Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2023 Ran by nickj (05-02-2023 09:42:05) Running from C:\Users\nickj\Downloads\log Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) (2021-12-11 08:36:58) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3323940460-2476448031-453550397-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3323940460-2476448031-453550397-503 - Limited - Disabled) Guest (S-1-5-21-3323940460-2476448031-453550397-501 - Limited - Disabled) nickj (S-1-5-21-3323940460-2476448031-453550397-1001 - Administrator - Enabled) => C:\Users\nickj WDAGUtilityAccount (S-1-5-21-3323940460-2476448031-453550397-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.15.24.2059 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.118 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 4.15.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 6.0.0.9 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{48783093-ed30-463f-9f90-d8c2cc338e32}) (Version: 2.15.24.2059 - Advanced Micro Devices, Inc.) Hidden Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden BitTorrent (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\BitTorrent) (Version: 7.11.0.46675 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broforce (HKLM-x32\...\1470490225_is1) (Version: 2.0.0.2 - GOG.com) Crash Bandicoot 4 (HKLM-x32\...\Crash Bandicoot 4_is1) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd) Discord (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Forza Horizon 5 (HKLM-x32\...\Forza Horizon 5_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC) High on Life (HKLM-x32\...\High on Life_is1) (Version: - ) JoyToKey version 6.8 (HKLM-x32\...\{EBF21C82-423E-49FD-BCBD-88C08397CB44}_is1) (Version: 6.8 - JTK software) Kaspersky (HKLM-x32\...\{0BB51252-A5F0-3D7C-AE3E-052278FEB384}) (Version: 21.8.5.452 - Kaspersky) Hidden Kaspersky (HKLM-x32\...\InstallWIX_{0BB51252-A5F0-3D7C-AE3E-052278FEB384}) (Version: 21.8.5.452 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) KMSauto.net (HKLM-x32\...\{6A2B3E01-92B9-4E14-A6A4-59AD5F9479FF}) (Version: 1.0.0 - KMSauto.net) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Little Nightmares II (HKLM-x32\...\Little Nightmares II_is1) (Version: - ) Malwarebytes version 4.5.20.230 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.20.230 - Malwarebytes) Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.78 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.70 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation) Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\1411bee0b739e9b9) (Version: 17.0.9467.6 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Teams) (Version: 1.6.00.376 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC) MultiPack Visual C++ Installer V3.0 (HKLM-x32\...\{93E81C5A-55A6-4686-AA8E-532F506EA91A}_is1) (Version: 3.0 - BobSpwg) NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.160 - Nord Security) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.48.18.0 - Nord Security) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Graphics Driver 528.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.24 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9175.1 - Realtek Semiconductor Corp.) RetroArch (HKLM-x32\...\RetroArch) (Version: 1.13.0.0 - Libretro) THX Spatial Audio (HKLM\...\{58CEA038-CE01-4C2F-9D82-34899B4F9EC9}) (Version: 1.0.3.52 - THX) Hidden THX Spatial Audio (HKLM-x32\...\{cd1f00e0-bfca-4a95-a8d7-acd306bd63ec}) (Version: 1.0.3.52 - THX) Trine 3: Artifacts of Power (HKLM-x32\...\1431599567_is1) (Version: 1.11(build_3102) - GOG.com) UNCHARTEDâ„¢ Legacy of Thieves Collection (HKLM-x32\...\FLT_Uncharted_Legacy_of_Thieves_Collection) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) WhatsApp (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\WhatsApp) (Version: 2.2304.7 - WhatsApp) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\ZoomUMX) (Version: 5.13.3 (11494) - Zoom Video Communications, Inc.) Packages: ========= AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-04-09] (Advanced Micro Devices Inc.) [Startup Task] AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Corporation) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2022-11-10] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-04-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-04-09] (Microsoft Corporation) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10114.505.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation) Monitorian -> C:\Program Files\WindowsApps\10186emoacht.Monitorian_4.0.1.0_neutral__0q7myvhtpbc7w [2023-01-06] (emoacht) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2023-02-04] (NVIDIA Corp.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-09] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-06-26] (Adobe Systems Incorporated) Real HEIC File Viewer -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealHEICFileViewer_2.0.10.0_neutral__ngh7ertwt50re [2023-01-28] (Xiaoya Lab) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2022-04-10] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-26] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-04] (Spotify AB) [Startup Task] THX Spatial Audio Control -> C:\Program Files\WindowsApps\THXLtd.THXSpatialAudioControl_2022.1206.1.0_x64__zgheytcpjsgqw [2022-12-13] (THX Ltd.) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x64__8wekyb3d8bbwe [2023-02-04] (Microsoft Corporation) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x86__8wekyb3d8bbwe [2023-02-04] (Microsoft Corporation) Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-09-26] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3323940460-2476448031-453550397-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\nickj\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22321.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-25] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-25] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\nvshext.dll [2023-01-18] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-25] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2021-12-29 16:09 - 2021-12-29 16:09 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll 2021-12-29 16:09 - 2021-12-29 16:09 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll 2022-11-16 12:09 - 2023-01-31 16:19 - 001403392 _____ () [File not signed] C:\Users\nickj\AppData\Roaming\BitTorrent\datachannel.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000509064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\AliyunWrap.DLL 2023-01-04 10:28 - 2022-02-22 16:12 - 000137864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\EnsHelper.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000021672 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\fsclog.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000203912 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libssh2.dll 2023-01-04 10:28 - 2022-02-22 16:12 - 000098440 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\register.dll 2023-01-04 10:28 - 2022-02-22 16:12 - 000461448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\wpnr.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000455816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\EaseUS\ENS\MSVCP140.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000081032 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\EaseUS\ENS\VCRUNTIME140.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000438408 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> The curl library, hxxps://curl.se/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libcurl.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 002533000 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libcrypto-1_1.dll 2023-01-04 10:28 - 2022-02-21 10:23 - 000541320 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libssl-1_1.dll 2021-12-12 08:00 - 2021-11-25 00:30 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll 2022-11-16 12:09 - 2023-01-31 16:19 - 003725824 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\nickj\AppData\Roaming\BitTorrent\libcrypto-3.dll 2022-11-16 12:09 - 2023-01-31 16:19 - 000619520 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\nickj\AppData\Roaming\BitTorrent\libssl-3.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll 2021-12-17 04:23 - 2021-12-17 04:24 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\sharepoint.com -> hxxps://unitingcommunitiesorg-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 19:44 - 2023-01-09 17:37 - 000000147 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Razer Fusion.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. Network Binding: ============= Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) WiFi: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AMD Crash Defender Service => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: avast => 2 MSCONFIG\Services: avastm => 3 MSCONFIG\Services: AvastSecureBrowserElevationService => 3 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: EpicOnlineServices => 3 MSCONFIG\Services: FvSvc => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: kpm_launch_service => 3 MSCONFIG\Services: KSDE5.3 => 2 MSCONFIG\Services: nordvpn-service => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: Razer Chroma SDK Server => 2 MSCONFIG\Services: Razer Chroma SDK Service => 2 MSCONFIG\Services: Razer Chroma Stream Server => 2 MSCONFIG\Services: Razer Game Manager Service => 2 MSCONFIG\Services: Razer Synapse Service => 2 MSCONFIG\Services: Rockstar Service => 3 MSCONFIG\Services: rsClientSvc => 2 MSCONFIG\Services: rsSyncSvc => 2 MSCONFIG\Services: RtkAudioUniversalService => 2 MSCONFIG\Services: RzActionSvc => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: VSSrv => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "BCSSync" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "NordVPN" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_CFAAD7198488C610079C0286AEB9E63F" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "bt" HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0FFC2D55-1606-41E2-B31F-97CAAC023487}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1BF103C1-04C2-4DDB-BA68-E318AACCF5BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EBFF77C4-FBAD-4DD2-93CB-A8B24AF62974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{41892017-AC31-477E-98AC-ADACCE0B6ADB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9DDE6688-5324-4ECB-8FFA-FF917D300516}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{FC95D576-B47E-4979-90E4-2406B2B56A32}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [TCP Query User{FEEB2D5F-DC2C-4609-B06B-356E7F980498}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Block) C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing) [File not signed] FirewallRules: [UDP Query User{3287EF43-A6A0-45C9-83D8-AD2928A1647D}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Block) C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing) [File not signed] FirewallRules: [{32C99B49-C381-4FEB-818C-2216E8A2359D}] => (Allow) C:\Users\nickj\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{4F3D9122-863B-4991-B869-B83798353BFC}] => (Allow) C:\Users\nickj\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{332299A3-386E-4284-A033-E3F299AD91EE}] => (Allow) C:\Users\nickj\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1EF5DBA9-ED44-460A-84BE-F3BED80E0360}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{E63ADCD0-40DA-4633-81B4-0E3E3F4DA4F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{7235FE94-6043-4C07-BF8A-29930DA55CBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{11853F4E-2763-4270-9C52-119C67924A06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0EB615EE-C0BC-4F8E-9AF2-2CA6F807935C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CF50D6E2-E860-45BA-AF3C-F8E852873240}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{DBD1798F-80E4-4F59-94D3-45464D452234}C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{84148FDC-B30B-443E-9431-6EAEFF1CEDA5}C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{01F2317A-7377-40AF-97A7-44ECA6D85E10}C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{941146D9-F551-45E4-B51A-E94774DA9D4B}C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\nickj\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E136FCA9-C052-45F3-B85B-E8D9E0712C57}C:\gog games\broforce\broforce_beta.exe] => (Allow) C:\gog games\broforce\broforce_beta.exe () [File not signed] FirewallRules: [UDP Query User{B51C1778-7696-4B9E-B0B1-E7858B83EB6C}C:\gog games\broforce\broforce_beta.exe] => (Allow) C:\gog games\broforce\broforce_beta.exe () [File not signed] FirewallRules: [TCP Query User{8076FD9E-B2EF-401B-ADAF-1D6039B7B9BF}C:\games\forza horizon 5\forzahorizon5.exe] => (Block) C:\games\forza horizon 5\forzahorizon5.exe () [File not signed] FirewallRules: [UDP Query User{E7A843F2-FA24-4182-9D3D-EC6F420A8E85}C:\games\forza horizon 5\forzahorizon5.exe] => (Block) C:\games\forza horizon 5\forzahorizon5.exe () [File not signed] FirewallRules: [TCP Query User{4B4B6A38-938A-4625-A48C-E8C32AA3974F}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Block) C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe (Squanch Games, Inc.) [File not signed] FirewallRules: [UDP Query User{86A0F6DB-BCDD-4D89-AC4C-6638E4799974}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Block) C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe (Squanch Games, Inc.) [File not signed] FirewallRules: [TCP Query User{3C7D3838-3373-4FB8-9F87-86DEE799BE57}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{770335EC-CC26-40A4-A1E3-CA0E00F0D5A2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{F93F4C0F-C380-494D-B9A8-B16F75C99454}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File FirewallRules: [{85C15D0C-B962-4F46-A697-BE6CE0ED7529}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File FirewallRules: [{312A8486-38CB-4552-B254-B21A28D0BA27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0F7675AE-0A47-4B02-A4F2-F9490147F783}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6EA841FC-6107-4209-AE84-2705B66208B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{537F304B-4629-4FF7-820B-5E2C389A1201}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2692CC5D-7988-457E-951B-0DA8FE847C9C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{35E49925-D431-41D1-A723-FDCDC6871275}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{04190364-BA01-4627-9A0F-DB287FE3B6AB}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe () [File not signed] FirewallRules: [UDP Query User{78EBC815-FF6F-4CE9-A610-D0DF26C4DC03}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe () [File not signed] FirewallRules: [TCP Query User{62B8AFE6-F87B-411D-BFEE-F7860EB71BC4}C:\games\uncharted legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted legacy of thieves collection\tll.exe () [File not signed] FirewallRules: [UDP Query User{BBB87BF5-80A2-4BDB-8C60-8680125625F5}C:\games\uncharted legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted legacy of thieves collection\tll.exe () [File not signed] FirewallRules: [{0C82D4E5-D3E9-43EE-8551-B9A4EB472985}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{62536242-3E8F-4E36-A537-0CD021E024AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{CADC1E58-5260-4476-82FC-87173855A50E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{19E017DF-520B-4828-9050-553378B7ACC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{B845280A-40FF-4D3E-8C39-7F8D27DA7DB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4C5FCE8C-E4DF-473D-BC86-898D86A615F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{56DA8152-F973-4ECF-9902-264F47885C8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6990A561-CDBE-47C5-BBC9-8F38ABBF96A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D3577B6E-7A88-4130-8962-8BA8E122353E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5CCEB037-F3AC-401B-8703-46F6E34E8F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BED662A7-2FC0-4A2D-9FB1-092395E68FCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{27570EA8-BE7B-4C43-8B51-D0082244A58D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DAD69663-5FA3-4383-97A8-DB6E2245BB22}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{56E8915E-022F-4CA8-AD75-73020FBAAC2F}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{5CBA5BE5-5796-4956-86E6-9BF3CB2E8C64}] => (Allow) C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{90F75F50-4827-4AD8-8DE4-A5841DF72C35}] => (Allow) C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe (Rainberry Inc -> BitTorrent Inc.) ==================== Restore Points ========================= 27-01-2023 20:42:09 Windows Modules Installer 04-02-2023 18:39:25 Windows Modules Installer ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (02/05/2023 09:27:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x3cec Faulting application start time: 0x01d938ec1f14543b Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: b21456d5-4f00-4ab7-aa3e-2dded3a47546 Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x1a1c Faulting application start time: 0x01d938ec1b74ca68 Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: 8366e1f4-a74f-4091-bea0-7a3df13efa27 Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x2cf4 Faulting application start time: 0x01d938ec1789ba0c Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: ef997841-67e6-47f8-b6a2-d89c2acbe6ca Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x4aec Faulting application start time: 0x01d938ec14b9a08b Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: 537bcdcd-2cc6-413c-812f-c7cab821c7f6 Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x1574 Faulting application start time: 0x01d938ec12a9d4ab Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: c3a9ccd8-0e1c-431a-ba4b-01d4a12e4835 Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x2cb8 Faulting application start time: 0x01d938ec113109d0 Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: bf811314-8df2-4f4c-86ce-90ef0fd5a4d4 Faulting package full name: Faulting package-relative application ID: Error: (02/05/2023 09:27:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x184c Faulting application start time: 0x01d938ec105e44b2 Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: 9e8fc9e5-8a72-4291-8602-c5fc160ed2b1 Faulting package full name: Faulting package-relative application ID: Error: (02/04/2023 10:02:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NVIDIA Share.exe, version: 73.3683.1933.5, time stamp: 0x63d40b20 Faulting module name: libcef.dll, version: 73.0.0.0, time stamp: 0x5c8499d0 Exception code: 0x80000003 Fault offset: 0x0000000001eb3d23 Faulting process id: 0x880 Faulting application start time: 0x01d9388c6898127a Faulting application path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll Report Id: e0fdedf1-56f0-462a-be7f-5711bab78ac1 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (02/04/2023 07:38:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\IntelIHVRouter08.dll Error: (02/04/2023 07:38:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\IntelIHVRouter08.dll Error: (02/04/2023 07:38:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\IntelIHVRouter08.dll Error: (02/04/2023 07:38:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4LBAS2EC) Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout. Error: (02/04/2023 07:37:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Disc Soft Lite Bus Service service terminated unexpectedly. It has done this 1 time(s). Error: (02/04/2023 07:37:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (02/04/2023 07:37:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Gaming Services service terminated unexpectedly. It has done this 1 time(s). Error: (02/04/2023 07:37:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Gaming Services service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =============== Date: 2023-02-05 09:42:17 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2023-02-05 09:38:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-02-05 09:34:46 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: Razer 1.06 06/07/2021 Motherboard: Razer PI411 Processor: AMD Ryzen 9 5900HX with Radeon Graphics Percentage of memory in use: 47% Total physical RAM: 15774.59 MB Available physical RAM: 8319.28 MB Total Virtual: 20894.59 MB Available Virtual: 10724.26 MB ==================== Drives ================================ Drive c: (Blade 14) (Fixed) (Total:936.18 GB) (Free:103.81 GB) (Model: SAMSUNG MZVLB1T0HBLR-00A00) NTFS \\?\Volume{c9582083-d709-4784-a493-76601a8a3eae}\ (Recovery) (Fixed) (Total:16.6 GB) (Free:1.01 GB) NTFS \\?\Volume{29da1acf-28dc-4ef3-bc37-7ed37b8312ce}\ (Winre) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS \\?\Volume{17950854-e6c6-405d-8d19-844fd580d7ab}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: 5A1AB5B8) Partition: GPT. ==================== End of Addition.txt =======================