System Interrupts, Stuttering, Clicks and Pops

Cyclone · Jul 19, 2021

In November 2019, after having my computer for ten months, Microsoft force-installed its first major update to my operating system in build 1903 on my Dell Inspiron 5680 with 24 GB of RAM and an SDD hard drive. After a single ocurrence of weird video lag on December 7, 2019, during a race commentary on Twitch, I started noticing a more consistent pattern of it by March 2020. I have never been able to shake this for over a year and a half. When I reboot, it's fine, but within anywhere from a day to a couple of weeks, I find the pops and clicks happening, and I find when I record audio and video that the quality is at times poorer. I also suspect that it causes occasional lag to the computer itself because it's interrupting other processes and thus lagging itself. I did try last summer using a background process app to completely disable NVIDIA on my computer, but after a week of waiting on that test, discovered the lag was returning. So NVIDIA is back on after I've confirmed that it's not the issue. I have tried the suggestion over here, and am running on two modified registry entries right now, but that also didn't work. There are other things I'm sure I've tried, but it's been so long that I couldn't tell you everything, so if something is suggested and I've done it, I can comment as such. I have since updated to the next build, 2004, to try to solve the problem, but this led to issues with my audio that got me on the phone to MS support, and we found that only Realtek audio currently works on my computer. Until the updarte, I could use High Definition Audio. It might work again now, but at present, everything is running on Realtek; even so, it's odd that this turned into an issue after the 2004 update as if there is no Dell driver for the High Definition Audio Device. Oh, and the clicks and pops are still coming through, so the update just caused me more headaches and didn't fix anything. Further updates will surely not help either, so I'd like to try to get at the root cause instead.

I've taken a Speccy. I also have attached a SysnativeFileCollectionApp. I cannot for the life of me seem to be able to get the xperf to work. "xperf: error: NT Kernel Logger: The instance name passed was not recognized as valid by a WMI data provider. (0x1069)." I did check the direction of "Set the path environment variable adding the windows performance toolkit path: go to Control Panel\System and Security\System - advanced system settings, (click yes in the UAC window that should appear if you didn't disable it), click environment variables, double-click path under the system variables pane (or click it once and then click edit), and add C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\" and it is already listed, so I cannot figure out why it's not working. I did try changing to my profile name in the command, same result. Tried both CMD and Powershell. So for now, Speccy and SysnativeFileCollectionApp will have to do.

I can also run LatencyMon and post data from that if desired.

Cyclone · Jul 26, 2021

I posted the above thread a week ago today. I'm a little upset that other people have been receiving assistance and I'm sitting here waiting, as are several others who have posted a similar problem dating back to July 13. Is no one currently available at this forum to help with these issues?

Cyclone · Oct 27, 2021

Is anyone handling these requests for help? I'm still pulling what's left of my hair out trying to solve this. I just disabled the Wifi adapter, which might be my last possible attempt to fix this on my own. The latest instance occurred in less than four days booted. I am keeping the PC running for tests because, in the past, I was able to keep my PC running for much longer without any issues. I'm also starting to wonder if Google Chrome is itself part of the issue

An additional effect I noticed today is I recorded gameplay video and commentary and, while my microphone was synced correctly, the game audio did not match the video; videos taken earlier on a fresh boot have no problems, but denigrate over time. Annoying since I am trying to record for Youtube as well and now have to redo several gameplay items from the beginning to get proper recordings, which is hours of gameplay i hve to redo. I want to fix this damn problem.

DR M · Oct 27, 2021

Hi, Cyclone.

I'm sure your topic was just unseen and no one ignores you.

Something I would like to ask you: you are talking about pops and clicks. What do you mean?

Have you thought of checking your computer for malware? I understand that the issue you describe may concern a completely different situation, but you never know. Plus, you exclude something and focus on other specific situations.

Gary R · Oct 27, 2021

Generally speaking, if no one has replied to your topic, it means that either they have nothing useful to suggest to help you, or that your topic has been overlooked, which is easily done on a busy forum like this.

In any case, your topic is now 3 months old, and most people would assume that by now you would have either found a solution, or reset your computer, because with problems that appear to have no specific solution, a reset is generally the quickest way to resolve them.

Cyclone · Oct 27, 2021

DR M said:
Hi, Cyclone.

I'm sure your topic was just unseen and no one ignores you.

Something I would like to ask you: you are talking about pops and clicks. What do you mean?

Have you thought of checking your computer for malware? I understand that the issue you describe may concern a completely different situation, but you never know. Plus, you exclude something and focus on other specific situations.

The problem started the moment a Windows Update was completed to build 1903. While it's been a year and a half, I'm certain malware is not the cause. Though I can always run a malware scan, I can also do LatencyMon scans showing several Windows processes seeming to be a cause of the latency if this helps. It seems ndis.sys is a constant thorn in my side, and I've seen a couple others consistently at the top as well among the Windows processes. In the case of ndis.sys, disabling the Wifi adapter was one thing I never did, so I am finally doing that on my next reboot since it's a PC, and not a laptop (which requires it). I'm trying to come up with other ideas and also am willing to provide scans before I reboot again.

Gary R said:
Generally speaking, if no one has replied to your topic, it means that either they have nothing useful to suggest to help you, or that your topic has been overlooked, which is easily done on a busy forum like this.

In any case, your topic is now 3 months old, and most people would assume that by now you would have either found a solution, or reset your computer, because with problems that appear to have no specific solution, a reset is generally the quickest way to resolve them.

Around the time I posted, multiple topics about the subject were not responded to. August has a lot of threads about this with 0 replies. Possibly people on vacation or something.

DR M · Oct 28, 2021

Cyclone,

Since there is no other response regarding your issue, let's see if FRST logs can tell us something.

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
Press Scan button and wait for a while.
The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
Please copy and paste the content of these two logs in your next reply.

Cyclone · Oct 28, 2021

Cheers. Let's see if we can fix this. I've removed entries I know are safe due to the large number of entries related to them (they are something I've used for the last few months and are known to not be the cause of this, being a year and a half since the problem first occurred en masse and nearly two years since the first individual case) in my effort to keep things simple. The originals are maintained, however, and I've uploaded them with everything outside of my downloads fully intact.

I've concluded the problem is something in the Windows structure as the problem first occurred on build 1903. It first occurred two weeks after the update from 1809. Second time Windows has caused problems with a computer, also causing bluescreens on Windows 7 four years ago. For this one, I think a hitch with Windows - something taking too long to process and causing memory leaks or something - is in turn degregating my sound. Should I run a LatencyMon scan and attach those results before I reboot the computer? Or any other scans relying on the computer being in its bad running setup?

One more note: Mozilla and Chrome errors may potentially be me force-quitting the app to ensure my tab history is maintained. That shows as an error.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Cyclone (administrator) on DESKTOP-E5ARDFG (Dell Inc. Inspiron 5680) (28-10-2021 05:39:15)
Running from C:\Users\Cyclone\Desktop
Loaded Profiles: Cyclone & _ashbackuppb_
Platform: Microsoft Windows 10 Home Version 2004 19041.867 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\oxHelper.exe <2>
() [File not signed] C:\Users\Cyclone\Desktop\TS-MOD\TS-Mod-20e.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupClient-abpb.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupService-abpb.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtbnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Daniel Terhell -> Resplendence Software Projects Sp.) C:\Program Files\LatencyMon\LatMon.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\Update\DellUpdate.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Discord Inc. -> Discord Inc.) C:\Users\Cyclone\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <72>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hugh Bailey -> ) C:\Program Files\OBS Studio\obs-plugins\64bit\obs-browser-page.exe <3>
(Hugh Bailey -> OBS) C:\Program Files\OBS Studio\bin\64bit\obs64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\NVDisplay.Container.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-06] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-10-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2019-05-23] () [File not signed]
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupClient-abpb.exe [327048 2020-04-09] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9244648 2017-11-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502704 2017-11-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Run: [Discord] => C:\Users\Cyclone\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Policies\system: [DisableLockWorkstation] 0
HKLM\...\Print\Monitors\HP E811 Status Monitor: C:\Windows\system32\hpinkstsE811LM.dll [393344 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E308853-EFFE-4BE3-80C7-BE3E498216F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {4381D7AA-9182-445A-A1FB-E539F4F7F748} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4558BF1E-9603-42A4-8EA0-725728BF7485} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4BD237B3-B712-455C-9DE1-C96E3E0404EC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {589286F6-4CC8-4B87-A005-E2963C764B16} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
Task: {5B8951CC-8003-4634-A51E-095965E344A2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
Task: {6B3EBCB6-5745-4513-A9C1-3D9ED2AED818} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {729675AE-8A03-41ED-BC4A-CA78E88B095E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7428C49C-6017-4A9E-A046-D540B0F86DA8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {81B1B7E4-7CDE-4795-A618-834B7196FC77} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {94F736A4-1007-4856-AACE-90C065337CEC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {96106FA8-20F6-43F8-9EB1-A206131E8F98} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {A2E4A650-73E2-4D0D-8FF1-E1CDC5575096} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-18] (Google Inc -> Google Inc.)
Task: {AEFF6AE0-345F-4BE0-8F53-B6F15AC2233A} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [957528 2021-10-08] (Bitdefender SRL -> Bitdefender)
Task: {B0CFF7F3-F41E-4A1D-BFB8-806AF1F72C64} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {C66AD265-AEFA-4F62-8F9A-DE47CF6EB0ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CD6A1764-2376-47C0-8672-8E97CC332B54} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [36440 2020-04-10] (Rivet Networks LLC -> DELL)
Task: {E0503FCD-96A7-44C0-95AD-145305E87A28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-18] (Google Inc -> Google Inc.)
Task: {E4F52C8B-8C36-462C-B6AB-2DDE52020B16} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {E51987B5-14A0-4D18-A8A7-04E1F1A1F41C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {E60AC39A-C0A9-4D56-A7F9-6256AB823682} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {E9F499BD-ECA0-483B-834D-E0E918479B13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB7E1341-2F78-4D7C-BE6B-C25EAC401502} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {F77E481B-88D2-4695-9BBC-42D64BD2144D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {FA4E846B-A49D-429C-B585-16E3F3A8AA23} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3348a716-906e-4432-aee4-05f83c6abf0f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{56e5f99e-e89a-452a-b12c-bd14d6a24dfc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{56e5f99e-e89a-452a-b12c-bd14d6a24dfc}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\Cyclone\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-26]

FireFox:
========
FF DefaultProfile: h610ut60.default
FF ProfilePath: C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default [2021-10-28]
FF Homepage: Mozilla\Firefox\Profiles\h610ut60.default -> about:blank
FF Session Restore: Mozilla\Firefox\Profiles\h610ut60.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\h610ut60.default -> hxxps//www.start.ca
FF Extension: (uBlock Origin) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\uBlock0@raymondhill.net.xpi [2021-10-23]
FF Extension: (Twitch Downloader) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{452d0fe4-e428-4f43-aa9a-76432d0fc466}.xpi [2019-03-05]
FF Extension: (TTV ad-block) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{8119073b-9727-4455-8b87-89bbb89e8668}.xpi [2020-12-09]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-10-11]
FF Extension: (Video DownloadHelper) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-11-14]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-13] [UpdateUrl:hxxps//download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-11-01] [UpdateUrl:hxxps//download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-11] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default [2021-10-28]
CHR Notifications: Default -> hxxps//www.start.ca
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-18]
CHR Extension: (Docs) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-18]
CHR Extension: (Google Drive) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-18]
CHR Extension: (uBlock Origin) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-24]
CHR Extension: (Tampermonkey) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-01]
CHR Extension: (FrankerFaceZ) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-06-15]
CHR Extension: (Sheets) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-30]
CHR Extension: (Google Docs Offline) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-10-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Twitch - Remove Top Cheer) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\plhdimgjjobkjbdngkdfenkcdfipjhfc [2019-06-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupService-abpb.exe [35208 2020-04-09] (Ashampoo GmbH & Co. KG -> )
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14288 2020-12-02] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-11-14] (McAfee, LLC -> McAfee, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [65096 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [65104 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2361952 2020-04-10] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [306776 2021-10-08] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3414928 2021-08-13] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [802976 2021-04-19] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2021-05-20] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-26] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 CY3014.X64; C:\WINDOWS\system32\DRIVERS\CY3014.X64.SYS [3716280 2019-05-27] (Corsair Memory, Inc. -> )
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [133480 2017-06-22] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2019-05-23] (Elgato Systems LLC -> Elgato Systems GmbH)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-04-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-11-01] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-12-14] (Bitdefender SRL -> Bitdefender)
R3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [158552 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-03-24] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 05:39 - 2021-10-28 05:40 - 000030419 _____ C:\Users\Cyclone\Desktop\FRST.txt
2021-10-28 05:36 - 2021-10-28 05:40 - 000000000 ____D C:\FRST
2021-10-28 05:34 - 2021-10-28 05:36 - 002310656 _____ (Farbar) C:\Users\Cyclone\Desktop\FRST64.exe
2021-10-27 11:15 - 2021-10-27 11:15 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-10-27 11:11 - 2021-10-27 11:11 - 000000000 ___RD C:\Users\Cyclone\Documents\Scanned Documents
2021-10-27 11:11 - 2021-10-27 11:11 - 000000000 ____D C:\Users\Cyclone\Documents\Fax
2021-10-24 11:41 - 2021-10-24 11:41 - 000000000 ____D C:\Content
2021-10-24 11:40 - 2021-10-24 11:41 - 000000000 ____D C:\PackageUninstallInfo
2021-10-24 11:09 - 2021-10-24 11:09 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2021-10-20 15:06 - 2021-10-20 15:06 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-694022469-645203875-878927492-1001
2021-10-20 15:06 - 2021-10-20 15:06 - 000002377 _____ C:\Users\Cyclone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-17 01:46 - 2021-10-17 01:46 - 000002452 _____ C:\Users\Public\Desktop\Browse Manuals.lnk
2021-10-16 19:32 - 2021-10-16 19:32 - 000000000 ___HD C:\$WinREAgent
2021-10-14 06:49 - 2021-10-24 11:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-10-13 04:09 - 2021-10-26 15:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-13 04:02 - 2021-10-13 04:03 - 000013839 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000012038 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000010386 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-10-06 00:30 - 2021-10-23 09:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-05 02:00 - 2021-10-13 03:55 - 000017143 _____ C:\Users\Cyclone\Desktop\Temp.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 05:42 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-28 05:42 - 2019-01-18 14:50 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\Discord
2021-10-28 05:41 - 2019-01-18 14:51 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-28 05:35 - 2019-01-18 14:50 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Discord
2021-10-28 05:32 - 2021-03-11 04:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-28 04:42 - 2019-01-17 19:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-28 02:44 - 2021-07-29 16:39 - 005158167 _____ C:\Users\Cyclone\AppData\Roaming\tss-asset-cache.bin
2021-10-28 02:28 - 2021-04-07 06:02 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Downloaded Installations
2021-10-28 02:09 - 2019-01-17 20:09 - 000000000 ____D C:\Users\Cyclone\AppData\LocalLow\Mozilla
2021-10-27 11:15 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-27 09:51 - 2019-04-25 15:08 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-10-27 02:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-26 04:05 - 2019-01-17 15:22 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Packages
2021-10-25 17:39 - 2021-03-28 21:08 - 000000000 ____D C:\Users\Cyclone\Desktop\Railworks
2021-10-24 11:10 - 2019-03-15 00:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-24 11:09 - 2019-01-17 20:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-23 09:35 - 2021-03-11 04:29 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-23 09:32 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-23 09:31 - 2021-03-11 04:22 - 000000000 ____D C:\Users\Cyclone
2021-10-23 09:30 - 2021-03-11 04:22 - 000000000 ____D C:\Users\_ashbackuppb_
2021-10-23 09:29 - 2021-03-11 04:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-23 09:29 - 2021-03-11 04:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-21 20:43 - 2019-01-18 14:24 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 20:43 - 2019-01-18 14:24 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-17 23:15 - 2020-02-22 20:06 - 000000000 ____D C:\Users\Cyclone\Desktop\Train Simulator 2020 Stuff
2021-10-17 00:36 - 2019-01-18 14:44 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\vlc
2021-10-13 09:03 - 2020-08-14 19:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-13 04:09 - 2019-01-17 20:09 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-13 04:00 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-09 21:30 - 2021-04-26 00:43 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d716507ef6bff9
2021-10-09 21:30 - 2021-03-11 04:32 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 13:37 - 2021-03-11 04:32 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 13:37 - 2021-03-11 04:32 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 21:40 - 2021-07-18 17:00 - 000000000 ____D C:\Users\Cyclone\Desktop\TS-MOD
2021-09-29 19:24 - 2019-02-05 09:48 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\obs-studio

==================== Files in the root of some directories ========

2021-07-29 16:39 - 2021-10-28 02:44 - 005158167 _____ () C:\Users\Cyclone\AppData\Roaming\tss-asset-cache.bin
2020-06-02 17:47 - 2020-06-02 17:47 - 000000017 _____ () C:\Users\Cyclone\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Cyclone (28-10-2021 05:43:33)
Running from C:\Users\Cyclone\Desktop
Microsoft Windows 10 Home Version 2004 19041.867 (X64) (2021-03-11 08:32:45)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-694022469-645203875-878927492-500 - Administrator - Disabled)
Cyclone (S-1-5-21-694022469-645203875-878927492-1001 - Administrator - Enabled) => C:\Users\Cyclone
DefaultAccount (S-1-5-21-694022469-645203875-878927492-503 - Limited - Disabled)
Guest (S-1-5-21-694022469-645203875-878927492-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-694022469-645203875-878927492-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-694022469-645203875-878927492-1002 - Administrator - Enabled) => C:\Users\_ashbackuppb_

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Out of date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Capture Utility (HKLM\...\{612038DC-3820-469C-B9D3-74A026D72636}) (Version: 1.6.3.4272 - Elgato Systems)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
Ashampoo Backup Pro 14 (HKLM\...\{DF972766-6215-609B-2EC7-6E166E30B4C1}_is1) (Version: 14.06 - Ashampoo GmbH & Co. KG)
Ashampoo Video Optimizer Pro (HKLM\...\{0A11EA01-76FF-098D-1F55-38D65501534C}_is1) (Version: 1.0.5 - Ashampoo GmbH & Co. KG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.16.72 - Bitdefender)
Cyotek WebCopy version 1.7.0.600 (HKLM-x32\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.7.0.600 - Cyotek Ltd)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.2 - Dell Inc.)
Discord (HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Elgato Game Capture HD (HKLM\...\{CDF9181F-5CF7-4BC9-B6FD-EDB5577BBBC9}) (Version: 3.70.34.3034 - Elgato Systems GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
HandBrake 1.3.1 (HKLM-x32\...\HandBrake) (Version: 1.3.1 - )
HexChat (HKLM\...\HexChat_is1) (Version: 2.14.2 - HexChat)
ImBatch 6.6.0 (HKLM-x32\...\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1) (Version: 6.6.0 - High Motion Software)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.9.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
iTunes (HKLM\...\{D9D08A8F-5A03-486A-AD4D-3A438D521F8B}) (Version: 12.9.3.3 - Apple Inc.)
Kits Configuration Installer (HKLM-x32\...\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.48 - McAfee, LLC.)
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{DA855582-B360-4532-B8C4-ECD1E5A7095B}) (Version: 4.8.04084 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{7D846F37-3C30-47C5-BCEA-2929EE09BE9A}) (Version: 4.8.04084 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.51 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-694022469-645203875-878927492-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 93.0 (x64 en-US)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.4.0 - Mozilla)
Mozilla Thunderbird (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 91.2.0 (x86 en-US)) (Version: 91.2.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.2 - Notepad++ Team)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.38.20.117 - Realtek)
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
SDK ARM Additions (HKLM-x32\...\{FCF9D89E-6F79-64FB-B08D-B0E69FF54DEE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{72DB07D6-E166-5A3F-B6E6-4664383781B8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{1B2DE43F-91D0-EE1E-7C9C-EF16064EB04C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Shotcut (HKLM\...\Shotcut) (Version: 20.11.28 - Meltytech, LLC)
SmartByte Drivers and Services (HKLM\...\{1E9AE03E-28AC-4FE3-A66B-F3147A47578B}) (Version: 3.0.863 - Rivet Networks)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
TightVNC (HKLM\...\{B7458EC3-2AA0-4DB4-8FC4-FBB73CC44948}) (Version: 2.8.11.0 - GlavSoft LLC.)
TS-Tools version 1.0.53 (HKLM-x32\...\{76A5582E-8509-4956-969B-1EACB019259D}_is1) (Version: 1.0.53 - Mike Simpson)
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{CD06199B-41C1-AE6D-7567-984CC68792C3}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BD75F257-50A4-E0CD-9942-C3550CA3E66A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E18618EC-D9DB-4BCE-B382-85ADA2CBB340}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
WinRAR 5.71 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.1 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WPT Redistributables (HKLM-x32\...\{FDF7ED9F-920C-CC11-0290-8B41498C1927}) (Version: 10.1.19041.685 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BB70FD41-5199-A5A6-064F-4343723C3048}) (Version: 10.1.19041.685 - Microsoft) Hidden
Zelda Randomizer version 3.3 (HKLM-x32\...\{EF6E3EAB-ADF6-4D70-A868-6631B14F2B9B}_is1) (Version: 3.3 - Fcoughlin)
Zoom (HKU\S-1-5-21-694022469-645203875-878927492-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1790.3.0_x86__kgqvnymyfvs32 [2020-06-17] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\Nordcurrent.CookingFever_8.0.0.4_x86__m9bz608c1b9ra [2020-05-24] (Nordcurrent)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-03-11] (Microsoft Corporation)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.40.0_x64__htrsf667h5kn2 [2020-05-24] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-14] (Dell Inc)
Dell Help & Support -> C:\Program Files\WindowsApps\DellInc.DellHelpSupport_3.2.1.0_x64__htrsf667h5kn2 [2020-05-24] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.0.9346.0_x64__0vhbc3ng4wbp0 [2020-05-24] (Screenovate Technologies) [Startup Task]
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2020-05-24] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-08-30] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-05-24] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-05-24] (Dropbox Inc.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-05-24] (Fitbit)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-05-24] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy [2020-06-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2021-03-11] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-05-24] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-11] (NVIDIA Corp.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.18.1.0_x64__nfy108tqq3p12 [2020-06-17] (Thumbmunkeys Ltd)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-05-24] (Skype)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.0.869.0_x64__rh07ty8m5nkag [2020-05-24] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_469.2003.9001.0_x64__8wekyb3d8bbwe [2021-03-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-07-15] (Notepad++ -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-04-26] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-04-26] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-04-26] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\nvshext.dll [2020-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-06] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-25 10:57 - 2020-04-02 20:28 - 000064512 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\ashinetutil.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000227328 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\jsoncpp.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000056320 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\lzma.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000111616 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\minizip.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000226816 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\party.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000679424 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\sqlite.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 001074176 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\webdave.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000082432 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\zdll.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000074240 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\ziputil.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000025088 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\zlibutil.dll
2020-12-02 04:02 - 2020-12-02 04:02 - 000262144 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2019-04-14 19:28 - 2019-04-14 19:28 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2019-04-14 19:28 - 2019-04-14 19:28 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2020-04-10 10:27 - 2020-04-10 10:27 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2020-07-25 10:57 - 2018-06-27 10:58 - 002135040 _____ (The curl library, hxxps//curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\ash_libcurl.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000431616 _____ (The curl library, hxxps//curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\libcurl.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 003223040 _____ (The OpenSSL Project, hxxps//www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\libcrypto-1_1-x64.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000684544 _____ (The OpenSSL Project, hxxps//www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\libssl-1_1-x64.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000151552 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxbase310u_net_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 002170368 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxbase310u_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000165888 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxbase310u_xml_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 001376256 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxmsw310u_adv_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 004941824 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxmsw310u_core_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000642048 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxmsw310u_html_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000107520 _____ (wxWidgets development team) [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxmsw310u_webview_vc_ox.dll
2020-07-25 10:57 - 2020-04-02 20:28 - 000764416 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\wxmsw310u_xrc_vc_ox.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-694022469-645203875-878927492-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-694022469-645203875-878927492-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-694022469-645203875-878927492-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-694022469-645203875-878927492-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
SearchScopes: HKLM -> DefaultScope {651E5661-3418-4E0D-949D-397CA3AB18D4} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {651E5661-3418-4E0D-949D-397CA3AB18D4} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {651E5661-3418-4E0D-949D-397CA3AB18D4} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {651E5661-3418-4E0D-949D-397CA3AB18D4} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
SearchScopes: HKU\S-1-5-21-694022469-645203875-878927492-1001 -> DefaultScope {651E5661-3418-4E0D-949D-397CA3AB18D4} URL =
SearchScopes: HKU\S-1-5-21-694022469-645203875-878927492-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-694022469-645203875-878927492-1001 -> {651E5661-3418-4E0D-949D-397CA3AB18D4} URL =
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-11-14] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-11-14] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-10-08] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-22] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 09:46 - 2021-05-20 20:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\
HKU\S-1-5-21-694022469-645203875-878927492-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-694022469-645203875-878927492-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{84CFF008-D6F5-4F93-8E65-38E7C0830A6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{962D2836-A818-470C-B9BF-C8939312CC18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{E9B2464B-EF3A-4D70-AF84-F05BFF55509E}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{C745D304-CF4E-4BAC-AB77-9C20BA28CC21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F6AD06EF-C14F-4E53-A3B0-0A2544E37AA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{29EED8BD-83D8-4924-905C-EDE86DD726B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{BCE6CE2D-44B3-490B-B771-AFCAAD961E46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7C6BC8E6-DA55-4391-AEE0-692A8FB57D14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shoppe Keep 2\Shoppe Keep 2 MP\Shoppe Keep 2.exe => No File
FirewallRules: [{EF6F8624-4B19-4855-86B5-F207141488E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shoppe Keep 2\Shoppe Keep 2 MP\Shoppe Keep 2.exe => No File
FirewallRules: [{46CF0F18-992A-4977-A86B-19063B67D055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shoppe Keep 2\Shoppe Keep 2 SP\Shoppe Keep 2.exe => No File
FirewallRules: [{0D3E2C5B-98D5-4866-9576-765CB8131DB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shoppe Keep 2\Shoppe Keep 2 SP\Shoppe Keep 2.exe => No File
FirewallRules: [{FC5CD81D-FB77-4342-B652-867922A61022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lord of the Rings - LCG\Lord of the Rings - LCG.exe () [File not signed]
FirewallRules: [{A78885D3-4969-4908-9F69-5E02E7EC58C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lord of the Rings - LCG\Lord of the Rings - LCG.exe () [File not signed]
FirewallRules: [{C6A25985-7A2E-4FB4-A105-F60083AE52F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Valley 2\TrainValley2.exe () [File not signed]
FirewallRules: [{C6CECDF1-A3B7-4280-96B0-3EBFDA1B5FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Valley 2\TrainValley2.exe () [File not signed]
FirewallRules: [{7FE370EC-EF07-41D7-AFED-FCA793A730D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carcassonne The Official Board Game\Carcassonne.exe () [File not signed]
FirewallRules: [{9696B78A-7BD3-4032-994F-90F741352C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carcassonne The Official Board Game\Carcassonne.exe () [File not signed]
FirewallRules: [{D18BCF05-F8F6-46B1-92A2-AE7B0B3656C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe (Enlight Software Limited -> ) [File not signed]
FirewallRules: [{AB073158-1786-4429-8217-320F941DF3BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe (Enlight Software Limited -> ) [File not signed]
FirewallRules: [{92121118-BEBF-4AE7-83A9-D93FBA8707BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RiseOfIndustry\Rise of Industry.exe () [File not signed]
FirewallRules: [{1F9EF8CA-0DD0-4F91-8039-016FA5AC53A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RiseOfIndustry\Rise of Industry.exe () [File not signed]
FirewallRules: [{A0E98684-13B3-4835-B57C-FE2E037A0F9B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{527A08A9-D07F-41B9-9562-08F858C046A3}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.0.9346.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{5A46BAFE-D7DE-41A9-B882-FFF994FB1925}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.0.9346.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{4C0AED57-0F7D-425A-94EF-B332585BF885}] => (Allow) C:\Users\Cyclone\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BCC870B1-0023-4A98-9570-329E53BD1E7D}] => (Allow) C:\Users\Cyclone\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{975CA2BB-3681-46BB-9F6A-F3637106308C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [{133E6CE3-021A-4068-B9E5-D5415C908223}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [{630EA41D-000D-4C57-8CFB-05B9020EA24D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => No File
FirewallRules: [{FF66BFF6-5115-4EE2-9E60-6089F97736BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => No File
FirewallRules: [{DC9A496A-B342-49C5-A2AB-0A5EF2FB3296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => No File
FirewallRules: [{3F96F27B-4D4F-4418-B0C1-31DB518C7226}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => No File
FirewallRules: [{778B3B58-036C-408B-859D-038D8ACE05C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AOE3DE_Beta\AoE3DE_s.exe => No File
FirewallRules: [{3179D4E0-C3B7-4633-9B70-3E1EA3339275}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AOE3DE_Beta\AoE3DE_s.exe => No File
FirewallRules: [{6823CC43-384C-47EB-8CAE-8CF66A2EC51B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{B9DBD22F-4ABA-4CD4-9E36-83E48028A579}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{D6970E29-B83C-4DF9-ACC6-17C618350A32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{2EAE5821-E652-4716-ABF3-87C584218666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{C28850BE-CE36-4E2E-9EEF-2521FA3DDA36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{0654013A-7312-4E67-9F3F-07DE784FE2BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{380CF9B2-FBA9-4332-8B2D-49231692F7D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unrailed\UnrailedGame.exe () [File not signed]
FirewallRules: [{A340FC75-1070-4E7D-9500-F7D61C7F9FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unrailed\UnrailedGame.exe () [File not signed]
FirewallRules: [{6B2BC6F1-C824-4820-846A-69F17D959E0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{2915A3C5-AB19-4CB5-AC02-3A78A76D6E78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{11C75239-742F-470B-A1C0-D7558D380DFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{51A13CE3-EC8F-442A-953C-AF0A6042BE48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{7316D647-6A43-4D27-BB51-772859B79389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Chase\HorizonChase.exe () [File not signed]
FirewallRules: [{1A810E88-A3C7-4F05-954B-1F2CCB5B693B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Chase\HorizonChase.exe () [File not signed]
FirewallRules: [{EC66A4A5-32E0-4599-B8CF-DB48468AF19E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{9FFCB60E-F490-49E0-B4F8-765FE115F4D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{B1469138-C7F4-474A-A4BB-47DCA49DCBE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club™ 2019 Featuring PGA TOUR\golf.exe () [File not signed]
FirewallRules: [{858014CD-3CBA-4A28-A685-D7058C2256F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club™ 2019 Featuring PGA TOUR\golf.exe () [File not signed]
FirewallRules: [{5FE6B7E3-733B-466F-A951-654EB9E90472}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{F0A67173-9568-4D8C-A48D-03523C39D76C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{F12C3144-1DBA-4A78-B57C-589CFAB1A595}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9E89380-1E18-4745-A222-F720362AE3AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3A6E036-96B4-4E8C-843F-1486663C1CE2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DBA475DE-A14C-46DA-AFD4-DDF7FBF97CFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3219CB77-39C7-4DC7-B6E5-861C4C60479B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6973454A-7565-42D6-B573-26193810A87D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1FC3720A-6E56-4A9F-91D4-9DE9F0986AC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{989F9620-8E86-4D69-8DBD-0AB320E16BB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{AE9D7D20-5E69-4375-8877-7EDB7B8F719B}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [{FFA532FD-EC0F-4667-885E-619A67D8D4C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsXHD\Launcher.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{6AC96EC4-7151-4830-A8CE-7DBF54EA79AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsXHD\Launcher.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{D6B6C680-0DB9-4E08-8F9A-B4E49311D203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed]
FirewallRules: [{A8F8C115-D6D3-4446-A0B4-CB747C918573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed]
FirewallRules: [{2B949169-F9B8-4377-BC61-D99656441E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe (Team17 Software Ltd.) [File not signed]
FirewallRules: [{F32AA21E-04E3-49AC-B9E4-3E93BBF63289}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe (Team17 Software Ltd.) [File not signed]
FirewallRules: [{BEFDC089-41C2-4364-B6A9-B6525F4C6498}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Pinball\mmlauncher.exe () [File not signed]
FirewallRules: [{66D78012-91DF-422B-ABAB-B9E6839ECDC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Pinball\mmlauncher.exe () [File not signed]
FirewallRules: [{09A0E1E8-72D6-4C41-9F1F-2E6BD187DBBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe (Team17 Software Ltd.) [File not signed]
FirewallRules: [{ABE42084-1CAC-4FEC-8E18-B127BFCEBA55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe (Team17 Software Ltd.) [File not signed]
FirewallRules: [{1878C0CC-9F7B-4C50-A4DD-783E2A34C38F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe () [File not signed]
FirewallRules: [{EA40956A-E48B-4D04-BE94-DAE99855649C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe () [File not signed]
FirewallRules: [{BAFB1DAF-989B-4F1C-AF29-CB6F78450A67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Blast\main.exe () [File not signed]
FirewallRules: [{5A9D3FFA-BCEB-43BC-8613-26D20178FEB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Blast\main.exe () [File not signed]
FirewallRules: [{7ED19AE9-72B5-411D-AD3C-67A74DFB9B4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{0A250CB6-F7F0-46E3-9045-C224582B3DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{DA9098BF-8CF7-4305-8778-733EDD807AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{54FC8E85-0803-4564-9F1D-7FAA654ECF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{25718470-AE9F-447E-A1C7-4C071C7FD1BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{B88DF9DA-E654-4713-9BF4-A80627B5DD86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{08FBB44C-848B-4974-929C-2925514D37A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{AD6C741D-29A6-4508-BFB2-CFDDC18AE95F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{62C767A2-9837-441B-8DD5-89C0B59252BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rapture Rejects\rr-windows-client.exe () [File not signed]
FirewallRules: [{99568C0A-98BD-4C2F-9CA9-902B755055A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rapture Rejects\rr-windows-client.exe () [File not signed]
FirewallRules: [{73390D01-06B4-4596-A36A-F4AD182AAD5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Highrise\Game.exe () [File not signed]
FirewallRules: [{5C2E76EE-D889-40A7-B0FA-F2ABAF7BAFF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Highrise\Game.exe () [File not signed]
FirewallRules: [{93A75B35-79E7-4FC2-8C17-62D36A4DB7B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{3676DA7A-DCDB-4921-BCDF-A5E34262808D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{F2456DB1-79C4-499E-A6AF-8B1819F09166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{37FAA76B-6F7C-4BED-A07C-43F8F5CB8311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{7B00BC78-49CC-437C-96D5-7636AD7DB6EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked\Overcooked.exe () [File not signed]
FirewallRules: [{4B10744F-377C-4564-BCF2-F31C214EBECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked\Overcooked.exe () [File not signed]
FirewallRules: [{90D22F26-7E8E-40FC-BFF6-864B67FD1B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oriental Empires\Oriental Empires.exe () [File not signed]
FirewallRules: [{34A88E8B-8ED9-4234-A5C2-57912B80E698}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oriental Empires\Oriental Empires.exe () [File not signed]
FirewallRules: [{93B07859-0F87-43E5-9824-F25CF22D90EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe () [File not signed]
FirewallRules: [{D6E13FDE-EEDA-4BA3-AFE8-5D975FD3EA93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe () [File not signed]
FirewallRules: [{4FE1FC97-C427-410C-8D0A-8A07E78542E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gremlins\Gremlins_Inc.exe () [File not signed]
FirewallRules: [{8B5E1404-DAD0-4C86-A688-DF894F2C54AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gremlins\Gremlins_Inc.exe () [File not signed]
FirewallRules: [{9CAD2AC6-836F-41D2-B1DA-712B33CAAC62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gremlins_vs_Automatons\Gremlins_vs_Automatons.exe () [File not signed]
FirewallRules: [{75421D2D-F5AA-4DDA-A139-1B6DC641FBD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gremlins_vs_Automatons\Gremlins_vs_Automatons.exe () [File not signed]
FirewallRules: [{AF75FF76-BC24-440F-89EA-369C0ABA9B3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{5A36F67D-4176-447D-82C1-64FAD51138E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{BED91B6D-E0AC-4947-8662-8D90B1BAE9BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheGolfClub2\golf.exe () [File not signed]
FirewallRules: [{FFB3CF21-A0ED-42D5-96F5-5D468D13ABD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheGolfClub2\golf.exe () [File not signed]
FirewallRules: [{C0F57DBE-98E4-48F4-8A65-3C5311E98A7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheGolfClub\golf.exe () [File not signed]
FirewallRules: [{D024D540-5FC5-497D-A9A1-7C4AE816B9AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheGolfClub\golf.exe () [File not signed]
FirewallRules: [{5F9510AA-1F11-4C1D-9B79-097C868FB69C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [{B92D3797-58F7-472E-8970-C45AA2CD0034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IX\FF9_Launcher.exe () [File not signed]
FirewallRules: [{F417D010-3976-40F9-B659-0216FF42EC68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{2DC18DF6-CFBA-4853-B726-B6B22FF9F693}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{10694CF6-99A8-4E5F-9A42-4E5420CB11CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{A8779AB3-56EE-4287-818E-0420A8C69329}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6.exe () [File not signed]
FirewallRules: [{C0282C58-EB61-44F3-96B9-3FB09DF369D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{64EA953C-34A2-42C2-A86A-5FFBFB5C9605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy 6\FF6_Launcher.exe () [File not signed]
FirewallRules: [{CFD6B10E-FF60-49EC-82B7-70ABC9023043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY V\FFV_Launcher.exe () [File not signed]
FirewallRules: [{E7B822A0-0B78-4948-AC16-B49232E3AF73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY V\FFV_Launcher.exe () [File not signed]
FirewallRules: [{45FABC66-C257-4C77-8425-BCFD67F0AADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IV THE AFTER YEARS\FF4A_Launcher.exe (SQUARE ENIX CO.) [File not signed]
FirewallRules: [{6686C7F5-7F3E-4716-81F7-5D208EE9C938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY IV THE AFTER YEARS\FF4A_Launcher.exe (SQUARE ENIX CO.) [File not signed]
FirewallRules: [{3C720EB2-EEA4-4CB2-A64E-D988E4ECAD80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{E926125B-2893-48FB-83D9-7BB21C77D29B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy IV\FF4_Launcher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{140CA4B3-E277-43D3-A2C3-C1E65EA819E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [{A03332FA-03C1-4BAD-BC31-80C40035503D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [{B7ED0C75-F4A8-46A6-BA06-DAEDA9774F9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]
FirewallRules: [{B7037109-8DF6-4C44-98D3-56E1E39BC557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]
FirewallRules: [{32E9151C-7779-41E6-8F37-4A2EAC90B855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe () [File not signed]
FirewallRules: [{B68D746D-ABB9-4546-B281-07E8433DBFAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe () [File not signed]
FirewallRules: [{0D98E5FD-EAC5-433A-B53E-67CBA9FF2AB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{BE54BC6E-7AD1-4EC4-AF22-C7D2B259DCA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{B6C15EF1-7048-47F3-8938-B4E4F276DBA5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{50CFDFC7-4B5F-4B4B-9220-79EA89D2F0BE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{542F49D7-3683-4949-BE80-74D06F6B261B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{FFE22E5E-5BEB-4418-9D4F-FB95DE25EC0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{7FCA8B18-C33A-47C6-BB3E-75B5F7A1D512}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Caesar 4\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{FFE8CDBF-660B-4526-904F-BB41FDCD7B4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Caesar 4\SierraLauncher.exe (Vivendi Universal Games) [File not signed]
FirewallRules: [{262211FC-46B3-4525-89C3-2B8D7506BF61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{33A1B64C-18CF-4DA1-B609-301A31EE9CCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{321B35E4-AAC6-40FD-96D1-7D95B4EFE51C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe (Microsoft Corp) [File not signed]
FirewallRules: [{270D9A20-A2D9-46FA-9D5B-07ED624ECB98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe (Microsoft Corp) [File not signed]
FirewallRules: [{BF3170C3-D308-493C-A5AA-84FF39EBC0D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{F7194BE4-9E29-47EF-98B4-757F9AEDB6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{AC720BD8-7AD9-438B-A6F4-0145670833DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{DBFAC706-B695-4714-A344-AFE0BE2D51A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{DFF173CE-F891-42E4-9E17-933A4EE816DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFA0E8ED-77F6-4217-916F-5EE6DB55447E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FD206B7-5C18-467E-AF07-9CE171A56B16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{00E4BA6D-1B9A-41EE-8E08-ED9A08F73FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{FB34C460-CF87-4A01-A1CE-6663B2477E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{29AB0738-9A7C-47A9-BD28-41D05641AA69}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{16ACF70B-5F6D-43F5-A60E-EC02A87E5F99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{E6860ED7-ADFA-4D5E-A3C7-6A5DFDA95B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{4A4A8583-DEE0-4C9C-8271-637B17B3293B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0E2530A-730B-4B9F-9293-76A10180541A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3A56FB5-B04B-421E-82A3-3BF34B601E57}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2ACAD01-4188-4C8D-8C68-9E72B089B175}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97BF88FB-9395-439F-A3F4-BED5D2784CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{AF99456E-D7A1-4118-97A4-3F077AA6EF42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{56C7A3DD-94AB-4471-BC79-406729B57F5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{268EB09B-5F34-46DD-A8C3-170AC15AA7AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{FA4E4C75-B1C0-4871-A886-D93176D8B1F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{5322AE92-128E-4126-A476-D36571B92A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{B4FF043A-4AD9-4325-B0B1-67D1A999F440}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{2FC07729-F410-420E-BA73-F40B6A250DDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BEB30FFF-EBA4-4D85-9523-C78F4674C082}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{AD00D685-AF6E-4510-B97B-94AE83A24050}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\hl32\hl.exe () [File not signed]
FirewallRules: [{23272080-D056-4F74-B350-3052D2E9225F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\hl32\hl.exe () [File not signed]
FirewallRules: [{1368AE7C-E25A-4E54-AFAD-25630603EB93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [{8BCBF37C-D6A4-4E34-8F2E-C4312B8FEEAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [{86793C04-C62D-4099-B22E-B5E31EF82902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{CA7CAB6C-6AB9-4901-8360-BBEF04DC5ECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{8046D3F1-7E58-4A16-92C1-BCE3F2DA7AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [{B2904A2F-C28D-44D4-A8DC-A9227E36D34C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [{CB0B58CD-1D34-49D3-8875-D7ED2987424B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7940EC6-EC13-48DA-82E6-F5771123113F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{108B8B18-3BE8-4A2B-A81D-4C06D03BB873}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{0F299B8A-7445-4C25-9D7B-D893682409EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{1D310CDE-09F9-4673-BC1B-46A90BFDF4D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{6EFBF42E-50FE-43B9-B475-A85FFF0C6B7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{9D90551A-3DF2-4EB4-8616-FC5D3164BA58}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{56688DC9-43E1-4B7A-B713-4C87C33B0B66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{CDC1C4E3-98DE-4D37-899E-EBC01DF6AA79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{A021885E-46B6-4152-AB17-861516479809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2EFE2443-613C-424E-BBED-FE281CD12273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F8B17B4E-2159-40B8-B554-C19E2E812F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{D4F17538-B085-4C8A-ABD4-130AEC194BC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{48C16BAB-7141-4BD0-9686-F5B9A331FC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{27667228-8A88-47C5-9725-6A15B768FC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{64FCC141-F7EC-44A6-893E-7DFADC97BB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCB109D0-6D70-4715-9A75-B49381EC19AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

09-10-2021 01:34:38 Installed West Somerset Members Edition version 2.2
11-10-2021 01:10:26 Installed UKTS Freeware Pack - UK Class 47
17-10-2021 00:22:59 Installed UKTS Freeware Pack - UK Modern Diesel and Electric #1
24-10-2021 05:53:32 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Realtek Audio
Description: Realtek Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm QCA9377 802.11ac Wireless Adapter
Description: Qualcomm QCA9377 802.11ac Wireless Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: Qcamain10x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (10/23/2021 12:47:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (10/19/2021 09:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_shell32.dll, version: 10.0.19041.746, time stamp: 0xfb4a9a6b
Faulting module name: shell32.dll, version: 10.0.19041.844, time stamp: 0xdf149a06
Exception code: 0xc0000005
Fault offset: 0x0000000000568fc9
Faulting process id: 0x6bf4
Faulting application start time: 0x01d7c26bf063778d
Faulting application path: C:\WINDOWS\System32\rundll32.exe
Faulting module path: C:\WINDOWS\System32\shell32.dll
Report Id: 902be851-9d06-4985-9dee-6b2b4364de64
Faulting package full name:
Faulting package-relative application ID:

Error: (10/18/2021 12:57:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RailWorks.exe, version: 0.0.0.0, time stamp: 0x61559f6f
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x6294
Faulting application start time: 0x01d7c3db2c1a91d8
Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
Faulting module path: C:\Program Files (x86)\Steam\steamapps\common\RailWorks\OpenAL32.dll
Report Id: 3e362969-9c08-40de-a76b-8ef1318f5bb2
Faulting package full name:
Faulting package-relative application ID:

Error: (10/16/2021 04:58:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.19041.844, time stamp: 0x5d74feca
Faulting module name: SHELL32.dll, version: 10.0.19041.844, time stamp: 0xdf149a06
Exception code: 0xc0000005
Fault offset: 0x0000000000568fc9
Faulting process id: 0x12e4
Faulting application start time: 0x01d7c008c8d31632
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\System32\SHELL32.dll
Report Id: bafe8472-6791-42d3-92ca-bf30d5be6e61
Faulting package full name:
Faulting package-relative application ID:

Error: (10/13/2021 09:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RailWorks.exe, version: 0.0.0.0, time stamp: 0x61559f6f
Faulting module name: OpenAL32.dll, version: 1.20.1.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000247d3
Faulting process id: 0x47e4
Faulting application start time: 0x01d7c099637e8644
Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
Faulting module path: C:\Program Files (x86)\Steam\steamapps\common\RailWorks\OpenAL32.dll
Report Id: 558d89e8-8261-497b-9c98-ca1c7d787668
Faulting package full name:
Faulting package-relative application ID:

Error: (10/13/2021 03:59:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 92.0.0.7916 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: a64

Start Time: 01d7b08fe196c9b7

Termination Time: 4294967295

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 52e64b30-2488-4c2f-8be6-cb74542f3f0b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/13/2021 03:57:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 94.0.4606.61 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 779c

Start Time: 01d7b748987fe15e

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 1193929b-369e-4ba6-8cc6-d5e89ba12f69

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (10/11/2021 04:10:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.19041.844, time stamp: 0x5d74feca
Faulting module name: SHELL32.dll, version: 10.0.19041.844, time stamp: 0xdf149a06
Exception code: 0xc0000005
Fault offset: 0x0000000000568fc9
Faulting process id: 0x22a4
Faulting application start time: 0x01d7b04587886b49
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\System32\SHELL32.dll
Report Id: f6eac4bf-df0a-49ab-bf1c-193a8946a5f1
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (10/23/2021 09:34:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/23/2021 09:34:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (10/23/2021 09:30:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NcbService service terminated with the following error:
A device attached to the system is not functioning.

Error: (10/23/2021 09:30:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:02:04 AM on ‎10/‎23/‎2021 was unexpected.

Error: (10/13/2021 04:04:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/13/2021 04:04:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (10/13/2021 04:00:17 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1069" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (10/13/2021 04:00:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Update service failed to start due to the following error:
The service did not start due to a logon failure.

==================== Memory info ===========================

BIOS: Dell Inc. 2.4.0 06/16/2020
Motherboard: Dell Inc. 0PXWHK
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 48%
Total physical RAM: 24461.93 MB
Available physical RAM: 12703.53 MB
Total Virtual: 28045.93 MB
Available Virtual: 5572.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.54 GB) (Free:71.39 GB) NTFS

\\?\Volume{30f257e0-2762-45f0-b0f3-cb46b5ecb82d}\ () (Fixed) (Total:0.48 GB) (Free:0.05 GB) NTFS
\\?\Volume{765d10cd-62d4-4e91-8f00-0b35d013c739}\ (Image) (Fixed) (Total:12.62 GB) (Free:0.15 GB) NTFS
\\?\Volume{39ee6c9a-8870-4a20-abb3-eed6011cf833}\ (DELLSUPPORT) (Fixed) (Total:1.1 GB) (Free:0.24 GB) NTFS
\\?\Volume{f8003ea9-48ae-4945-a26a-401b9e214df3}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0AD8B915)

Partition: GPT.

==================== End of Addition.txt =======================

DR M · Oct 28, 2021

I've removed entries I know are safe due to the large number of entries related to them

Cyclone,

If you mean that you removed entries from the logs, please post the original logs again. It is very important for us to review them as a whole and not as a part.

Cyclone · Oct 28, 2021

DR M said:
Cyclone,

If you mean that you removed entries from the logs, please post the original logs again. It is very important for us to review them as a whole and not as a part.

The lines removed were many downloads from the same site in the FRST file. Things like "2021-10-21 17:15 - 2021-10-21 17:33 - 045798214 _____ C:\Users\Cyclone\Downloads\UKTS_40497_crosscity_class_323_and_class_350_ex_lm.zip". Other than that, everything is there and other sections are not touched. The reason for deleting them is because I'm backing these files up to a different location on a different disk and thus they are not relevant until I use them. The game that relates to has a lot of content out there, so I've been busy in the last months on many sites downloading things, though I've tapered off in the last month (or that list would have been WAY larger and with more sites listed).

DR M · Oct 28, 2021

I will ask you to post the original logs, so I can help you.

Sometimes something we consider as not important, may be the cause for an issue.

Cyclone · Oct 28, 2021

It isn't, because this issue was happening before I even downloaded things for that game. Bought the game from Humble in February 2020 and the issue's been happening since the end of 2019, started downloading from the site only in March 2021. But fair enough.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Cyclone (administrator) on DESKTOP-E5ARDFG (Dell Inc. Inspiron 5680) (28-10-2021 05:39:15)
Running from C:\Users\Cyclone\Desktop
Loaded Profiles: Cyclone & _ashbackuppb_
Platform: Microsoft Windows 10 Home Version 2004 19041.867 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\oxHelper.exe <2>
() [File not signed] C:\Users\Cyclone\Desktop\TS-MOD\TS-Mod-20e.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupClient-abpb.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupService-abpb.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtbnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Daniel Terhell -> Resplendence Software Projects Sp.) C:\Program Files\LatencyMon\LatMon.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\Update\DellUpdate.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Discord Inc. -> Discord Inc.) C:\Users\Cyclone\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <72>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hugh Bailey -> ) C:\Program Files\OBS Studio\obs-plugins\64bit\obs-browser-page.exe <3>
(Hugh Bailey -> OBS) C:\Program Files\OBS Studio\bin\64bit\obs64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\NVDisplay.Container.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-06] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-10-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2019-05-23] () [File not signed]
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupClient-abpb.exe [327048 2020-04-09] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9244648 2017-11-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502704 2017-11-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Run: [Discord] => C:\Users\Cyclone\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-694022469-645203875-878927492-1001\...\Policies\system: [DisableLockWorkstation] 0
HKLM\...\Print\Monitors\HP E811 Status Monitor: C:\Windows\system32\hpinkstsE811LM.dll [393344 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E308853-EFFE-4BE3-80C7-BE3E498216F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {4381D7AA-9182-445A-A1FB-E539F4F7F748} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4558BF1E-9603-42A4-8EA0-725728BF7485} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4BD237B3-B712-455C-9DE1-C96E3E0404EC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {589286F6-4CC8-4B87-A005-E2963C764B16} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
Task: {5B8951CC-8003-4634-A51E-095965E344A2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
Task: {6B3EBCB6-5745-4513-A9C1-3D9ED2AED818} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {729675AE-8A03-41ED-BC4A-CA78E88B095E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7428C49C-6017-4A9E-A046-D540B0F86DA8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {81B1B7E4-7CDE-4795-A618-834B7196FC77} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {94F736A4-1007-4856-AACE-90C065337CEC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {96106FA8-20F6-43F8-9EB1-A206131E8F98} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {A2E4A650-73E2-4D0D-8FF1-E1CDC5575096} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-18] (Google Inc -> Google Inc.)
Task: {AEFF6AE0-345F-4BE0-8F53-B6F15AC2233A} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [957528 2021-10-08] (Bitdefender SRL -> Bitdefender)
Task: {B0CFF7F3-F41E-4A1D-BFB8-806AF1F72C64} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {C66AD265-AEFA-4F62-8F9A-DE47CF6EB0ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CD6A1764-2376-47C0-8672-8E97CC332B54} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [36440 2020-04-10] (Rivet Networks LLC -> DELL)
Task: {E0503FCD-96A7-44C0-95AD-145305E87A28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-18] (Google Inc -> Google Inc.)
Task: {E4F52C8B-8C36-462C-B6AB-2DDE52020B16} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {E51987B5-14A0-4D18-A8A7-04E1F1A1F41C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {E60AC39A-C0A9-4D56-A7F9-6256AB823682} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {E9F499BD-ECA0-483B-834D-E0E918479B13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB7E1341-2F78-4D7C-BE6B-C25EAC401502} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {F77E481B-88D2-4695-9BBC-42D64BD2144D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task: {FA4E846B-A49D-429C-B585-16E3F3A8AA23} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3348a716-906e-4432-aee4-05f83c6abf0f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{56e5f99e-e89a-452a-b12c-bd14d6a24dfc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{56e5f99e-e89a-452a-b12c-bd14d6a24dfc}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\Cyclone\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-26]

FireFox:
========
FF DefaultProfile: h610ut60.default
FF ProfilePath: C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default [2021-10-28]
FF Homepage: Mozilla\Firefox\Profiles\h610ut60.default -> about:blank
FF Session Restore: Mozilla\Firefox\Profiles\h610ut60.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\h610ut60.default -> hxxps//www.start.ca
FF Extension: (uBlock Origin) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\uBlock0@raymondhill.net.xpi [2021-10-23]
FF Extension: (Twitch Downloader) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{452d0fe4-e428-4f43-aa9a-76432d0fc466}.xpi [2019-03-05]
FF Extension: (TTV ad-block) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{8119073b-9727-4455-8b87-89bbb89e8668}.xpi [2020-12-09]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-10-11]
FF Extension: (Video DownloadHelper) - C:\Users\Cyclone\AppData\Roaming\Mozilla\Firefox\Profiles\h610ut60.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-11-14]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-13] [UpdateUrl:hxxps//download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-11-01] [UpdateUrl:hxxps//download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-11] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default [2021-10-28]
CHR Notifications: Default -> hxxps//www.start.ca
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-18]
CHR Extension: (Docs) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-18]
CHR Extension: (Google Drive) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-18]
CHR Extension: (uBlock Origin) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-24]
CHR Extension: (Tampermonkey) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-01]
CHR Extension: (FrankerFaceZ) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-06-15]
CHR Extension: (Sheets) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-30]
CHR Extension: (Google Docs Offline) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-10-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Twitch - Remove Top Cheer) - C:\Users\Cyclone\AppData\Local\Google\Chrome\User Data\Default\Extensions\plhdimgjjobkjbdngkdfenkcdfipjhfc [2019-06-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 14\bin\backupService-abpb.exe [35208 2020-04-09] (Ashampoo GmbH & Co. KG -> )
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14288 2020-12-02] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-11-14] (McAfee, LLC -> McAfee, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [65096 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [65104 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2361952 2020-04-10] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1699480 2018-03-01] (GlavSoft LLC -> GlavSoft LLC.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [306776 2021-10-08] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-13] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_67eaef800e90954a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3414928 2021-08-13] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [802976 2021-04-19] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2021-05-20] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-26] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 CY3014.X64; C:\WINDOWS\system32\DRIVERS\CY3014.X64.SYS [3716280 2019-05-27] (Corsair Memory, Inc. -> )
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [133480 2017-06-22] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2019-05-23] (Elgato Systems LLC -> Elgato Systems GmbH)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-04-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-11-01] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-12-14] (Bitdefender SRL -> Bitdefender)
R3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [158552 2020-04-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-03-24] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 05:39 - 2021-10-28 05:40 - 000030419 _____ C:\Users\Cyclone\Desktop\FRST.txt
2021-10-28 05:36 - 2021-10-28 05:40 - 000000000 ____D C:\FRST
2021-10-28 05:34 - 2021-10-28 05:36 - 002310656 _____ (Farbar) C:\Users\Cyclone\Desktop\FRST64.exe
2021-10-27 22:45 - 2021-10-27 22:46 - 000523176 _____ C:\Users\Cyclone\Downloads\UKTS_40499_RIS063_DB70174_0922_Trier_to_Rinckenstadt.zip
2021-10-27 11:15 - 2021-10-27 11:15 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-10-27 11:11 - 2021-10-27 11:11 - 000000000 ___RD C:\Users\Cyclone\Documents\Scanned Documents
2021-10-27 11:11 - 2021-10-27 11:11 - 000000000 ____D C:\Users\Cyclone\Documents\Fax
2021-10-24 11:41 - 2021-10-24 11:41 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rail Simulator Packager Manager
2021-10-24 11:41 - 2021-10-24 11:41 - 000000000 ____D C:\Content
2021-10-24 11:40 - 2021-10-24 11:41 - 000000000 ____D C:\PackageUninstallInfo
2021-10-24 11:40 - 2021-10-24 11:40 - 000000000 ____D C:\Program Files (x86)\Rail Simulator
2021-10-24 11:40 - 2008-03-02 22:13 - 013701585 _____ C:\Users\Cyclone\Downloads\KRS-european_container_pack_by_newS_v2.rpk
2021-10-24 11:40 - 2008-01-28 03:37 - 000440909 _____ C:\Users\Cyclone\Downloads\packagesetup.exe
2021-10-24 11:09 - 2021-10-24 11:09 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2021-10-22 17:52 - 2021-10-22 21:48 - 324526355 _____ C:\Users\Cyclone\Downloads\UKTS_40118_class_390_virgin_pack.zip
2021-10-22 15:51 - 2021-10-22 17:20 - 000000935 _____ C:\Users\Cyclone\Desktop\Temp3a.txt
2021-10-22 07:59 - 2021-10-22 07:59 - 000512269 _____ C:\Users\Cyclone\Downloads\Back_Shift_-_Part_3_-_1D80_Newton_Stewart_to_Stranraer.rar
2021-10-22 04:30 - 2021-10-22 04:30 - 000555474 _____ C:\Users\Cyclone\Downloads\Back_Shift_-_Part_2_-_1D80_Dumfries_to_Newton_Stewart.rar
2021-10-22 04:29 - 2021-10-22 04:29 - 000091321 _____ C:\Users\Cyclone\Downloads\Stop_n_Start.rar
2021-10-21 17:15 - 2021-10-21 17:33 - 045798214 _____ C:\Users\Cyclone\Downloads\UKTS_40497_crosscity_class_323_and_class_350_ex_lm.zip
2021-10-21 17:14 - 2021-10-21 17:15 - 000470552 _____ C:\Users\Cyclone\Downloads\UKTS_40494_RIS062_DB32361_1828_Wildau_to_Trier_Hbf.zip
2021-10-21 17:14 - 2021-10-21 17:14 - 000397894 _____ C:\Users\Cyclone\Downloads\UKTS_40493_RIS061_DB32344_0819_Trier_Hbf_to_Wildau.zip
2021-10-21 17:13 - 2021-10-21 17:14 - 000782532 _____ C:\Users\Cyclone\Downloads\UKTS_40496_Snacktime_No_170_-_Cowdenbeath_Crowdbuster.zip
2021-10-21 17:12 - 2021-10-21 17:12 - 000156834 _____ C:\Users\Cyclone\Downloads\UKTS_40495_Snacktime_No_169_-_CodeBlue_Red_Train.zip
2021-10-21 17:11 - 2021-10-21 17:12 - 000212908 _____ C:\Users\Cyclone\Downloads\UKTS_36264_Snacktime_No_113_-_Exeter_Extras_(Redux).zip
2021-10-21 17:08 - 2021-10-21 17:08 - 000095198 _____ C:\Users\Cyclone\Downloads\DPS_PEC02.rar
2021-10-21 17:08 - 2021-10-21 17:08 - 000064229 _____ C:\Users\Cyclone\Downloads\DPS_PEC01.rar
2021-10-21 17:07 - 2021-10-21 17:07 - 002024775 _____ C:\Users\Cyclone\Downloads\DPS_PEC03.rar
2021-10-21 17:07 - 2021-10-21 17:07 - 000068716 _____ C:\Users\Cyclone\Downloads\DPS_PEC04.rar
2021-10-20 15:06 - 2021-10-20 15:06 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-694022469-645203875-878927492-1001
2021-10-20 15:06 - 2021-10-20 15:06 - 000002377 _____ C:\Users\Cyclone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-20 06:12 - 2021-10-20 06:14 - 000000000 ____D C:\Users\Cyclone\Desktop\LocoSwap
2021-10-20 06:12 - 2021-10-20 06:12 - 000000000 ____D C:\Users\Cyclone\AppData\Local\LocoSwap
2021-10-20 06:07 - 2021-10-20 06:07 - 003421942 _____ C:\Users\Cyclone\Downloads\LocoSwap-1.1.0.0(1).zip
2021-10-20 06:07 - 2021-10-20 06:07 - 001091248 _____ C:\Users\Cyclone\Downloads\LocoSwap-1.1.0.0-README-EN.pdf
2021-10-19 22:26 - 2021-10-19 22:26 - 029041794 _____ C:\Users\Cyclone\Downloads\166_GWR_v1.1 (1).zip
2021-10-19 21:10 - 2021-10-19 21:10 - 007345540 _____ C:\Users\Cyclone\Downloads\PBA_ECC.zip
2021-10-19 21:10 - 2021-10-19 21:10 - 002667102 _____ C:\Users\Cyclone\Downloads\PBA_Cleveland_Potash.zip
2021-10-19 21:08 - 2021-10-19 21:08 - 004003145 _____ C:\Users\Cyclone\Downloads\Class66Pack02_containers_rf72.zip
2021-10-19 21:04 - 2021-10-19 21:04 - 001566388 _____ C:\Users\Cyclone\Downloads\BritishGypsum_FEA.zip
2021-10-19 20:59 - 2021-10-19 20:59 - 004534086 _____ C:\Users\Cyclone\Downloads\GWRWagonPack3v11.zip
2021-10-19 20:58 - 2021-10-19 20:58 - 004402122 _____ C:\Users\Cyclone\Downloads\GWRWagonPack2.zip
2021-10-19 20:56 - 2021-10-19 20:56 - 004994719 _____ C:\Users\Cyclone\Downloads\GWRWagonPack1.rar
2021-10-19 20:34 - 2021-10-19 20:36 - 003628981 _____ C:\Users\Cyclone\Downloads\UKTS_34489_InterCity_125_-_Great_Western_Railway.zip
2021-10-19 20:18 - 2021-10-19 20:24 - 011825650 _____ C:\Users\Cyclone\Downloads\UKTS_34480_Class_166_-_Great_Western_Railway.zip
2021-10-19 19:31 - 2021-10-19 19:36 - 013657224 _____ C:\Users\Cyclone\Downloads\UKTS_35336_Class_360_-_Heathrow_Connect.zip
2021-10-19 15:58 - 2021-10-19 16:01 - 001925222 _____ C:\Users\Cyclone\Downloads\UKTS_35886_TEA.7z
2021-10-19 15:49 - 2021-10-19 15:52 - 001650209 _____ C:\Users\Cyclone\Downloads\UKTS_35820_43002.7z
2021-10-19 15:36 - 2021-10-19 15:46 - 006153057 _____ C:\Users\Cyclone\Downloads\UKTS_35072_HSTRepaints.7z
2021-10-18 17:04 - 2021-10-18 17:05 - 054061424 _____ C:\Users\Cyclone\Downloads\Class_319-325_Sound_Pack_Extra_Stock.zip
2021-10-17 07:56 - 2021-10-17 07:56 - 004533645 _____ C:\Users\Cyclone\Downloads\VIA_F40PH.zip
2021-10-17 07:55 - 2021-10-17 07:55 - 010356226 _____ C:\Users\Cyclone\Downloads\ViaRailP42DCPack.zip
2021-10-17 06:51 - 2021-10-17 08:53 - 000011645 _____ C:\Users\Cyclone\Desktop\Temp2.txt
2021-10-17 01:46 - 2021-10-17 01:46 - 000002452 _____ C:\Users\Public\Desktop\Browse Manuals.lnk
2021-10-17 01:09 - 2021-10-17 01:09 - 000000000 ____D C:\Program Files (x86)\UKTS
2021-10-17 00:34 - 2021-10-17 00:34 - 000166002 _____ C:\Users\Cyclone\Downloads\UKTS_37128_Snacktime_No_140_-_Rock_on_Toffee_(Redux).zip
2021-10-16 22:30 - 2021-10-16 22:31 - 000861877 _____ C:\Users\Cyclone\Downloads\UKTS_40492_Snacktime_Redux_-_Normality_99_Part_3a.zip
2021-10-16 22:20 - 2021-10-16 22:26 - 009295007 _____ C:\Users\Cyclone\Downloads\UKTS_35450_Class158_three_Liveries.zip
2021-10-16 22:13 - 2021-10-16 22:14 - 004853496 _____ C:\Users\Cyclone\Downloads\UKTS_40491_MJA_Twin_Box_Wagon_repaints.zip
2021-10-16 22:03 - 2021-10-16 22:11 - 012217197 _____ C:\Users\Cyclone\Downloads\UKTS_40490_Blue_Pullman_Preserved.7z
2021-10-16 22:02 - 2021-10-16 22:02 - 000220178 _____ C:\Users\Cyclone\Downloads\UKTS_37568_Glastonbury_Festival_Extras_(Encore_2021).zip
2021-10-16 22:02 - 2021-10-16 22:02 - 000156197 _____ C:\Users\Cyclone\Downloads\UKTS_35479_Snacktime_No_101_-_With_a_Class_101.zip
2021-10-16 22:01 - 2021-10-16 22:01 - 000176154 _____ C:\Users\Cyclone\Downloads\UKTS_40489_Snacktime_No_168_-_Chasing_the_hills.zip
2021-10-16 22:00 - 2021-10-16 22:00 - 000498457 _____ C:\Users\Cyclone\Downloads\UKTS_40488_RIS060_DB64152_Saarlouis_t

berhausen.zip
2021-10-16 21:59 - 2021-10-16 21:59 - 000263185 _____ C:\Users\Cyclone\Downloads\UKTS_36716_Snacktime_No_126_-_TV_Tuner_(Retuned).zip
2021-10-16 21:58 - 2021-10-16 21:58 - 000191968 _____ C:\Users\Cyclone\Downloads\UKTS_40487_Snacktime_No_167_-_The_Barrman.zip
2021-10-16 21:52 - 2021-10-16 21:56 - 012505086 _____ C:\Users\Cyclone\Downloads\UKTS_40486_47901.7z
2021-10-16 19:32 - 2021-10-16 19:32 - 000000000 ___HD C:\$WinREAgent
2021-10-16 08:05 - 2021-10-16 08:16 - 012383991 _____ C:\Users\Cyclone\Downloads\UKTS_35339_TS16_Northern_Class_318.rar
2021-10-16 07:59 - 2021-10-16 08:01 - 002767380 _____ C:\Users\Cyclone\Downloads\UKTS_35755_Class_318.zip
2021-10-16 07:50 - 2021-10-16 07:51 - 004283070 _____ C:\Users\Cyclone\Downloads\UKTS_21827_Class58a_v1.zip
2021-10-16 07:23 - 2021-10-16 07:28 - 006885182 _____ C:\Users\Cyclone\Downloads\UKTS_26084_cl58rw_1az.zip
2021-10-16 06:00 - 2021-10-16 06:17 - 014949401 _____ C:\Users\Cyclone\Downloads\UKTS_26641_cl455_8_1bz.zip
2021-10-16 05:59 - 2021-10-16 05:59 - 000078794 _____ C:\Users\Cyclone\Downloads\UKTS_28425_Class_318_SPT_re_skins_scenario_pack_v.1.1.zip
2021-10-16 05:42 - 2021-10-16 05:54 - 008871890 _____ C:\Users\Cyclone\Downloads\UKTS_26529_cl317_1rw_1az.zip
2021-10-16 05:20 - 2021-10-16 05:33 - 008908711 _____ C:\Users\Cyclone\Downloads\UKTS_26697_cl318_a2z.zip
2021-10-15 17:08 - 2021-10-15 17:09 - 022662834 _____ C:\Users\Cyclone\Downloads\Class_365-465-466_MC_Sound_Pack_Extra_Stock.zip
2021-10-15 16:53 - 2021-10-15 16:53 - 003262665 _____ C:\Users\Cyclone\Downloads\FCC2014 - Summer.rar
2021-10-14 06:49 - 2021-10-24 11:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-10-13 04:09 - 2021-10-26 15:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-13 04:02 - 2021-10-13 04:03 - 000013839 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000012038 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000010386 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-10-13 04:02 - 2021-10-13 04:02 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-10-13 03:56 - 2021-10-13 03:56 - 000002240 _____ C:\Users\Cyclone\Desktop\LOOK THIS UP LATER - Trat CZ - Ostrava Svinov - Zilina v.1.0.2020.10.31.txt
2021-10-13 03:56 - 2021-10-13 03:56 - 000000739 _____ C:\Users\Cyclone\Desktop\Newer DPS Cars.txt
2021-10-12 13:12 - 2021-10-12 13:13 - 000733214 _____ C:\Users\Cyclone\Downloads\UKTS_40485_Snacktime_No_166_-_A_Par_Four.zip
2021-10-10 20:43 - 2021-10-10 20:43 - 014348661 _____ C:\Users\Cyclone\Downloads\AP27_Extra_Stock.zip
2021-10-10 19:45 - 2021-10-10 19:46 - 000606897 _____ C:\Users\Cyclone\Downloads\UKTS_40484_Snacktime_No_165_-_Mediocre_Midland_Mover.zip
2021-10-10 19:42 - 2021-10-10 19:43 - 001408324 _____ C:\Users\Cyclone\Downloads\UKTS_40483_Snacktime_163_and_164_-_Drag_the_Long_Drag.zip
2021-10-09 17:13 - 2021-10-09 17:14 - 000551006 _____ C:\Users\Cyclone\Downloads\UKTS_40481_RIS059_DB53817_Hoch_Marzburg_to_Trier-Ehrang.zip
2021-10-09 17:12 - 2021-10-09 17:13 - 000618910 _____ C:\Users\Cyclone\Downloads\UKTS_40479_Snacktime_No_162_-_Ay_Aye_Captain.zip
2021-10-09 17:10 - 2021-10-09 17:11 - 000455853 _____ C:\Users\Cyclone\Downloads\UKTS_40478_Snacktime_No_161_-_Crompton_Marcher_Part_2.zip
2021-10-09 17:08 - 2021-10-09 17:09 - 000497475 _____ C:\Users\Cyclone\Downloads\UKTS_33969_Snacktime_No_49_-_Morecambe_Mishap_Redux(1).zip
2021-10-09 13:57 - 2021-10-09 14:06 - 002576741 _____ C:\Users\Cyclone\Downloads\UKTS_36908_Class66NamePack.zip
2021-10-09 13:37 - 2021-10-09 13:37 - 000005198 _____ C:\Users\Cyclone\Downloads\Class52_BrakeFix.zip
2021-10-09 01:35 - 2021-10-09 12:46 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteamSoundsSupreme
2021-10-09 01:35 - 2021-10-09 01:35 - 000000000 ____D C:\SteamSoundsSupreme
2021-10-09 01:32 - 2021-10-09 01:32 - 000908881 _____ C:\Users\Cyclone\Downloads\WSR 9351.pdf
2021-10-09 01:27 - 2021-10-09 01:30 - 632066741 _____ C:\Users\Cyclone\Downloads\West Somerset Members Edition Version 3.zip
2021-10-09 01:10 - 2021-10-09 01:10 - 000019325 _____ C:\Users\Cyclone\Downloads\somerset.txt
2021-10-07 14:14 - 2021-10-07 14:14 - 022348768 _____ C:\Users\Cyclone\Downloads\AP_Class_156_DMU_Pack_Extra_Stock.zip
2021-10-06 00:30 - 2021-10-23 09:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-05 02:00 - 2021-10-13 03:55 - 000017143 _____ C:\Users\Cyclone\Desktop\Temp.txt
2021-10-04 16:59 - 2021-10-04 17:26 - 021006602 _____ C:\Users\Cyclone\Downloads\UKTS_33697_Class_101_Green.rar
2021-10-04 16:59 - 2021-10-04 17:00 - 000497475 _____ C:\Users\Cyclone\Downloads\UKTS_33969_Snacktime_No_49_-_Morecambe_Mishap_Redux.zip
2021-10-02 00:45 - 2021-10-02 00:47 - 208623531 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1623636143.mp4
2021-10-02 00:45 - 2021-10-02 00:46 - 081599449 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1623632376.MP4
2021-10-02 00:45 - 2021-10-02 00:46 - 037892757 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1623636069.mp4
2021-10-02 00:34 - 2021-10-02 00:35 - 029267836 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1624596157.mp4
2021-10-02 00:33 - 2021-10-02 00:34 - 078506671 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1625170695.mp4
2021-10-02 00:33 - 2021-10-02 00:34 - 069675201 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1626928273.mp4
2021-10-02 00:33 - 2021-10-02 00:34 - 042684799 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1625147376.mp4
2021-10-02 00:33 - 2021-10-02 00:33 - 057513636 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1625147642.mp4
2021-10-02 00:32 - 2021-10-02 00:33 - 097110403 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1627782382.mp4
2021-10-02 00:32 - 2021-10-02 00:33 - 044622599 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1626930279.mp4
2021-10-02 00:32 - 2021-10-02 00:32 - 066481969 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1627075573.mp4
2021-10-02 00:31 - 2021-10-02 00:32 - 051360905 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1627782658.mp4
2021-10-02 00:31 - 2021-10-02 00:32 - 027462333 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1627782924.mp4
2021-10-02 00:31 - 2021-10-02 00:31 - 058668963 _____ C:\Users\Cyclone\Downloads\RPReplay_Final1627799560.mp4
2021-09-28 16:39 - 2021-09-28 16:44 - 006537233 _____ C:\Users\Cyclone\Downloads\Railfan_01.zip
2021-09-28 16:37 - 2021-09-28 16:39 - 001932752 _____ C:\UKTS_30832_Transmission_Lines.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 05:42 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-28 05:42 - 2019-01-18 14:50 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\Discord
2021-10-28 05:41 - 2019-01-18 14:51 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-28 05:35 - 2019-01-18 14:50 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Discord
2021-10-28 05:32 - 2021-03-11 04:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-28 04:42 - 2019-01-17 19:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-28 02:44 - 2021-07-29 16:39 - 005158167 _____ C:\Users\Cyclone\AppData\Roaming\tss-asset-cache.bin
2021-10-28 02:28 - 2021-04-07 06:02 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Downloaded Installations
2021-10-28 02:09 - 2019-01-17 20:09 - 000000000 ____D C:\Users\Cyclone\AppData\LocalLow\Mozilla
2021-10-27 11:15 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-27 09:51 - 2019-04-25 15:08 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-10-27 02:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-26 04:05 - 2019-01-17 15:22 - 000000000 ____D C:\Users\Cyclone\AppData\Local\Packages
2021-10-25 17:39 - 2021-03-28 21:08 - 000000000 ____D C:\Users\Cyclone\Desktop\Railworks
2021-10-24 11:10 - 2019-03-15 00:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-24 11:09 - 2019-01-17 20:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-23 09:35 - 2021-03-11 04:29 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-23 09:32 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-23 09:31 - 2021-03-11 04:22 - 000000000 ____D C:\Users\Cyclone
2021-10-23 09:30 - 2021-03-11 04:22 - 000000000 ____D C:\Users\_ashbackuppb_
2021-10-23 09:29 - 2021-03-11 04:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-23 09:29 - 2021-03-11 04:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-21 20:43 - 2019-01-18 14:24 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 20:43 - 2019-01-18 14:24 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-17 23:15 - 2020-02-22 20:06 - 000000000 ____D C:\Users\Cyclone\Desktop\Train Simulator 2020 Stuff
2021-10-17 00:36 - 2019-01-18 14:44 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\vlc
2021-10-13 09:03 - 2020-08-14 19:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-13 04:09 - 2019-01-17 20:09 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-13 04:00 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-09 21:30 - 2021-04-26 00:43 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d716507ef6bff9
2021-10-09 21:30 - 2021-03-11 04:32 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 13:37 - 2021-03-11 04:32 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 13:37 - 2021-03-11 04:32 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 21:40 - 2021-07-18 17:00 - 000000000 ____D C:\Users\Cyclone\Desktop\TS-MOD
2021-09-29 19:24 - 2019-02-05 09:48 - 000000000 ____D C:\Users\Cyclone\AppData\Roaming\obs-studio

==================== Files in the root of some directories ========

2021-07-29 16:39 - 2021-10-28 02:44 - 005158167 _____ () C:\Users\Cyclone\AppData\Roaming\tss-asset-cache.bin
2020-06-02 17:47 - 2020-06-02 17:47 - 000000017 _____ () C:\Users\Cyclone\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

DR M · Oct 28, 2021

Cyclone,

I have reviewed your logs and I have some tips for you, but please first write clearly about the specific issues you are dealing with in the form

1. ............

2. ...........

Cyclone · Oct 28, 2021

Let's see if I can list this properly.

1. Computer starts out running fine. Over time, the audio starts to degrade with computer use. Clicks and pops are found in the audio when I try to play videos on Youtube, and Twitch also seems to not work properly. This generally starts happening within a couple of days, but has taken up to two weeks at times with little audio/video usage of the computer.

2. When I close the browsers even to play local video, my local video also starts to stutter and emit clicks and pops in the audio. Happens in iTunes too, so I don't use music on the PC at this time (collection too large anyway, I'd have to be selective now). With everything else closed and only background processes running besides the program in question, at this point I am certain that it's a problem in the running of the computer itself.

3. Visiting Twitch at any point and leaving the site up (maybe even closing it quickly doesn't help, not sure) seems to accelerate the problem for some reason. Even with the support portal up for less than 24 hours, clicks and pops started en masse.

4. On more than one occasion, the computer itself starts to lag. The clicks and pops on audio are at their worst at this phase and my typing results in many key presses being skipped because the computer is not properly processing my keyboard input against everything it's trying to handle in the background.

5. I've heard choppy game audio while playing games, too. Played ETS2 and went to drive the truck for a bit, but noticed loud popping in my headset and had to quit because it was not fun to listen to.

6. Discovered during planned video editing yesterday, I have discovered that playing a game with the DPC latency occurring (even if not clicking and popping yet) causes game audio to go out of sync with both the video and my commentary, which are both still synced properly, meaning desktop audio (as OBS would refer to it) is being separated from microphone audio and video, which stay together. During one session, my first scenarios played sound fine, but by the time I get to the last recordings, the audio is way off and it's not presentable as-is, meaning a complete redo. For several scenarios, this is hours of repeat playing.

I have found on my laptop (can't seem to repeat the search now) a page of 25 background processes that are known for slowing down your computer. I'll edit it in here from the laptop (EDIT: I can't find it now for some reason). I don't know if the suggestion includes disabling any of them, but if you know of any general culprits, I can focus on those first. BTW, you likely noticed the Wifi was turned off, I'm connected to the Ethernet and thus it was a planned experiment to disable the Wifi adapter I'm not using, though I can also turn it back on if necessary. I am trying to think if there's anything else to add to this, but the general gist of the problem that occurs every time - whether watching video, listening to music, whatever - is bad audio, specifically desktop audio..

DR M · Oct 28, 2021

What I see in your logs, possibly related to the audio issue, is that IntcAzAudAddService is not started.

These lines are taken from your logs:

Name: Realtek Audio
Description: Realtek Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Have you tried to troubleshoot the service and update the drivers?

======================

Apart from the above, I see that you have BitDefender installed as well as McAfee WebAdvisor. And there is also the built-in Windows 10 antivirus, Microsoft Defender which is disabled because of the BitDefender's presence.

What I recommend, is to uninstall McAfee, since there are is no need for a second 3rd party security program. Have in mind that several times users report issues due to the presence of 3rd party antivirus in Windows 10. Perhaps this can nothing to do with your issue, but you never know. There is also the McAfee® Personal Security application installed.

To uninstall McAfee:

1. McAfee Web Advisor

Download the Revo Uninstaller (Free Download) and save it on your Desktop.
Double click on the exe file created on your Desktop to run the installer, and follow the instructions to install the program.
Double click the program's icon to open it.
Write in the search area, on the top left, the following program:

Code:

McAfee

Choose the Uninstall tab from the menu and let the program to create a Restore point.
Choose Scan, and then the Advanced mode scan.
Select all the Sophos Anti-Virus items found, Delete and Next.
Let the procedure be completed and click on Finish.
Restart the computer.

2. McAfee® Personal Security

Click on the Start icon, find McAfee® Personal Security, right click on it and choose Uninstall.
Restart.

========================

If the problem persists after doing the above (updating audio drivers, enable the related service, uninstall McAfee), and since you are still running version 2004, meaning two major Windows updates (the latest one is 21H1), I recommend you to go on for an in-place upgrade. This will reinstall and update the operating system and fix any possible corruptions, without removing any file or program.

To do an in-place upgrade:

Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
Save the tool on your Desktop and double click to run it.
On the License terms page, if you accept the license terms, select Accept.
On the What do you want to do page, select Upgrade this PC now, and then select Next.
Follow the instructions and select Keep personal files and apps, when you are asked to.
It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

Let us know about what you did and if the problem is resolved. Hopefully it will be resolved.

Cyclone · Oct 28, 2021

DR M said:
What I see in your logs, possibly related to the audio issue, is that IntcAzAudAddService is not started.

These lines are taken from your logs:

Name: Realtek Audio
Description: Realtek Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Have you tried to troubleshoot the service and update the drivers?

I should explain that. There are two Realtek setups for some reason.

DR M said:
======================

Apart from the above, I see that you have BitDefender installed as well as McAfee WebAdvisor. And there is also the built-in Windows 10 antivirus, Microsoft Defender which is disabled because of the BitDefender's presence.

What I recommend, is to uninstall McAfee, since there are is no need for a second 3rd party security program. Have in mind that several times users report issues due to the presence of 3rd party antivirus in Windows 10. Perhaps this can nothing to do with your issue, but you never know. There is also the McAfee® Personal Security application installed.

To uninstall McAfee:

1. McAfee Web Advisor

Download the Revo Uninstaller (Free Download) and save it on your Desktop.

Double click on the exe file created on your Desktop to run the installer, and follow the instructions to install the program.

Double click the program's icon to open it.

Write in the search area, on the top left, the following program:

Code:

McAfee

Choose the Uninstall tab from the menu and let the program to create a Restore point.

Choose Scan, and then the Advanced mode scan.

Select all the Sophos Anti-Virus items found, Delete and Next.

Let the procedure be completed and click on Finish.

Restart the computer.

Unable to do it this way. I had Revo Uninstaller before on a free trial. Unless there is a way to reset the free trial, I cannot run the program without paying for an activation - which is something I can't really do right now. However, I CAN get Ashampoo Uninstaller 9 out of a Humble bundle I picked up in 2020. I'm just not sure how good it is for this purpose.

Also, there is some bad history with McAfee. I have, in the past, had my mother decide to install a full McAfee suite to a Windows 98 computer I owned at the time, against my wishes, and it slowed down the computer. Badly. I eventually tried to uninstall it, and managed to screw up the system. Thanks, Mom. I lost all my files at the time, including my music collection, which I had to start over. So uninstalling McAfee is a scary process to me now, and I don't know WHY it was installed in the first place because I never agreed to it this time AFAIK.

DR M said:
2. McAfee® Personal Security

Click on the Start icon, find McAfee® Personal Security, right click on it and choose Uninstall.
Restart.

========================

If the problem persists after doing the above (updating audio drivers, enable the related service, uninstall McAfee), and since you are still running version 2004, meaning two major Windows updates (the latest one is 21H1), I recommend you to go on for an in-place upgrade. This will reinstall and update the operating system and fix any possible corruptions, without removing any file or program.

To do an in-place upgrade:

Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.

Save the tool on your Desktop and double click to run it.

On the License terms page, if you accept the license terms, select Accept.

On the What do you want to do page, select Upgrade this PC now, and then select Next.

Follow the instructions and select Keep personal files and apps, when you are asked to.

It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.

After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

Let us know about what you did and if the problem is resolved. Hopefully it will be resolved.

I can do the Personal Security uninstall, but it seems I would need to do the other first. I am at the point where repairing the system files might be what needs to be done, so I could even try that upgrade now, and if it works, maybe I can just disable Web Advisor?

DR M · Oct 28, 2021

Realtek Audio

Can you right click and update the Realtek Audio drivers? What you can see when you right click the driver with the yellow triangle and select Properties?

McAfee

Use my instructions to use the portable version of Revo which doesn't need installation. Revo uses the program's uninstaller first, and then searches for other remnants, so I prefer it in cases I want to be sure that everything is uninstalled. Also uninstall the McAfee application as instructed above. The order to do that doesn't matter.

In-place upgrade

As I said, since you are having issues and since you are two upgrades behind, this is something I recommend.

Cyclone · Oct 28, 2021

So it seems I can have both the Pro and "Revo Uninstaller Freeware" installed at the same time, as Pro is still there. But I noticed that price. If that's a lifetime setup for it, maybe that's not a bad idea if I had more use for it. I'll work on the uninstall when I finish for the day.

In any case, here's the "not started" audio driver.

The one that works?

They are in the same location, identical driver. I think for some reason there were just two instances installed. I could probably remove the second one cleanly no problem, as I've tried uninstalling and reinstalling all audio drivers as a possible fix for this in the past. (It didn't work.) The second instance does not start, I believe, because the first did it already. If the first didn't start, or was disabled, the second might start.

DR M · Oct 29, 2021

OK, uninstall the drivers, restart and check again what is happening in the Device Manager.

Let us know about the rest of the things you tried, based on the instructions above.

Cyclone · Oct 29, 2021

Are you suggesting I uninstall BOTH Realtek drivers BEFORE doing anything else? Or just the one? I know it reinstalls itself, but I know I have one working and I've been having problems getting High Definition Audio to work since the latest update as well (I'm told that's better than Realtek and I've used it in the past, but now only Realtek seems to work).

For now I'm happy just uninstalling the McAfee things, then repairing Windows if needed. The problem started before I had double Realtek entries, so that's unrelated I believe. Your other suggestions are the things that I think could be related: McAfee, or broken files. It may take a few days to test it out as well, but I can record more content then just make a point of editing a lot of material to see if problems start occurring, and maybe even keep a Twitch page open too when I'm done.

System Interrupts, Stuttering, Clicks and Pops

Member

Attachments

Member

Member

Sysnative Staff, Security Analyst

Forum Moderator, Security Analyst, Windows Update Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member

Sysnative Staff, Security Analyst

Member