bringt Programme zum Absturz



Zitat:
Zitat von TomDev Beitrag anzeigen
Schadsoftware bringt das gerade genutzte Programm zum Absturz.
Und das gerade genutzte Programm kann man nicht beim Namen weil?
Woher willst du wissen, dass das Schadsoftware ist aber behälste jede Information für dich?
__________________

__________________

Alt 26.11.2021, 17:57   #3
M-K-D-B
/// TB-Ausbilder
 
Windows 10: Schadsoftware bringt Programme zum Absturz - Standard

Windows 10: Schadsoftware bringt Programme zum Absturz



Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!
__________________
__________________

 

Themen zu Windows 10: Schadsoftware bringt Programme zum Absturz
absturz, adware, antivirus, browser, computer, defender, desktop, entfernen, failed, firefox, firewall, google, installation, internet, internet explorer, mozilla, programm, registry, security, system, trojan, udp, updates, usb, windows


« OT | - »

Ähnliche Themen: Windows 10: Schadsoftware bringt Programme zum Absturz


  1. Welche Programme sollte man wie oft laufen lassen um jegliche Art von Schadsoftware zu erkennen?
    Antiviren-, Firewall- und andere Schutzprogramme - 27.09.2017 (20)
  2. Windows 10: SrTasks.exe bringt CPU-Auslastung ständig auf 100%
    Plagegeister aller Art und deren Bekämpfung - 23.08.2017 (8)
  3. Falsches Chrome fordert zur Installation eines Videoplayers auf und bringt Schadsoftware auf PC
    Log-Analyse und Auswertung - 06.11.2014 (8)
  4. Der letzte Windows-XP-Patchday bringt Fix für Word
    Nachrichten - 04.04.2014 (0)
  5. WD 1,5 TB FB mit eigener Stomversorgung bringt windows zum absturz
    Netzwerk und Hardware - 05.03.2014 (7)
  6. Malwarebytes Anit Malware bringt Rechner zum Total-Absturz...
    Antiviren-, Firewall- und andere Schutzprogramme - 23.08.2013 (3)
  7. Download Converter --> Absturz Mozilla-Programme nach mehrfacher Neuinstallation
    Plagegeister aller Art und deren Bekämpfung - 16.05.2013 (1)
  8. Drwtsn.exe bringt etliche Programme nach dem Systemstart 'um'...
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (0)
  9. explorer.exe bringt Programme zum Absturz
    Log-Analyse und Auswertung - 03.10.2010 (1)
  10. Dateiausführungsverhinderung bringt Internet Explorer beim Öffnen zum sofortigen Absturz
    Plagegeister aller Art und deren Bekämpfung - 10.08.2010 (26)
  11. Flash bringt alle Browser zum Absturz
    Log-Analyse und Auswertung - 21.02.2010 (0)
  12. Google suche bringt werbung, bestimmte Programme lassen sich nicht öffen
    Log-Analyse und Auswertung - 24.11.2008 (1)
  13. Willkürlicher Absturz verschiedener Programme
    Log-Analyse und Auswertung - 08.08.2008 (1)
  14. Angebliches MP3 bringt Explorer andauernd zum Absturz
    Log-Analyse und Auswertung - 13.11.2007 (3)
  15. Videodatei bringt Eigene Bilder zum Absturz
    Plagegeister aller Art und deren Bekämpfung - 20.04.2007 (1)
  16. Volle Prozessorauslastung ohne Programme - Absturz des explorers
    Log-Analyse und Auswertung - 26.09.2006 (2)
  17. Ad-Aware bringt System zum Absturz
    Plagegeister aller Art und deren Bekämpfung - 17.10.2004 (8)

Zum Thema Windows 10: Schadsoftware bringt Programme zum Absturz - Schadsoftware bringt das gerade genutzte Programm zum Absturz. Wie kann Mann die finden und entfernen? Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: - Windows 10: Schadsoftware bringt Programme zum Absturz...
Archiv
Du betrachtest: Windows 10: Schadsoftware bringt Programme zum Absturz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.