Here it is:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2021
Ran by yck12 (administrator) on DESKTOP-CS7JL0C (06-12-2021 00:14:34)
Running from C:Usersyck12Downloads
Loaded Profiles: yck12
Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Discord Inc. -> Discord Inc.) C:Usersyck12AppDataLocalDiscordapp-1.0.9003Discord.exe <6>
(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <27>
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OneDrive21.220.1024.0005FileCoAuth.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.gamingservices_3.59.11001.0_x64__8wekyb3d8bbwegamingservices.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.gamingservices_3.59.11001.0_x64__8wekyb3d8bbwegamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Nvidia Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_422d4a8d182d8330Display.NvContainerNVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:Program FilesSteelSeriesGGSteelSeriesEngine.exe
(SteelSeries ApS -> SteelSeries ApS) C:Program FilesSteelSeriesGGSteelSeriesGG.exe
(Valve Corp. -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe
(Valve Corp. -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:Program Files (x86)Steamsteam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…Run: [SteelSeriesGG] => C:Program FilesSteelSeriesGGSteelSeriesGG.exe [14810448 2021-11-01] (SteelSeries ApS -> SteelSeries ApS)
HKUS-1-5-21-1297736527-3118997496-3343950673-1001…Run: [OneDrive] => C:Program Files (x86)Microsoft OneDriveOneDrive.exe [2367352 2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKUS-1-5-21-1297736527-3118997496-3343950673-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)
HKUS-1-5-21-1297736527-3118997496-3343950673-1001…Run: [Discord] => C:Usersyck12AppDataLocalDiscordUpdate.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication96.0.4664.45Installerchrmstp.exe [2021-12-05] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12CA51B4-55DB-480D-BBCC-699654EA0637} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339464 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {183A865D-089D-42A7-BA52-43BAEC5E437A} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1EE7E7CE-E58F-405A-B38B-A33A5BA4EEB3} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3669B848-1F83-4A41-ABF1-42C4524DD3E6} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3F238C6E-A137-4677-8264-4EA6300C56C8} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-12-05] (Google LLC -> Google LLC)
Task: {4808635E-E55B-4170-B936-BA69725AC103} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-11-26] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {54F4C4C7-7C3D-4507-AD75-AC11BF59F7DB} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program Files (x86)Microsoft OneDriveOneDriveStandaloneUpdater.exe [3060072 2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F44816B-88E6-40C8-B1FD-343F9931F784} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-12-05] (Google LLC -> Google LLC)
Task: {609CC93F-493F-48D5-A82A-EE4EE4C690D2} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7D3DE3D0-7F7A-45B8-9ACB-B22D10632FE6} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A573AE9F-9094-495A-B364-D5AC2A226264} – System32TasksMicrosoftEdgeShadowStackRollbackTask => C:Program Files (x86)MicrosoftEdgeApplication96.0.1054.43Installersetup.exe [2873728 2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6E5127A-3D5A-4809-B3AC-C6D5A502A644} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [647376 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BAB59DEB-6206-4909-8381-419BE2BB680A} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
TcpipParameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip..Interfaces{a437215a-a0b2-494e-b0c8-1e1ea87c440c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:Usersyck12AppDataLocalMicrosoftEdgeUser DataDefault [2021-12-05]
Chrome:
=======
CHR Profile: C:Usersyck12AppDataLocalGoogleChromeUser DataDefault [2021-12-06]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> “hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP”
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-12-05]
CHR Extension: (ezpp!) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsaimihpobjpagjiakhcpijibnaafdniol [2021-12-05]
CHR Extension: (BetterTTV) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsajopnjidmegmdimjlfnijceegpefgped [2021-12-05]
CHR Extension: (Docs) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-12-05]
CHR Extension: (Google Drive) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-12-05]
CHR Extension: (YouTube) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-05]
CHR Extension: (uBlock Origin) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-12-05]
CHR Extension: (Tampermonkey) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2021-12-05]
CHR Extension: (グランブルーファンタジー[ChromeApps版]) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionseablgejicbklomgaiclcolfilbkckngf [2021-12-05]
CHR Extension: (FrankerFaceZ) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsfadndhdgpmmaapbmfcknlfgcflmmmieb [2021-12-05]
CHR Extension: (Sheets) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-12-05]
CHR Extension: (EditThisCookie) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsfngmhnnpilhplaeedifhccceomclgfbg [2021-12-05]
CHR Extension: (Google Docs Offline) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05]
CHR Extension: (Typing Test – KeyHero) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsjkcieoaeooeidmpaopkpjpjfakidlabm [2021-12-05]
CHR Extension: (Reddit Enhancement Suite) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionskbmfpngjjgdllneeigpgjifpgocmfgmb [2021-12-05]
CHR Extension: (Chrome Web Store Payments) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-12-05]
CHR Extension: (TTV LOL) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsofbbahodfeppoklmgjiokgfdgcndngjm [2021-12-05]
CHR Extension: (4chan X) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionsohnjgmpcibpbafdlkimncjhflgedgpam [2021-12-05]
CHR Extension: (Gmail) – C:Usersyck12AppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-12-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 FileSyncHelper; C:Program Files (x86)Microsoft OneDrive21.220.1024.0005FileSyncHelper.exe [2448232 2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7901368 2021-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:Program Files (x86)Microsoft OneDrive21.220.1024.0005OneDriveUpdaterService.exe [2836840 2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:Program FilesSteelSeriesGGSteelSeriesUpdateService.exe [31568 2021-11-01] (SteelSeries ApS -> )
S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0NisSrv.exe [2872024 2021-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MsMpEng.exe [128376 2021-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_422d4a8d182d8330Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_422d4a8d182d8330Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2021-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 logi_joy_bus_enum; C:WINDOWSsystem32driverslogi_joy_bus_enum.sys [37200 2021-11-19] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:WINDOWSsystem32driverslogi_joy_vir_hid.sys [25928 2021-11-19] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:WINDOWSsystem32driverslogi_joy_xlcore.sys [66896 2021-11-19] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210352 2021-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [193448 2021-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [69040 2021-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-12-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2021-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssbthid; C:WINDOWSSystem32driversssbthid.sys [44688 2021-09-03] (SteelSeries ApS -> SteelSeries ApS)
R3 ssdevfactory; C:WINDOWSSystem32driversssdevfactory.sys [47784 2021-09-03] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:WINDOWSSystem32driverssshid.sys [47760 2021-09-03] (SteelSeries ApS -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:WINDOWSSystem32DriverStoreFileRepositorysteelseries.sonar.vad.inf_amd64_0ac174bf987fdc3bSteelSeries.Sonar.VAD.sys [77192 2021-08-17] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48520 2021-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [435424 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-06 00:14 – 2021-12-06 00:14 – 000016125 _____ C:Usersyck12DownloadsFRST.txt
2021-12-06 00:14 – 2021-12-06 00:14 – 000000000 ____D C:FRST
2021-12-06 00:11 – 2021-12-06 00:11 – 002311680 _____ (Farbar) C:Usersyck12DownloadsFRST64.exe
2021-12-05 19:53 – 2021-12-05 19:53 – 000003206 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task
2021-12-05 19:53 – 2021-12-05 19:53 – 000002257 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-12-05 19:53 – 2021-12-05 19:53 – 000000000 ___RD C:UsersDefaultOneDrive
2021-12-05 19:52 – 2021-12-05 19:53 – 000000000 ____D C:Program Files (x86)Microsoft OneDrive
2021-12-05 19:48 – 2021-12-05 19:48 – 000000000 ___HD C:$WinREAgent
2021-12-05 19:47 – 2021-12-05 19:47 – 000193448 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys
2021-12-05 19:47 – 2021-12-05 19:47 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys
2021-12-05 19:47 – 2021-12-05 19:47 – 000069040 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys
2021-12-05 19:35 – 2021-12-05 19:35 – 000000000 ____D C:Usersyck12AppDataLocalCrashDumps
2021-12-05 19:26 – 2021-12-05 19:46 – 000000000 ____D C:Usersyck12AppDataRoamingsteelseries-gg-client
2021-12-05 19:26 – 2021-12-05 19:26 – 000000000 ____D C:ProgramDataobs-studio-hook
2021-12-05 19:25 – 2021-12-05 19:25 – 000000000 ____D C:ProgramDataSteelSeries
2021-12-05 19:25 – 2021-12-05 19:25 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSteelSeries
2021-12-05 19:09 – 2021-12-05 19:09 – 000241152 _____ () C:Usersyck12DownloadsAntiAfkKick.exe
2021-12-05 17:22 – 2021-12-05 17:22 – 000000000 ____D C:Program FilesHitmanPro
2021-12-05 17:09 – 2021-12-05 17:12 – 000000000 ____D C:ProgramDataHitmanPro
2021-12-05 17:09 – 2021-12-05 17:09 – 011332032 _____ (SurfRight B.V.) C:Usersyck12DownloadsHitmanPro_x64.exe
2021-12-05 16:59 – 2021-12-05 16:59 – 000000000 ____D C:AdwCleaner
2021-12-05 16:33 – 2021-12-05 16:33 – 000000000 ____D C:Usersyck12AppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps
2021-12-05 16:31 – 2021-12-05 23:36 – 000000000 ____D C:Program Files (x86)Google
2021-12-05 16:31 – 2021-12-05 16:38 – 000000000 ____D C:Usersyck12AppDataLocalGoogle
2021-12-05 16:31 – 2021-12-05 16:31 – 000003420 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2021-12-05 16:31 – 2021-12-05 16:31 – 000003296 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
2021-12-05 16:31 – 2021-12-05 16:31 – 000002330 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-12-05 16:31 – 2021-12-05 16:31 – 000002289 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-12-05 16:31 – 2021-12-05 16:31 – 000000000 ____D C:Program FilesGoogle
2021-12-05 13:38 – 2021-12-05 13:38 – 000000000 ____D C:Usersyck12AppDataRoamingWinRAR
2021-12-05 13:38 – 2021-12-05 13:38 – 000000000 ____D C:Usersyck12AppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
2021-12-05 13:38 – 2021-12-05 13:38 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
2021-12-05 13:38 – 2021-12-05 13:38 – 000000000 ____D C:Program FilesWinRAR
2021-12-05 13:36 – 2021-12-06 00:14 – 000000000 ____D C:Usersyck12AppDataRoamingdiscord
2021-12-05 13:36 – 2021-12-05 23:37 – 000000000 ____D C:Usersyck12AppDataLocalDiscord
2021-12-05 13:36 – 2021-12-05 13:36 – 000000000 ____D C:Usersyck12AppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc
2021-12-05 13:05 – 2021-12-05 13:05 – 000001151 _____ C:UsersPublicDesktopGShade Control Panel.lnk
2021-12-05 13:05 – 2021-12-05 13:05 – 000000091 _____ C:UsersPublicDesktopGShade Visual Guide.url
2021-12-05 13:05 – 2021-12-05 13:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGShade
2021-12-05 13:04 – 2021-12-05 19:42 – 000000000 ____D C:UsersPublicGShade Backups
2021-12-05 13:04 – 2021-12-05 19:42 – 000000000 ____D C:Program FilesGShade
2021-12-05 12:55 – 2021-12-05 13:36 – 000000000 ____D C:Usersyck12AppDataLocalSquirrelTemp
2021-12-05 12:55 – 2021-12-05 13:14 – 000000000 ____D C:Usersyck12AppDataRoamingXIVLauncher
2021-12-05 12:55 – 2021-12-05 12:55 – 000000000 ____D C:Usersyck12AppDataRoamingMicrosoftWindowsStart MenuProgramsgoatsoft
2021-12-05 12:55 – 2021-12-05 12:55 – 000000000 ____D C:Usersyck12AppDataLocalXIVLauncher
2021-12-05 12:54 – 2021-12-05 19:49 – 000000000 ____D C:Usersyck12AppDataLocalNVIDIA Corporation
2021-12-05 12:54 – 2021-12-05 19:25 – 000000000 ____D C:ProgramDataPackage Cache
2021-12-05 12:54 – 2021-12-05 12:54 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-05 12:54 – 2021-12-05 12:54 – 000001454 _____ C:UsersPublicDesktopGeForce Experience.lnk
2021-12-05 12:54 – 2021-12-05 12:54 – 000000000 ____D C:Usersyck12AppDataLocalOneDrive
2021-12-05 12:54 – 2021-12-05 12:54 – 000000000 ____D C:Usersyck12ansel
2021-12-05 12:54 – 2021-12-05 12:54 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
2021-12-05 12:54 – 2021-12-05 12:54 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation
2021-12-05 12:54 – 2021-11-26 11:16 – 002849992 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvspcap64.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 002195656 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvspcap.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 001294032 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvRtmpStreamer64.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 000175248 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvaudcap64v.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 000154224 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvaudcap32v.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 000078544 _____ C:WINDOWSsystem32FvSDK_x64.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 000068296 _____ C:WINDOWSSysWOW64FvSDK_x86.dll
2021-12-05 12:54 – 2021-11-26 11:16 – 000001951 _____ C:WINDOWSNvContainerRecovery.bat
2021-12-05 12:53 – 2021-12-06 00:12 – 000000000 ____D C:Program Files (x86)Steam
2021-12-05 12:53 – 2021-12-05 12:54 – 000000000 ____D C:Program FilesNVIDIA Corporation
2021-12-05 12:53 – 2021-12-05 12:53 – 000001043 _____ C:UsersPublicDesktopSteam.lnk
2021-12-05 12:53 – 2021-12-05 12:53 – 000000000 ____D C:Usersyck12AppDataLocalSteam
2021-12-05 12:53 – 2021-12-05 12:53 – 000000000 ____D C:Usersyck12AppDataLocalCEF
2021-12-05 12:53 – 2021-12-05 12:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSteam
2021-12-05 12:53 – 2021-11-27 09:08 – 001874648 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2021-12-05 12:53 – 2021-11-27 09:08 – 001874648 _____ C:WINDOWSsystem32vulkaninfo.exe
2021-12-05 12:53 – 2021-11-27 09:08 – 001466808 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2021-12-05 12:53 – 2021-11-27 09:08 – 001450200 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2021-12-05 12:53 – 2021-11-27 09:08 – 001450200 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2021-12-05 12:53 – 2021-11-27 09:08 – 001206400 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2021-12-05 12:53 – 2021-11-27 09:08 – 001111272 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll
2021-12-05 12:53 – 2021-11-27 09:08 – 001111272 _____ C:WINDOWSsystem32vulkan-1.dll
2021-12-05 12:53 – 2021-11-27 09:08 – 000966416 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2021-12-05 12:53 – 2021-11-27 09:08 – 000966416 _____ C:WINDOWSSysWOW64vulkan-1.dll
2021-12-05 12:53 – 2021-11-27 09:05 – 000802232 _____ C:WINDOWSsystem32nvofapi64.dll
2021-12-05 12:53 – 2021-11-27 09:05 – 000658360 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll
2021-12-05 12:53 – 2021-11-27 09:05 – 000636856 _____ C:WINDOWSSysWOW64nvofapi.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 002116536 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 001599416 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 001523328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 001172608 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 000981120 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 000795104 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 000707712 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe
2021-12-05 12:53 – 2021-11-27 09:04 – 000678328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll
2021-12-05 12:53 – 2021-11-27 09:04 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 008725928 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 007845816 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 005728384 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 004938880 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 002850432 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll
2021-12-05 12:53 – 2021-11-27 09:03 – 000452208 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe
2021-12-05 12:53 – 2021-11-27 09:02 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe
2021-12-05 12:53 – 2021-11-27 09:01 – 006434528 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll
2021-12-05 12:53 – 2021-11-26 11:16 – 000085718 _____ C:WINDOWSsystem32nvinfo.pb
2021-12-05 11:39 – 2021-12-05 11:39 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2021-12-05 11:39 – 2021-12-05 11:39 – 000002028 _____ C:UsersPublicDesktopMalwarebytes.lnk
2021-12-05 11:39 – 2021-12-05 11:39 – 000000000 ____D C:Usersyck12AppDataLocalmbam
2021-12-05 11:38 – 2021-12-05 11:38 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2021-12-05 11:38 – 2021-12-05 11:38 – 000210352 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2021-12-05 11:38 – 2021-12-05 11:38 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2021-12-05 11:38 – 2021-12-05 11:38 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys
2021-12-05 11:38 – 2021-12-05 11:38 – 000000000 ____D C:ProgramDataMalwarebytes
2021-12-05 11:38 – 2021-12-05 11:38 – 000000000 ____D C:Program FilesMalwarebytes
2021-12-05 11:32 – 2021-12-05 11:32 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2021-12-05 11:31 – 2021-12-05 11:31 – 000001153 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPC Health Check.lnk
2021-12-05 11:31 – 2021-12-05 11:31 – 000000000 ____D C:WINDOWSsystem32MRT
2021-12-05 11:31 – 2021-12-05 11:31 – 000000000 ____D C:Program FilesPCHealthCheck
2021-12-05 09:34 – 2021-12-05 09:34 – 000000000 ____D C:Usersyck12AppDataLocalComms
2021-12-05 09:33 – 2021-11-17 15:10 – 000131072 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll
2021-12-05 09:19 – 2021-12-05 12:54 – 000000000 ____D C:Usersyck12AppDataLocalNVIDIA
2021-12-05 09:18 – 2021-12-05 19:53 – 000000000 ___RD C:Usersyck12OneDrive
2021-12-05 09:18 – 2021-12-05 19:47 – 000000000 ____D C:Usersyck12OneDriveDocumentsMy Games
2021-12-05 09:18 – 2021-12-05 09:39 – 000000000 ____D C:Usersyck12AppDataLocalPlaceholderTileLogoFolder
2021-12-05 09:18 – 2021-12-05 09:18 – 000000000 ___HD C:OneDriveTemp
2021-12-05 09:18 – 2021-12-05 09:18 – 000000000 ____D C:ProgramDataMicrosoft OneDrive
2021-12-05 09:17 – 2021-12-05 12:54 – 000000000 ____D C:ProgramDataPackages
2021-12-05 09:17 – 2021-12-05 09:17 – 000000000 ____D C:Usersyck12AppDataLocalPublishers
2021-12-05 09:16 – 2021-12-05 16:33 – 000000000 ____D C:Usersyck12AppDataLocalD3DSCache
2021-12-05 09:16 – 2021-12-05 12:54 – 000000000 ____D C:Usersyck12AppDataLocalPackages
2021-12-05 09:16 – 2021-12-05 11:34 – 000000000 ____D C:Usersyck12AppDataLocalConnectedDevicesPlatform
2021-12-05 09:16 – 2021-12-05 09:18 – 000000000 __RHD C:UsersPublicAccountPictures
2021-12-05 09:16 – 2021-12-05 09:16 – 000000000 ___RD C:Usersyck123D Objects
2021-12-05 09:16 – 2021-12-05 09:16 – 000000000 ____D C:Usersyck12AppDataRoamingAdobe
2021-12-05 09:16 – 2021-12-05 09:16 – 000000000 ____D C:Usersyck12AppDataLocalVirtualStore
2021-12-05 09:15 – 2021-12-05 19:47 – 000000000 ____D C:Usersyck12
2021-12-05 09:15 – 2021-12-05 09:15 – 000000020 ___SH C:Usersyck12ntuser.ini
2021-12-05 09:09 – 2021-12-05 09:09 – 000004782 _____ C:WINDOWSsystem32TasksMicrosoftEdgeShadowStackRollbackTask
2021-12-05 09:08 – 2021-12-05 19:54 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-12-05 09:04 – 2021-12-05 09:04 – 000000000 _SHDL C:Documents and Settings
2021-12-05 09:02 – 2021-12-05 21:36 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-12-05 09:02 – 2021-12-05 19:47 – 000008192 ___SH C:DumpStack.log.tmp
2021-12-05 09:02 – 2021-12-05 19:47 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-12-05 09:02 – 2021-12-05 19:47 – 000000000 ____D C:ProgramDataNVIDIA
2021-12-05 09:02 – 2021-12-05 12:54 – 000000000 ____D C:ProgramDataNVIDIA Corporation
2021-12-05 09:02 – 2021-12-05 11:23 – 000000000 ____D C:WINDOWSsystem32Driverswd
2021-12-05 09:02 – 2021-12-05 09:09 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-12-05 09:02 – 2021-12-05 09:09 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2021-12-05 09:02 – 2021-12-05 09:03 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-12-05 09:02 – 2021-12-05 09:03 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-12-05 09:02 – 2021-12-05 09:02 – 000307536 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____H C:WINDOWSsystem32DriversMsft_User_WpdFs_01_11_00.Wdf
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:WINDOWSSysWOW64RTCOM
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:WINDOWSsystem32lxss
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:WINDOWSsystem32DTS
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:WINDOWSServiceProfiles
2021-12-05 09:02 – 2021-12-05 09:02 – 000000000 ____D C:Program FilesRealtek
2021-12-05 08:59 – 2021-12-05 09:04 – 000000000 ____D C:WINDOWSPanther
2021-12-05 08:58 – 2021-12-05 09:04 – 000000000 ____D C:Windows.old
2021-12-05 08:57 – 2021-12-05 08:57 – 000000000 ____D C:ProgramDatassh
2021-12-05 08:56 – 2021-12-05 08:56 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll
2021-12-05 08:56 – 2021-12-05 08:56 – 000581120 _____ (Microsoft Corporation) C:WINDOWSsystem32PhotoScreensaver.scr
2021-12-05 08:56 – 2021-12-05 08:56 – 000499200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PhotoScreensaver.scr
2021-12-05 08:56 – 2021-12-05 08:56 – 000095744 _____ C:WINDOWSsystem32VirtualMonitorManager.dll
2021-12-05 08:56 – 2021-12-05 08:56 – 000053760 _____ C:WINDOWSSysWOW64BWContextHandler.dll
2021-12-05 08:56 – 2021-12-05 08:56 – 000045880 _____ C:WINDOWSsystem32HvSocket.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 004898144 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpltfm.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 004227116 _____ C:WINDOWSsystem32DefaultHrtfs.bin
2021-12-05 08:55 – 2021-12-05 08:55 – 003860832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpltfm.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002371072 _____ C:WINDOWSsystem32rdpnano.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002295296 _____ (Digimarc) C:WINDOWSsystem32DMRCDecoder.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002260480 _____ (The ICU Project) C:WINDOWSsystem32icu.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002254336 _____ C:WINDOWSsystem32dwmscene.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 002111488 _____ (Digimarc) C:WINDOWSSysWOW64DMRCDecoder.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 001864192 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 001354080 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpal.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 001164288 _____ C:WINDOWSsystem32MBR2GPT.EXE
2021-12-05 08:55 – 2021-12-05 08:55 – 001091936 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmcodecs.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 001032544 _____ (Microsoft Corporation) C:WINDOWSsystem32ortcengine.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000980320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpal.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000915296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmcodecs.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000732000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ortcengine.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000706536 _____ C:WINDOWSsystem32TextShaping.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000672768 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000657464 _____ C:WINDOWSsystem32WindowManagementAPI.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000611960 _____ C:WINDOWSSysWOW64TextShaping.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000468440 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000455168 _____ C:WINDOWSsystem32ssdm.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000363520 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000330752 _____ C:WINDOWSSysWOW64ssdm.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000306688 _____ C:WINDOWSsystem32HeatCore.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000288768 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000266240 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000240640 _____ C:WINDOWSSysWOW64CoreMas.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000235520 _____ C:WINDOWSSysWOW64HeatCore.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000197632 _____ C:WINDOWSsystem32IHDS.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000190976 _____ C:WINDOWSsystem32BthpanContextHandler.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000152064 _____ C:WINDOWSsystem32EoAExperiences.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000098304 _____ C:WINDOWSsystem32Driverscimfs.sys
2021-12-05 08:55 – 2021-12-05 08:55 – 000089088 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.proxystub.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000074240 _____ C:WINDOWSsystem32rdsxvmaudio.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000073216 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000067072 _____ C:WINDOWSsystem32BWContextHandler.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000064552 _____ C:WINDOWSsystem32umpdc.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000056672 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmmvrortc.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmmvrortc.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000048640 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000047472 _____ C:WINDOWSSysWOW64umpdc.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000039936 _____ (Adobe Systems) C:WINDOWSSysWOW64atmlib.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000029696 _____ (The ICU Project) C:WINDOWSsystem32icuuc.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000025088 _____ (The ICU Project) C:WINDOWSsystem32icuin.dll
2021-12-05 08:55 – 2021-12-05 08:55 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000011363 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-12-05 08:55 – 2021-12-05 08:55 – 000010752 _____ C:WINDOWSSysWOW64agentactivationruntimestarter.exe
2021-12-05 08:55 – 2021-12-05 08:55 – 000001370 _____ C:WINDOWSsystem32ThirdPartyNoticesBySHS.txt
2021-12-05 08:52 – 2021-12-05 19:25 – 000000000 ____D C:Program FilesSteelSeries
2021-12-05 08:52 – 2021-12-05 08:52 – 000000000 ____D C:Program FilesReference Assemblies
2021-12-05 08:52 – 2021-12-05 08:52 – 000000000 ____D C:Program FilesMSBuild
2021-12-05 08:52 – 2021-12-05 08:52 – 000000000 ____D C:Program Files (x86)Reference Assemblies
2021-12-05 08:52 – 2021-12-05 08:52 – 000000000 ____D C:Program Files (x86)MSBuild
2021-12-05 08:52 – 2019-10-15 13:50 – 000002060 _____ C:WINDOWSsystem32noise.jpn
2021-12-05 08:51 – 2021-12-05 08:51 – 000008192 _____ C:WINDOWSsystem32configuserdiff
2021-12-05 08:44 – 2021-12-05 08:59 – 000000000 ___HD C:$SysReset
2021-11-26 01:45 – 2021-11-26 11:16 – 000067464 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvhci.sys
2021-11-26 01:45 – 2021-10-31 19:00 – 000048552 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvad64v.sys
2021-11-20 19:34 – 2021-11-27 09:02 – 007582680 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll
2021-11-20 19:34 – 2021-11-09 14:27 – 000125568 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys
2021-11-20 19:34 – 2021-11-09 14:27 – 000038016 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhdap64.dll
2021-11-19 08:05 – 2021-11-19 08:05 – 000066896 _____ (Logitech) C:WINDOWSsystem32Driverslogi_joy_xlcore.sys
2021-11-19 08:05 – 2021-11-19 08:05 – 000037200 _____ (Logitech) C:WINDOWSsystem32Driverslogi_joy_bus_enum.sys
2021-11-19 08:05 – 2021-11-19 08:05 – 000025928 _____ (Logitech) C:WINDOWSsystem32Driverslogi_joy_vir_hid.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-05 20:34 – 2019-12-07 01:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-12-05 19:54 – 2019-12-07 01:13 – 000000000 ____D C:WINDOWSINF
2021-12-05 19:54 – 2019-12-07 01:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-12-05 19:46 – 2019-12-07 01:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-12-05 19:38 – 2019-12-07 01:03 – 000000000 ____D C:WINDOWSservicing
2021-12-05 13:01 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-12-05 12:54 – 2019-12-07 01:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-12-05 11:38 – 2019-12-07 01:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-12-05 11:23 – 2019-12-07 01:14 – 000000000 ____D C:Program FilesWindows Defender
2021-12-05 09:33 – 2019-12-07 01:14 – 000000000 ___RD C:WINDOWSPrintDialog
2021-12-05 09:33 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSServiceState
2021-12-05 09:17 – 2019-12-07 01:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-12-05 09:06 – 2019-12-07 01:50 – 000000000 ____D C:WINDOWSsystem32FxsTmp
2021-12-05 09:06 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32spool
2021-12-05 09:05 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase
2021-12-05 09:04 – 2019-12-07 01:14 – 000000000 ____D C:ProgramDataUSOPrivate
2021-12-05 09:02 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSappcompat
2021-12-05 09:02 – 2019-12-07 01:03 – 000032768 _____ C:WINDOWSsystem32configELAM
2021-12-05 08:59 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-12-05 08:58 – 2019-12-07 01:14 – 000028672 _____ C:WINDOWSsystem32configBCD-Template
2021-12-05 08:57 – 2019-12-07 01:52 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll
2021-12-05 08:57 – 2019-12-07 01:52 – 000020908 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml
2021-12-05 08:57 – 2019-12-07 01:52 – 000000000 ____D C:Program FilesWindows Photo Viewer
2021-12-05 08:57 – 2019-12-07 01:52 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer
2021-12-05 08:57 – 2019-12-07 01:50 – 000000000 ____D C:WINDOWSsystem32OpenSSH
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ___SD C:WINDOWSSysWOW64F12
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ___SD C:WINDOWSsystem32UNP
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ___SD C:WINDOWSsystem32F12
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64setup
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64migwiz
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64Keywords
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64Com
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSSystemResources
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32Sysprep
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32ShellExperiences
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32setup
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32migwiz
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32lv-LV
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32lt-LT
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32Keywords
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32et-EE
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32DDFs
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32Com
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32appraiser
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSShellExperiences
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSShellComponents
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSProvisioning
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSIME
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSDiagTrack
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-12-05 08:57 – 2019-12-07 01:14 – 000000000 ____D C:Program Files (x86)Windows Defender
2021-12-05 08:52 – 2019-12-07 01:51 – 000000000 ____D C:WINDOWSOCR
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2021
Ran by yck12 (06-12-2021 00:15:30)
Running from C:Usersyck12Downloads
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2021-12-05 17:04:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1297736527-3118997496-3343950673-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-1297736527-3118997496-3343950673-503 – Limited – Disabled)
Guest (S-1-5-21-1297736527-3118997496-3343950673-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-1297736527-3118997496-3343950673-504 – Limited – Disabled)
yck12 (S-1-5-21-1297736527-3118997496-3343950673-1001 – Administrator – Enabled) => C:Usersyck12
yck12_4cm (S-1-5-21-1297736527-3118997496-3343950673-1002 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Discord (HKUS-1-5-21-1297736527-3118997496-3343950673-1001…Discord) (Version: 1.0.9003 – Discord Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 96.0.4664.45 – Google LLC)
GShade 3.4.1 (HKLM…GShade) (Version: – GPOSERS)
Malwarebytes version 4.4.11.149 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 – Malwarebytes)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.43 – Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 96.0.1054.43 – Microsoft Corporation)
Microsoft OneDrive (HKLM-x32…OneDriveSetup.exe) (Version: 21.220.1024.0005 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.29.30133 (HKLM-x32…{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.29.30133 (HKLM-x32…{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 – Microsoft Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.123 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.123 – NVIDIA Corporation)
NVIDIA Graphics Driver 497.09 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.09 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.94 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 – NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 – Realtek Semiconductor Corp.)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
SteelSeries GG 11.2.0 (HKLM…SteelSeries GG) (Version: 11.2.0 – SteelSeries ApS)
Windows PC Health Check (HKLM…{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 – Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM…WinRAR archiver) (Version: 6.02.0 – win.rar GmbH)
XIVLauncher (HKUS-1-5-21-1297736527-3118997496-3343950673-1001…XIVLauncher) (Version: 6.1.0 – goaaats)
Packages:
=========
Disney+ -> C:Program FilesWindowsAppsDisney.37853FC22B2CE_1.21.6.0_x64__6rarf9sa4v8jt [2021-12-05] (Disney)
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-12-05] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-05] (NVIDIA Corp.)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0 [2021-12-05] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-1297736527-3118997496-3343950673-1001_ClassesCLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive – Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.220.1024.0005amd64FileSyncShell64.dll [2021-12-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_422d4a8d182d8330nvshext.dll [2021-11-27] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:Usersyck12AppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Appsグランブルーファンタジー[ChromeApps版].lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=eablgejicbklomgaiclcolfilbkckngf
==================== Loaded Modules (Whitelisted) =============
2021-12-05 12:53 – 2021-10-05 17:30 – 126961152 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libcef.dll
2021-12-05 12:53 – 2021-10-05 17:30 – 000384000 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libegl.dll
2021-12-05 12:53 – 2021-10-05 17:30 – 008006656 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libglesv2.dll
2021-07-27 07:54 – 2021-07-27 07:54 – 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:Program FilesSteelSeriesGGHIDDLL.dll
2021-07-27 07:54 – 2021-07-27 07:54 – 002284032 _____ (Holtek) [File not signed] C:Program FilesSteelSeriesGGISPDLL.dll
2021-12-05 12:53 – 2021-10-05 17:30 – 000983552 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Steambincefcef.win7x64chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 01:14 – 2019-12-07 01:12 – 000000824 _____ C:WINDOWSsystem32driversetchosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKUS-1-5-21-1297736527-3118997496-3343950673-1001Control PanelDesktop\Wallpaper ->
DNS Servers: 75.75.75.75 – 75.75.76.76
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKUS-1-5-21-1297736527-3118997496-3343950673-1001…StartupApprovedRun: => “MicrosoftEdgeAutoLaunch_DADA4359ABADBD9ED8BFCA5F29AF6AC1”
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4F5DDFFD-981C-4F84-9A11-81CC625CF060}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50A00084-DB10-49AF-BD78-1B7003D2F688}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B921D12-1696-4B48-ACA1-D7BC1C251E95}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{042096DD-C7C4-481C-ACE2-49D369844A6D}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21D55DE2-F12D-4BE4-A2B3-4BA196ED916A}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication96.0.1054.43msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C899928-9A37-4B2D-BAF7-9046CB3556CE}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8778332D-C283-414F-AFA2-5BDFCA19A6C9}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{851F01EF-9A9F-4BC1-A505-C564D8E52509}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C3D0A51-AFB2-485A-A6FC-04C565A6F913}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD795E56-B988-4C6A-BC95-264D90AAA27F}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E406D3B9-2B2D-4DA2-99BF-118BC3C4662A}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{67F34D03-E081-4843-809E-3621A4BF78FC}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2E680C2D-889F-47E0-B333-219D96B66165}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D93B9DF-3349-4893-B027-22B32921E69B}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{704F9C31-9118-4A44-A05F-E9A01B157040}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{77DB824E-4B7B-4E54-A616-DF1E5BBC63F6}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9154D9B2-80E8-4A5C-B8FA-E695EC2410A1}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8820291-C9CD-4623-B124-62FBC0243891}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57BD4F0F-D2E4-4526-B4CA-2A02C24D59B3}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B149064D-0E6E-4998-AB0B-B9F277150957}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AED7D185-7438-47D8-983B-1BA63711FDB7}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EF8BEDFD-D453-495C-9C56-6F31164CD611}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E0AC6316-3696-4D3C-963A-F45CF2D6645F}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AB6914A2-B0F4-4B62-85B0-F96C5E32F156}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA66DFE1-61FE-4EBF-9DDD-7D2115674505}] => (Allow) F:Steam GamessteamappscommonPrison ArchitectLauncherdowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B08248F7-02AB-4E03-851C-37C464AC0E1A}] => (Allow) F:Steam GamessteamappscommonPrison ArchitectLauncherdowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{25ACA4F0-0E47-4545-A002-9D5904C00F33}] => (Allow) F:Steam GamessteamappscommonPrison ArchitectPrison Architect.exe () [File not signed]
FirewallRules: [{5F6853F6-BAAA-41F1-8DE1-EFA6A8E04D3F}] => (Allow) F:Steam GamessteamappscommonPrison ArchitectPrison Architect.exe () [File not signed]
FirewallRules: [{DD8DBED7-28D6-4642-8CE4-9068196D54A4}] => (Allow) F:Steam GamessteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C601EA67-2108-4B5D-BA25-0C9F898A3D8F}] => (Allow) F:Steam GamessteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A0718C52-3424-4F71-A654-71B8A440C4F2}] => (Allow) F:Steam GamessteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{624DD923-2DCA-457B-BB58-F8D7368BDDC3}] => (Allow) F:Steam GamessteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{27D4B76A-87A5-42B5-BC45-00718EE2C55B}] => (Allow) F:Steam GamessteamappscommonVRChatVRChat.exe () [File not signed]
FirewallRules: [{70EF2F63-7665-4465-A830-1EBCD03C97AC}] => (Allow) F:Steam GamessteamappscommonVRChatVRChat.exe () [File not signed]
FirewallRules: [{E2F2D2E7-EF13-43EE-9295-C4870ECC431E}] => (Allow) F:Steam GamessteamappscommonValheimvalheim.exe () [File not signed]
FirewallRules: [{96BABC22-3FBC-4257-842A-C6102C6AA8CE}] => (Allow) F:Steam GamessteamappscommonValheimvalheim.exe () [File not signed]
FirewallRules: [{86BCD502-064D-4EF0-9E34-1159CB30879B}] => (Allow) E:Steam GamessteamappscommonFaceRigBinLauncher.exe (Holotech Studios SRL -> )
FirewallRules: [{2124C073-96DB-4191-9826-F155C141F292}] => (Allow) E:Steam GamessteamappscommonFaceRigBinLauncher.exe (Holotech Studios SRL -> )
FirewallRules: [{FA719A51-EDB5-4226-9814-A3C75ACBC4BD}] => (Allow) E:Steam GamessteamappscommonFaceRigBinFaceRig.exe (Holotech Studios SRL -> )
FirewallRules: [{711FBD02-DD5D-43B6-8944-E97533D1BF61}] => (Allow) E:Steam GamessteamappscommonFaceRigBinFaceRig.exe (Holotech Studios SRL -> )
FirewallRules: [{8D78AFCD-36E6-41E8-8994-50559A804D14}] => (Allow) F:Steam Gamessteamappscommondota 2 betagamebinwin64dota2.exe (Valve Corp. -> )
FirewallRules: [{7D849AD9-BF0A-4C85-8717-88B8FF79CDD9}] => (Allow) F:Steam Gamessteamappscommondota 2 betagamebinwin64dota2.exe (Valve Corp. -> )
FirewallRules: [{84850F1C-A639-4C41-83B2-AB8E747F78E7}] => (Allow) E:Steam GamessteamappscommonHadesx64Hades.exe () [File not signed]
FirewallRules: [{9FBD754E-4BD0-4E8E-B7BD-7605F66D90D5}] => (Allow) E:Steam GamessteamappscommonHadesx64Hades.exe () [File not signed]
FirewallRules: [{517F5A2A-7EEE-4480-BD2E-2C644472DF35}] => (Allow) E:Steam GamessteamappscommonHadesx64VkHades.exe () [File not signed]
FirewallRules: [{E3BC0796-9581-411A-AED6-8CBACD1AF4B4}] => (Allow) E:Steam GamessteamappscommonHadesx64VkHades.exe () [File not signed]
FirewallRules: [{F817BCE5-1654-4B34-8143-8A0BD8CDEFC2}] => (Allow) E:Steam GamessteamappscommonHadesx86Hades.exe () [File not signed]
FirewallRules: [{B4A8A195-134E-471F-9743-3400A780D5AD}] => (Allow) E:Steam GamessteamappscommonHadesx86Hades.exe () [File not signed]
==================== Restore Points =========================
05-12-2021 11:31:58 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/05/2021 07:35:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x61a292f1
Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0xa280d1d6
Exception code: 0xc0000374
Fault offset: 0x00000000000ff199
Faulting process id: 0x2140
Faulting application start time: 0x01d7ea4d5d916be0
Faulting application path: E:Steam GamessteamappscommonFINAL FANTASY XIV Onlinegameffxiv_dx11.exe
Faulting module path: C:WINDOWSSYSTEM32ntdll.dll
Report Id: 04ce94c2-4005-4c3e-b633-2176b9bd9f8b
Faulting package full name:
Faulting package-relative application ID:
Error: (12/05/2021 09:18:39 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: DESKTOP-CS7JL0C)
Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy-2147024662
Error: (12/05/2021 09:06:21 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.
Error: (12/05/2021 09:02:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1409.
System errors:
=============
Error: (12/05/2021 10:42:29 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/05/2021 07:46:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CS7JL0C)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (12/05/2021 05:01:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CS7JL0C)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.
Error: (12/05/2021 05:00:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (12/05/2021 05:00:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (12/05/2021 05:00:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/05/2021 12:53:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/05/2021 12:53:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
CodeIntegrity:
===============
Date: 2021-12-05 09:03:32
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-12-05 09:03:32
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. P2.00 04/21/2021
Motherboard: ASRock B550 Steel Legend
Processor: AMD Ryzen 7 5800X 8-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 32694.54 MB
Available physical RAM: 21218.53 MB
Total Virtual: 37814.54 MB
Available Virtual: 24190.25 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.81 GB) (Free:870.33 GB) NTFS
Drive d: (Music) (Fixed) (Total:1863.01 GB) (Free:1767.17 GB) NTFS
Drive e: (SSD 2) (Fixed) (Total:465.76 GB) (Free:40.52 GB) NTFS
Drive f: (SSD 1) (Fixed) (Total:465.76 GB) (Free:29.74 GB) NTFS
Drive g: (SSD 3) (Fixed) (Total:465.25 GB) (Free:362.59 GB) NTFS
Drive h: (Elements) (Fixed) (Total:3725.99 GB) (Free:116.44 GB) NTFS
\?Volume{740b6249-3889-42df-be36-e4736c36a0ed} (Recovery) (Fixed) (Total:0.59 GB) (Free:0.18 GB) NTFS
\?Volume{0a231c52-0000-0000-0000-205074000000} () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\?Volume{12847886-ddae-41f1-9951-37ba37e72c72} (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 458D7233)
Partition 1: (Not Active) – (Size=1863 GB) – (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 458D7235)
Partition 1: (Not Active) – (Size=465.8 GB) – (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 458D7232)
Partition 1: (Not Active) – (Size=465.8 GB) – (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0A231C52)
Partition 1: (Not Active) – (Size=465.3 GB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=520 MB) – (Type=27)
==========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: EF6B1786)
Partition: GPT.
==========================================================
Disk: 5 (Size: 3726 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== End of Addition.txt =======================
Source: https://www.bleepingcomputer.com/forums/t/764709/ran-an-exe-file-and-got-infected/
