Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-07-2021
Ran by sonic (09-07-2021 13:35:26)
Running from D:\apps
Windows 10 Home Version 21H1 19043.1083 (X64) (2021-02-07 04:46:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-668295297-3808410870-508313996-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-668295297-3808410870-508313996-503 - Limited - Disabled)
Guest (S-1-5-21-668295297-3808410870-508313996-501 - Limited - Disabled)
sonic (S-1-5-21-668295297-3808410870-508313996-1001 - Administrator - Enabled) => C:\Users\sonic
WDAGUtilityAccount (S-1-5-21-668295297-3808410870-508313996-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Disabled - Out of date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Norton Security (Disabled - Out of date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Disabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2021 Digital AP Exams 0.9.4 (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\df0d37b3-7c47-5641-a90e-fdd1934d554d) (Version: 0.9.4 - College Board)
4K Video Downloader (HKLM\...\{560E7B2D-43A3-4A2C-B578-44525724B639}) (Version: 4.16.4.4300 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{6919d361-5a00-4c44-a3be-f5033ff85337}) (Version: 4.16.4.4300 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 91.0.10364.117 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CLIP STUDIO 1.10.13 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.10.13 - CELSYS)
CLIP STUDIO PAINT 1.10.13 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.10.13 - CELSYS)
Discord (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.5.1901.2201 - Micro-Star International Co., Ltd.)
Drawpile 2.1.17 (HKLM\...\{DC47B534-E365-4054-85F0-2E7C6CCB76CC}_is1) (Version: 2.1.17 - )
Elgato Game Capture HD (HKLM\...\{012C3D17-E621-4146-85C9-099B72C2AD67}) (Version: 3.70.51.3051 - Elgato Systems GmbH)
Genshin Impact (HKLM\...\Genshin Impact Beta) (Version: 2.3.3.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Honkai Impact 3rd 1.0.0 (HKLM-x32\...\Honkai Impact 3rd) (Version: 1.0.0 - miHoYo Co.,Ltd)
IdentityV (HKLM-x32\...\IdentityV) (Version: 1.0.0.1 - Netease, Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{C38DE4F8-DF58-4B5D-9D4C-1F68773A2AE2}) (Version: 21.3.21.5 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.0.1072 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{9b40f045-5a51-4be8-b84b-b5a0ddac78c4}) (Version: 21.3.21.5 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{cc6edfa9-9806-4a53-9313-f8e2d11d69c4}) (Version: 20.120.0 - Intel Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.31.59.3005 - BlueStack Systems, Inc.)
MSI Recovery Image Backup (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1812.2001 - Application) Hidden
MSI Recovery Image Backup (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1812.2001 - Application)
MuseScore 3 (HKLM\...\{E98C4AA7-F94B-4541-9B16-F7877CF5AF35}) (Version: 3.4.1.9660 - Werner Schweer and Others)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.5.44 - Symantec Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 21.6.1.740 - StreamElements)
VALORANT (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VEGAS Pro 15.0 (HKLM\...\{EAC10EB0-EC36-11E8-B5B4-00155D6302F2}) (Version: 15.0.416 - VEGAS)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.42-2 - Wacom Technology Corp.)
Zoom (HKU\S-1-5-21-668295297-3808410870-508313996-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-26] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2050.2.0_x86__kgqvnymyfvs32 [2021-06-30] (king.com)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.16.7.0_x86__q4d96b2w5wcc2 [2021-06-30] (Evernote)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-25] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-12-04] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.4.4261.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Studios)
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14131.20278.0_x86__8wekyb3d8bbwe [2021-07-05] (Microsoft Corporation)
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2020-09-12] (msiappadm)
MSI Help Desk -> C:\Program Files\WindowsApps\msiappadm.MSIHelpDesk_2.2103.3101.0_x64__7f61qv3vk9gn2 [2021-04-14] (msiappadm)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.7.2.0_x64__w2gh52qy24etm [2021-06-14] (A-Volute)
Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2019-12-04] (Symantec Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2019-03-08] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-31] (Microsoft Corporation)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2019-03-08] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-30] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-06-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-668295297-3808410870-508313996-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sonic\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-668295297-3808410870-508313996-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\sonic\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\apps\7Zip\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.5.44\NavShExt.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.5.44\NavShExt.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\apps\7Zip\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_bd367893e1ff9b5c\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\apps\7Zip\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.5.44\buShell.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.5.44\NavShExt.dll [2021-05-31] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\sonic\Desktop\Joker - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\sonic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\グランブルーファンタジー[ChromeApps版].lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eablgejicbklomgaiclcolfilbkckngf
ShortcutWithArgument: C:\Users\sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\abe4c6bf353e3237\OMORI.lnk -> D:\Games\steamapps\common\OMORI\OMORI.exe (KADOKAWA) -> --user-data-dir="C:\Users\sonic\AppData\Local\OMORI\User Data" --profile-directory=Default --app-id=hcpkfehmngainmimikbmafiibajbhjlh
ShortcutWithArgument: C:\Users\sonic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6039c28ddbbb69d6\グランブルーファンタジー[ChromeApps版].lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eablgejicbklomgaiclcolfilbkckngf

==================== Loaded Modules (Whitelisted) =============

2021-04-22 08:31 - 2021-04-22 08:31 - 005745664 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2018-04-25 15:30 - 2018-04-25 15:30 - 000240128 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\NahimicAPI.dll
2018-11-23 10:01 - 2018-11-23 10:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2020-12-03 09:37 - 2020-12-03 09:37 - 001029632 _____ (Elgato Systems GmbH) [File not signed] D:\apps\Elgato\SoundCapture\ElgatoVAD_Router.dll
2021-06-21 12:39 - 2021-06-21 12:39 - 000187392 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2021-04-02 19:32 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] D:\apps\7Zip\7-Zip\7-zip.dll
2016-08-10 23:34 - 2016-08-10 23:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 22:35 - 2015-06-11 22:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2018-08-01 12:54 - 2018-08-01 12:54 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\UEFIVaribleDll.dll
2021-05-21 08:12 - 2021-05-21 08:12 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2019-12-04 21:06 - 2019-12-04 21:06 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-668295297-3808410870-508313996-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-668295297-3808410870-508313996-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-668295297-3808410870-508313996-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sonic\Pictures\Saved Pictures\xiao wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1C0609EA-0EE6-4454-B897-2CAC6AF639B9}] => (Allow) D:\Games\steamapps\common\The Case Book of Arne\Arne_Launcher.exe () [File not signed]
FirewallRules: [{FB84B328-89CC-4F87-92D1-170BBFBC12FA}] => (Allow) D:\Games\steamapps\common\The Case Book of Arne\Arne_Launcher.exe () [File not signed]
FirewallRules: [{C4F2FACC-CE80-45D0-9748-0A5B569A1A81}] => (Allow) D:\Games\steamapps\common\Granblue Fantasy Versus\GBVS.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BDE13048-674C-4694-8071-C40E556FC97B}] => (Allow) D:\Games\steamapps\common\Granblue Fantasy Versus\GBVS.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3C2C393C-E304-479E-9C4C-390DAF33A3EA}] => (Allow) D:\Games\steamapps\common\HIVESWAP Act 2\Hiveswap-Act2.exe () [File not signed]
FirewallRules: [{62787D13-5808-41BD-9C4E-165F9224A334}] => (Allow) D:\Games\steamapps\common\HIVESWAP Act 2\Hiveswap-Act2.exe () [File not signed]
FirewallRules: [UDP Query User{B53325FF-671A-420B-9641-7291E33271E3}D:\identityv\dwrg.exe] => (Allow) D:\identityv\dwrg.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{ED801C08-1A35-4C4F-8BA3-1A8C67AC8911}D:\identityv\dwrg.exe] => (Allow) D:\identityv\dwrg.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [{2CCD9A02-2AC7-41FB-A699-16A732CC574A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{F214A15F-B079-4BE7-BBCB-9F7E93F1A109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [UDP Query User{43F13AD0-EB6D-43B3-8E71-EA27E987DA88}C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe] => (Allow) C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe (Tetris Online Japan) [File not signed]
FirewallRules: [TCP Query User{EF6D6217-8D35-4E5F-876A-E6FEBEB2A7A6}C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe] => (Allow) C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe (Tetris Online Japan) [File not signed]
FirewallRules: [UDP Query User{9D36F9A1-194C-4ECC-B0E7-D6D9F886B120}C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe] => (Allow) C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe (Tetris Online Japan) [File not signed]
FirewallRules: [TCP Query User{89EBF077-9A87-4E86-845A-A298B4DC3A78}C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe] => (Allow) C:\users\sonic\documents\tetris\tetrisonlinepoland\tetris.exe (Tetris Online Japan) [File not signed]
FirewallRules: [UDP Query User{31355AA3-3C6F-4BD6-BC24-061B6D0FF0B8}C:\identityv\dwrg.exe] => (Allow) C:\identityv\dwrg.exe => No File
FirewallRules: [TCP Query User{9FDB0586-ED97-48F1-8673-7B6A053CFDFE}C:\identityv\dwrg.exe] => (Allow) C:\identityv\dwrg.exe => No File
FirewallRules: [{529B6DA0-BCFC-415A-B20E-506254FE4030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES) [File not signed]
FirewallRules: [{EC8FD7B1-6398-405D-95F2-32C6BEBB14E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES) [File not signed]
FirewallRules: [{4E3B9803-9CF6-4E72-9C7C-E75BED11AEEF}] => (Allow) C:\Users\sonic\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A7F6026B-52B7-44BB-8811-2872D36EDDD5}] => (Allow) C:\Users\sonic\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{13D41180-772B-4778-9E86-3A826EFAC719}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{81496024-800F-4235-8525-7E50A00FA780}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C4C3531-B8BB-42F9-86E4-CF6DA7CCE4BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3EFB9D3-CBE9-4C9F-984A-4CBFBC269AF5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{83E95656-4A0A-4B49-B28E-6DFE5DDA0A50}] => (Allow) C:\Program Files\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9E2EC555-C0BF-4E60-B500-2383104DCFB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BE301E59-8535-416B-B6A0-1B2183D759F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2C91770-1889-436E-9D45-E1E33A2FC383}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2BD0DB98-3DB0-43B3-91D6-EA8D225B1E3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C9F2A722-2D84-493E-883E-47EEC982B17B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1bitHeart\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{3E6C486B-A614-43C4-A988-03B8342BD744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1bitHeart\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{30C6492D-DD95-4F95-81E9-03FDAFD37A66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1bitHeart\Config.exe (TODO: <会社名>) [File not signed]
FirewallRules: [{1ACF1C13-18FA-4D6C-86EC-B781C861E2B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\1bitHeart\Config.exe (TODO: <会社名>) [File not signed]
FirewallRules: [{7F389AFC-6A22-4A46-AE16-8885E8F0C277}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{F683B8AF-0E6E-4238-A11A-575CFF18D693}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Game.exe (SilverSecond) [File not signed]
FirewallRules: [{A4546AC4-FB30-4C7F-BB63-35CCC231C43D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Config.exe (TODO: <会社名>) [File not signed]
FirewallRules: [{2B648258-CDDE-49D8-AD89-AB28B3683507}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alicemare\Config.exe (TODO: <会社名>) [File not signed]
FirewallRules: [{F087E89E-1F4C-4307-A194-83DDDCFC43E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angels of Death\AngelsOfDeathLauncher.exe () [File not signed]
FirewallRules: [{D6704845-F513-4DFC-AC07-743CD4637185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angels of Death\AngelsOfDeathLauncher.exe () [File not signed]
FirewallRules: [{CF349784-6827-4CB4-890A-3C47180BCC9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HIVESWAP ACT 1\Hiveswap-Act1.exe () [File not signed]
FirewallRules: [{C18B1650-F06A-4656-B8BF-FF651A26C137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HIVESWAP ACT 1\Hiveswap-Act1.exe () [File not signed]
FirewallRules: [{9B828481-51E3-43B9-93CC-7878AAD63AAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [{7195D356-C7CE-43F6-A113-D70D3F0FBB14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [File not signed]
FirewallRules: [{E7659B26-74D9-470D-9270-86B16BC24E09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{81814F08-E963-4876-B4CF-0F883DF6D02D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{DB0106B8-82D8-4726-9C7D-C5D2181FCC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Chronophantasma Extend\BBCPEX.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{958364C4-B2AF-49D7-9C1C-3B573047D22E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Chronophantasma Extend\BBCPEX.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{5E174BFF-0B63-4E2C-9D00-651D960F8204}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Continuum Shift Extend\BBCSE.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{0B67E5FD-2955-41FF-BEDC-2C00A423DE91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Continuum Shift Extend\BBCSE.exe (ARC SYSTEM WORKS) [File not signed]
FirewallRules: [{2610F97E-7E44-41CA-823A-21A87ECC746B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa 2 Goodbye Despair\Launcher.exe () [File not signed]
FirewallRules: [{3B21B195-3209-4308-8028-56FAAD9D6677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa 2 Goodbye Despair\Launcher.exe () [File not signed]
FirewallRules: [{5CBEF26A-D158-4F70-B20E-6BEB261287B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia\amnesia.exe () [File not signed]
FirewallRules: [{575D4F46-F733-4CAF-860E-DC95238AD697}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia\amnesia.exe () [File not signed]
FirewallRules: [{A6AD1044-279D-4B74-BFC4-03A4108448EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hello Charlotte EP1\Game.exe () [File not signed]
FirewallRules: [{61E359CE-660A-4401-8BCA-B5C791FB3BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hello Charlotte EP1\Game.exe () [File not signed]
FirewallRules: [{AD14BF1A-19EB-4755-AE76-352C8361B3CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E003E61A-CF0D-4AB5-9175-770E5E598495}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{9C1015FC-DB91-4868-8169-5824A447A30A}C:\identityv\dwrg.exe] => (Allow) C:\identityv\dwrg.exe => No File
FirewallRules: [UDP Query User{67EE03B9-1DFF-4A47-B445-A801CA7E38BC}C:\identityv\dwrg.exe] => (Allow) C:\identityv\dwrg.exe => No File
FirewallRules: [{FED9FA09-2FA8-4D62-AE27-A8FBDB948A6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{3381A145-3668-4B3B-8938-7775D599784A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{DC56CF4B-904F-4B9B-B480-55B45E8199C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{812D6492-0882-4E43-B1D5-86F37146FC34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{F7664418-5CD9-4B15-9BD7-F8D56A56D1FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{99BF5519-73B5-48C4-934D-A92288B7D87A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{C5B0EFCD-CD7D-458C-A43A-29C1C7781F5F}] => (Allow) D:\Games\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [{9E0B6BD0-CA9A-4542-93D0-446F21B19F79}] => (Allow) D:\Games\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [{FE13A4EC-FB6C-4D59-83C3-802C06C705CB}] => (Allow) D:\Games\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{2293C0CF-CFF7-47FF-8238-2C65138D4223}] => (Allow) D:\Games\steamapps\common\OneShot\steamshim.exe () [File not signed]
FirewallRules: [{81BC8A1A-1C59-492B-8169-7A35AB4A79D0}] => (Allow) D:\Games\steamapps\common\Little Nightmares II\Helios\Binaries\Win64\Little Nightmares II.exe (Tarsier Studios Malmö AB -> Tarsier Studios)
FirewallRules: [{89C503DC-AA0F-41E9-AD0A-4010B9FA6465}] => (Allow) D:\Games\steamapps\common\Little Nightmares II\Helios\Binaries\Win64\Little Nightmares II.exe (Tarsier Studios Malmö AB -> Tarsier Studios)
FirewallRules: [{BBA4C55D-2C82-4C42-B219-DA5B6B414AE9}] => (Allow) D:\apps\MediaMonkey\MediaMonkey\MediaMonkey.exe => No File
FirewallRules: [{4FEAB31F-D037-4E34-BC11-E661D695369B}] => (Allow) D:\apps\MediaMonkey\MediaMonkey\MediaMonkey.exe => No File
FirewallRules: [{F4BC1931-6235-4F37-8D83-0642E3F2A023}] => (Allow) D:\apps\MediaMonkey\MediaMonkey\MediaMonkey.exe => No File
FirewallRules: [{C12F30CE-1B7B-48DE-A1A0-9E75A6469348}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1606343A-717E-44E7-B367-63970101C62F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58F4010B-E0E1-4972-AA51-28555BE6C04B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F506F9C7-5B00-4FEF-AB30-9E2A204AAC6E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4336789-5FB3-4EBE-B1A8-F5DBAB47C4BA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9061D3AD-71CF-4333-A2BC-CA84EEF6F01F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AAF80E15-1BA6-4F1A-A849-CF2B74D06948}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C78EB88-10E3-496F-8F92-D6F84D15FA85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACEA1451-D591-4D7E-A59C-17F5EAA98F07}] => (Allow) D:\Games\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{43F77435-5292-4ECC-B53F-78DC1C45D90E}] => (Allow) D:\Games\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [TCP Query User{E5861B43-34D9-4486-A05E-1443668BC66E}D:\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) D:\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [UDP Query User{D938E462-9458-4631-914E-6905F696BCC1}D:\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) D:\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{9E39822A-4706-41D2-B07E-53B58F3F5BED}] => (Block) D:\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{205BC87B-AD33-4AD5-AD01-20881CA19D7F}] => (Block) D:\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{CC684B8A-2376-4344-B2C5-068C59C4B976}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4325BE2-B0AA-4C90-945E-3AC59A518D30}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A615B62-14BB-4D41-B2D0-BC4E2E2F6CCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3977894-4D99-49FE-B7C9-BEFDE2A2EE4F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0FDADA82-4AE0-4C5D-830B-6D9591DA8142}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FA6B6A9-4C2C-47CD-BEF6-337C175BB1A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{900BDD36-3BE1-4157-BBB0-A153646038C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{249FCB85-A103-4071-AD7B-99493CAE8975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A607E1DD-E105-4A25-8C51-71CE9BA92931}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F5425BB6-B0CF-4A8A-A4FF-8E01CE4AB6E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{222170E7-9578-498D-A15F-C1207F4813F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA3EA25E-F481-4BD3-B6B0-B8296ABB5F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63332B5A-19B4-43D9-9135-0A0D344CEFC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42A240DB-7BCB-4152-86A2-989DB3077A8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF169FAA-D38B-4FED-B4C4-693007BBED1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAE6BB81-9F98-4B73-A281-8796319F903D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D04D6C12-34C6-4B43-8C35-7CD9E759D3ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74A279BF-02C2-4A81-960B-E1B8B5136F67}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{F256CF90-27A7-461F-AEF8-7890BB80FECD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14131.20278.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B27439A-6CB2-4BA2-AC32-23CFDE23B604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{DBEB4CE7-77DF-4D81-B76C-F265A8E37B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{1EF89A82-95CC-41E4-B2EC-456760A5627C}C:\users\sonic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sonic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{070D52CE-AE45-4217-8899-E8C8B859C472}C:\users\sonic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sonic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

03-07-2021 21:32:24 backup
03-07-2021 21:41:11 Windows Modules Installer
07-07-2021 15:14:13 Windows Modules Installer
07-07-2021 15:18:49 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2021 09:19:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obs64.exe, version: 27.0.1.0, time stamp: 0x60c393c7
Faulting module name: libmfxhw64.dll_unloaded, version: 9.19.11.21, time stamp: 0x5dd6a0ca
Exception code: 0xc0000005
Fault offset: 0x00000000001300f3
Faulting process id: 0x4f24
Faulting application start time: 0x01d7738ceee904ea
Faulting application path: C:\Program Files\obs-studio\bin\64bit\obs64.exe
Faulting module path: libmfxhw64.dll
Report Id: d50e055c-843b-4899-b22c-e30690ae5ed3
Faulting package full name: 
Faulting package-relative application ID:

Error: (07/07/2021 04:08:31 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (07/07/2021 03:47:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.


System errors:
=============
Error: (07/09/2021 09:41:20 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :0" could not be registered on the interface with IP address 192.168.1.22.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.

Error: (07/09/2021 09:41:20 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :20" could not be registered on the interface with IP address 192.168.1.22.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.

Error: (07/09/2021 09:41:20 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{B26C4B6C-7461-4D05-9E45-6779EDD0FD47} because another computer on the network has the same name.  The server could not start.

Error: (07/09/2021 09:41:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :0" could not be registered on the interface with IP address 192.168.1.19.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.

Error: (07/09/2021 09:41:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :20" could not be registered on the interface with IP address 192.168.1.19.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.

Error: (07/09/2021 09:41:17 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{6B4728AB-8FCD-4BB5-9DCE-FB91A101BC8D} because another computer on the network has the same name.  The server could not start.

Error: (07/08/2021 06:48:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :20" could not be registered on the interface with IP address 192.168.1.22.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.

Error: (07/08/2021 06:48:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MSI            :0" could not be registered on the interface with IP address 192.168.1.22.
The computer with the IP address 192.168.1.21 did not allow the name to be claimed by
this computer.


Windows Defender:
================
Date: 2021-07-02 19:33:20
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-07-02 19:19:33
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-29 23:12:43
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-28 18:30:41
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-28 12:17:28
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-29 19:22:22
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-29 19:22:22
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-29 19:22:22
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-29 10:50:02
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-29 10:50:02
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.25.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

CodeIntegrity:
===============
Date: 2021-07-09 09:41:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\Norton Security\Engine\22.21.5.44\symamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. E17F2IMS.109 05/19/2020
Motherboard: Micro-Star International Co., Ltd. MS-17F2
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 51%
Total physical RAM: 16228.05 MB
Available physical RAM: 7908.33 MB
Total Virtual: 28004.05 MB
Available Virtual: 15262.13 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:475.64 GB) (Free:304.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1844.17 GB) (Free:1265.44 GB) NTFS

\\?\Volume{b0f02993-34d9-4b58-af65-82175c9bb357}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.44 GB) NTFS
\\?\Volume{29df83a2-32fc-42b9-b24c-79b4783077bc}\ (BIOS_RVY) (Fixed) (Total:18.85 GB) (Free:0.68 GB) NTFS
\\?\Volume{ac9d5099-58e8-4c9a-8ee1-c8feb1b68d03}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================