|
-
March 11th, 2023, 10:30 AM
#1
 [RESOLVED] My pc is running very slow
I recently just installed a new graphics card and after installation my pc started fine perhaps a little slower than normal but expected i then installed avast on my pc and shortly after installing that i got an error message popping up on my screen windows cannot find c:\tmp\obs64.scr and it would consistently pop up i uninstalled obs stuidos and then had a second error message pop up saying windows cannot find script command and it was another file relating to obs studios but a different one with vbs at the end i followed a youtube video to install autoruns and did a file check for the file it was listing which did not show then video prompted me to search for a different file relating to it which i found and i deleted that file and im not sure whats going on my my pc is taking over 5 mins to start up and everything runs super slow for the first 20 mins or more as before my pc would start up in 27 seconds i have run the finbar scan and here is the logs it found please help
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2023
Ran by snapp (administrator) on NOVA (11-03-2023 13:50:42)
Running from C:\Users\snapp\Desktop
Loaded Profiles: snapp
Platform: Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <2>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCopyAccelerator.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Discord Inc. -> Discord Inc.) C:\Users\snapp\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\u0389188.inf_amd64_cd9701bcd4981eb7\B389045\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389188.inf_amd64_cd9701bcd4981eb7\B389045\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389188.inf_amd64_cd9701bcd4981eb7\B389045\atiesrxx.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1092576 2023-02-27] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [enablesmartscreen] 0
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2628488 2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [Discord] => C:\Users\snapp\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2023-02-07] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [MicrosoftEdgeAutoLaunch_008DE36F3D073F230CB792BE4144BBD9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [145872 2022-08-08] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\MountPoints2: {59a4a5cb-8d34-11eb-9f5c-7085c2c41529} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\Canon TS3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDR.DLL [482816 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: C:\WINDOWS\system32\CNMLMDR.DLL [1302016 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.64\Installer\chrmstp.exe [2023-03-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-12-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B1E145-FBF7-4081-957E-54EB49424528} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B1F634F-C107-4AEF-8B54-E2E3F7EF1108} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {25D2C2C1-B5CB-46F2-BCF5-F8D349881339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-18] (Google LLC -> Google LLC)
Task: {29047DBA-DFE8-4196-A9FF-97DABE99E898} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {299F393D-4522-4B47-9533-7E7B221E6BE5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {29B111CA-4EDF-4E5C-B554-26D1DA96F73D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BE0A9D3-ED34-40EB-B257-2E54A9F5318A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4BCD8AE7-8E1E-4CBA-AEF1-5EB4C1A5F3BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55295EFE-2C2B-4BD6-BD05-33E2EF7A547E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-18] (Google LLC -> Google LLC)
Task: {6F4A1684-7986-401B-B4F0-434FCFEBB1F9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {735AE5C1-8C05-49D9-B07F-2D6BC0D4272A} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7A31BEF1-8DF2-4F2A-B0F5-5C989544D407} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7A7E97E8-D1EB-45A2-9B6E-4C497A835E5D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {96132C3D-573C-449E-9BF3-795D2109FFD1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B1F530B2-9629-422F-834E-3F30AB435B58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C6169CD9-B30F-4C94-A1A2-B65394FA6F80} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {CAE6284D-007D-4FE2-BB52-412F499B362B} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [710584 2023-03-05] (Advanced Micro Devices Inc. -> AMD)
Task: {E70AC986-D3A4-4C89-B175-99F313CEF0F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FAE00718-C2F6-4152-B109-E84D5963EE5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC4F2864-2F16-490D-937B-EE3A4DFF5209} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF62AB6B-9547-4D5C-925A-30739F727D02} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {FFFFEE32-3F7B-4485-8E0A-9D988694C37A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1831343195-971935447-3481176198-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{82de0511-d20c-4cb4-a39f-b8e8da2e06ba}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\snapp\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-11]
Edge DownloadDir: Default -> C:\Users\snapp\Downloads
Edge HomePage: Default -> hxxps://www.google.com/?authuser=0
Edge StartupUrls: Default -> "hxxps://www.google.com/"
Edge Extension: (YouTube With Friends) - C:\Users\snapp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boifjkmdjemnjadceofnlcnnfmjfjcoj [2022-06-17]
Edge Extension: (Dark Reader) - C:\Users\snapp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2023-01-27]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\snapp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2023-03-06]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-02-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-02-27] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default [2023-03-11]
CHR DownloadDir: C:\Users\snapp\Downloads
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://my.ionos.co.uk; hxxps://www.thesun.ie; hxxps://www.tiktok.com
CHR HomePage: Default -> hxxps://www.google.com/?authuser=0
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (YouTube With Friends) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\boifjkmdjemnjadceofnlcnnfmjfjcoj [2021-09-04]
CHR Extension: (Dark Reader) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-01-09]
CHR Extension: (Google Docs Offline) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-03]
CHR Extension: (Pinterest Save button) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2023-01-01]
CHR Extension: (Midnight Dance (T11)) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfinlmgdejhpldlpihekmlofgpeh***d [2021-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-02-28]
CHR Profile: C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-22]
CHR Profile: C:\Users\snapp\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [928224 2023-02-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [509880 ] (Advanced Micro Devices Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncHelper.exe [3486600 2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-01-03] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-10-07] (GOG Sp. z o.o. -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-03-08] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9084512 2023-03-11] (Malwarebytes Inc. -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-07-01] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7973464 2020-06-22] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\OneDriveUpdaterService.exe [3865992 2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2023-02-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2023-02-07] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2667864 2023-02-12] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2023-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0389188.inf_amd64_cd9701bcd4981eb7\B389045\amdkmdag.sys [100038536 2023-03-08] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-12-31] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198112 2023-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-03-11] (Malwarebytes Inc. -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-07-01] (Mail.Ru LLC -> LLC Mail.Ru)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2020-01-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-11 13:50 - 2023-03-11 13:51 - 000028278 _____ C:\Users\snapp\Desktop\FRST.txt
2023-03-11 13:49 - 2023-03-11 13:51 - 000000000 ____D C:\FRST
2023-03-11 13:46 - 2023-03-11 13:46 - 002378752 _____ (Farbar) C:\Users\snapp\Desktop\FRST64.exe
2023-03-11 13:29 - 2023-03-11 13:29 - 000000000 ___HD C:\$SysReset
2023-03-11 13:13 - 2023-03-11 13:13 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-03-11 12:08 - 2023-03-11 12:08 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-11 12:08 - 2023-03-11 12:08 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-11 12:08 - 2023-03-11 12:08 - 000000000 ____D C:\Users\snapp\AppData\Local\mbam
2023-03-11 12:06 - 2023-03-11 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-11 12:06 - 2023-03-11 12:06 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-11 11:41 - 2023-03-11 11:42 - 000342280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-10 22:19 - 2023-03-11 12:04 - 000000000 ____D C:\Users\snapp\AppData\Local\AvastAntiTrackPremium
2023-03-10 22:19 - 2023-03-10 22:19 - 000000000 _RSHD C:\ProgramData\Key-Base
2023-03-10 22:19 - 2023-03-10 22:19 - 000000000 ____D C:\ProgramData\{9756BCAA-A545-2D9D-F5F1-8CA441B09098}
2023-03-10 22:16 - 2023-03-10 22:18 - 002580896 _____ (Malwarebytes) C:\Users\snapp\Downloads\MBSetup-074C1994.exe
2023-03-10 21:33 - 2023-03-10 21:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2023-03-10 21:07 - 2023-03-10 21:07 - 000000000 ____D C:\Users\snapp\Downloads\Autoruns
2023-03-10 21:06 - 2023-03-10 21:06 - 003862520 _____ C:\Users\snapp\Downloads\Autoruns.zip
2023-03-10 20:27 - 2023-03-10 20:27 - 000000000 ___HD C:\$AV_ASW
2023-03-10 20:22 - 2023-03-11 13:12 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-03-10 20:07 - 2023-03-11 13:01 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-03-10 20:06 - 2023-03-11 13:12 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-10 20:06 - 2023-03-10 20:06 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-03-10 20:05 - 2023-03-10 20:05 - 000263008 _____ (AVAST Software) C:\Users\snapp\Downloads\avast_free_antivirus_setup_online.exe
2023-03-10 20:04 - 2023-03-10 20:07 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-03-10 19:47 - 2023-03-11 03:00 - 000002372 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2023-03-10 19:46 - 2023-03-11 03:00 - 000002504 _____ C:\WINDOWS\system32\Tasks\StartAUEP
2023-03-10 19:44 - 2023-03-10 19:44 - 000000000 ____D C:\Users\snapp\AppData\LocalLow\AMD
2023-03-10 19:41 - 2023-03-11 13:14 - 000003096 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-10 19:39 - 2023-03-11 13:14 - 000003088 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-10 19:39 - 2023-03-11 03:00 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-03-10 19:39 - 2023-03-11 03:00 - 000002402 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-10 19:39 - 2023-03-10 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-03-10 19:38 - 2023-03-11 03:00 - 000002194 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-03-10 19:38 - 2023-03-11 03:00 - 000002114 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-03-10 19:38 - 2023-03-10 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-03-10 19:36 - 2023-03-08 20:49 - 002248024 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-10 19:36 - 2023-03-08 20:49 - 002248024 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-03-10 19:36 - 2023-03-08 20:49 - 001654616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-10 19:36 - 2023-03-08 20:49 - 001654616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-03-10 19:36 - 2023-03-08 20:49 - 001472944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 001472944 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 001196320 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 001196320 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000801160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000714632 _____ C:\WINDOWS\system32\hiprt0200064.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000678232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000606088 _____ C:\WINDOWS\system32\GameManager64.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000547720 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000541016 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000502152 _____ C:\WINDOWS\system32\EEURestart.exe
2023-03-10 19:36 - 2023-03-08 20:49 - 000459616 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000206216 _____ C:\WINDOWS\system32\mantle64.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000185736 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000163208 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000147336 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000051032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-03-10 19:36 - 2023-03-08 20:49 - 000047960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-03-10 19:36 - 2023-03-08 20:48 - 000542040 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-03-10 19:36 - 2023-03-08 20:48 - 000360792 _____ C:\WINDOWS\system32\clinfo.exe
2023-03-10 19:36 - 2023-03-08 20:47 - 000948056 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-03-10 19:36 - 2023-03-08 20:47 - 000535432 _____ C:\WINDOWS\system32\atieah64.exe
2023-03-10 19:36 - 2023-03-08 20:47 - 000266120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-03-10 19:36 - 2023-03-08 20:47 - 000226696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-03-10 19:36 - 2023-03-08 20:47 - 000195928 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-03-10 19:36 - 2023-03-08 20:47 - 000183688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-03-10 19:36 - 2023-03-08 20:47 - 000146872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 084666248 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 001547656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 001547656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000524128 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000472928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000404360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-03-10 19:36 - 2023-03-08 20:46 - 000389560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000210056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000172952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000144264 _____ C:\WINDOWS\system32\atidxx64.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000118104 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-03-10 19:36 - 2023-03-08 20:46 - 000074584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-03-10 19:36 - 2023-03-08 20:45 - 100654520 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-03-10 19:36 - 2023-03-08 20:44 - 000138120 _____ C:\WINDOWS\system32\amdxc64.dll
2023-03-10 19:36 - 2023-03-08 20:44 - 000113496 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-03-10 19:36 - 2023-03-08 20:42 - 007200216 _____ C:\WINDOWS\system32\amdsmi.exe
2023-03-10 19:36 - 2023-03-08 20:42 - 002265992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-03-10 19:36 - 2023-03-08 20:42 - 001320328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-03-10 19:36 - 2023-03-08 20:42 - 001048968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-03-10 19:36 - 2023-03-08 20:41 - 000942984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-03-10 19:36 - 2023-03-08 20:41 - 000770952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-03-10 19:36 - 2023-03-08 20:41 - 000470920 _____ C:\WINDOWS\system32\amdlogum.exe
2023-03-10 19:36 - 2023-03-08 20:41 - 000167008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-03-10 19:36 - 2023-03-08 20:41 - 000136448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-03-10 19:36 - 2023-03-08 20:40 - 001725512 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-03-10 19:36 - 2023-03-08 20:40 - 001399928 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-10 19:36 - 2023-03-08 20:39 - 016175544 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-03-10 19:36 - 2023-03-08 20:39 - 000568248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-03-10 19:36 - 2023-03-08 20:39 - 000432056 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 004359096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 004165512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 000567760 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 000176928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 000167048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 000151072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-03-10 19:36 - 2023-03-08 20:38 - 000136496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-03-10 19:36 - 2023-03-08 20:08 - 030284712 _____ C:\WINDOWS\system32\hiprt02000_amd.hipfb
2023-03-10 19:36 - 2023-03-08 20:08 - 022879832 _____ C:\WINDOWS\system32\hiprt02000_nv.fatbin
2023-03-10 19:36 - 2023-03-08 20:08 - 002170168 _____ C:\WINDOWS\system32\oro_compiled_kernels.fatbin
2023-03-10 19:36 - 2023-03-08 20:08 - 001464232 _____ C:\WINDOWS\system32\oro_compiled_kernels.hipfb
2023-03-10 19:36 - 2023-03-08 20:07 - 094816128 _____ C:\WINDOWS\system32\amdxc64.so
2023-03-10 19:29 - 2023-03-10 19:29 - 000000000 ____D C:\Users\snapp\AppData\Roaming\AMD
2023-03-10 19:29 - 2023-03-10 19:29 - 000000000 ____D C:\Program Files (x86)\AMD
2023-03-10 19:28 - 2023-03-10 19:28 - 045484448 _____ (AMD Inc.) C:\Users\snapp\Downloads\amd-software-adrenalin-edition-23.3.1-minimalsetup-230308_web.exe
2023-03-05 14:39 - 2023-03-05 14:39 - 000856504 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Device.dll
2023-03-05 14:39 - 2023-03-05 14:39 - 000061368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Platform.dll
2023-03-02 17:42 - 2023-03-02 17:42 - 000000000 ___HD C:\adobeTemp
2023-03-02 13:54 - 2023-02-23 23:35 - 000115056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2023-03-02 13:51 - 2023-02-23 23:42 - 000142256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2023-03-02 13:51 - 2023-02-23 23:41 - 000118192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2023-03-02 13:46 - 2023-03-10 14:19 - 000000000 ____D C:\Users\snapp\AppData\Roaming\IObit
2023-03-02 13:46 - 2023-03-10 14:19 - 000000000 ____D C:\ProgramData\ProductData
2023-03-02 13:46 - 2023-03-02 13:46 - 000000000 ____D C:\Users\snapp\AppData\Roaming\instinfo
2023-03-02 13:46 - 2023-03-02 13:46 - 000000000 ____D C:\Users\snapp\AppData\LocalLow\IObit
2023-03-02 13:46 - 2023-03-02 13:46 - 000000000 ____D C:\ProgramData\IObit
2023-03-02 13:46 - 2023-03-02 13:46 - 000000000 ____D C:\ProgramData\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}
2023-03-01 14:26 - 2023-03-02 13:45 - 000000000 ____D C:\Users\snapp\Documents\Bills
2023-03-01 04:42 - 2023-03-01 04:42 - 000048328 _____ (Advanced Micro Devices) C:\WINDOWS\system32\AMDRyzenMasterDriver.sys
2023-02-27 12:06 - 2023-02-27 12:06 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2023-02-24 13:27 - 2023-03-10 23:10 - 000000000 ____D C:\Users\snapp\AppData\Local\WhatsApp
2023-02-24 13:26 - 2023-02-24 13:27 - 161239776 _____ (WhatsApp) C:\Users\snapp\Downloads\WhatsAppSetup.exe
2023-02-20 04:21 - 2023-02-20 04:21 - 000007277 _____ C:\WINDOWS\Info.xml
2023-02-16 22:02 - 2023-03-10 11:29 - 000000000 ____D C:\Users\snapp\Downloads\Svg for Business
2023-02-14 20:15 - 2023-02-14 20:15 - 000000000 ___HD C:\$WinREAgent
2023-02-12 21:19 - 2023-02-12 21:19 - 000000000 ____D C:\Users\snapp\AppData\Local\DBG
2023-02-12 19:02 - 2023-02-12 19:02 - 000010729 _____ C:\Users\snapp\AppData\Local\recently-used.xbel
2023-02-12 18:37 - 2023-02-12 18:37 - 000000223 _____ C:\Users\snapp\Desktop\Craftopia.url
2023-02-11 14:13 - 2023-02-11 14:13 - 000000000 ____D C:\Users\snapp\AppData\LocalLow\Original Studios
2023-02-11 12:35 - 2023-02-11 12:35 - 000000000 ____D C:\Users\snapp\AppData\Local\VoidTrain
2023-02-10 21:39 - 2023-02-10 21:39 - 000000000 ____D C:\Users\snapp\AppData\Local\TheRanchOfRivershine
2023-02-10 15:53 - 2023-02-10 23:13 - 000000192 _____ C:\Users\snapp\AppData\Roaming\xg_111111673_pc_seasun.dat
2023-02-10 15:53 - 2023-02-10 15:53 - 000000024 _____ C:\Users\snapp\AppData\Roaming\C23W6Vk43XTwu662.dat
2023-02-10 15:53 - 2023-02-10 15:53 - 000000000 ____D C:\Users\snapp\AppData\LocalLow\xishanju
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-11 13:50 - 2019-12-19 00:08 - 000000000 ____D C:\Users\snapp\AppData\Roaming\Discord
2023-03-11 13:47 - 2019-12-18 23:21 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-11 13:43 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-11 13:30 - 2019-12-19 03:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-11 13:30 - 2019-12-19 00:08 - 000000000 ____D C:\Users\snapp\AppData\Local\Discord
2023-03-11 13:27 - 2019-12-19 03:32 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-11 13:21 - 2021-10-18 01:31 - 000000000 ____D C:\Users\snapp\AppData\Local\AMD_Common
2023-03-11 13:17 - 2022-10-28 11:31 - 000000000 ___RD C:\Users\snapp\Creative Cloud Files
2023-03-11 13:12 - 2023-02-02 16:07 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2023-03-11 13:12 - 2020-11-19 07:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-11 13:12 - 2020-11-01 09:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-11 13:11 - 2019-12-07 09:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-03-11 13:09 - 2020-09-29 15:09 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2023-03-11 13:03 - 2022-10-28 11:22 - 000000000 ____D C:\Users\snapp\AppData\Roaming\com.adobe.dunamis
2023-03-11 12:52 - 2022-02-26 20:36 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-03-11 12:51 - 2020-12-31 18:05 - 000000000 ____D C:\Users\snapp
2023-03-11 12:44 - 2019-04-09 08:00 - 000000000 ____D C:\rei
2023-03-11 12:43 - 2020-11-19 07:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-11 12:43 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-11 12:43 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-11 12:42 - 2020-11-19 07:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-11 12:31 - 2019-12-18 22:30 - 000000000 ____D C:\Users\snapp\AppData\Local\D3DSCache
2023-03-11 12:07 - 2019-12-07 09:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-11 12:03 - 2022-02-24 16:55 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-03-11 12:03 - 2022-02-24 16:55 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-11 12:03 - 2022-01-16 01:07 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-
and the second scan file is in a second thread
-
March 11th, 2023, 10:37 AM
#2
My pc is running slow second file
1831343195-971935447-3481176198-1001
2023-03-11 11:49 - 2020-05-06 12:29 - 000000000 ____D C:\Users\snapp\AppData\Local\CrashDumps
2023-03-11 11:42 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-11 11:41 - 2019-12-18 23:33 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-11 03:00 - 2020-12-31 18:27 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-03-11 03:00 - 2020-12-31 18:27 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-03-11 03:00 - 2020-12-31 18:27 - 000002560 _____ C:\WINDOWS\system32\Tasks\AMDAutoUpdate
2023-03-11 03:00 - 2020-11-19 07:32 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-11 03:00 - 2020-11-19 07:32 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-10 23:10 - 2023-01-07 18:11 - 000000000 ____D C:\Users\snapp\Documents\The Witcher 3
2023-03-10 23:10 - 2021-11-29 17:23 - 000000000 ____D C:\Users\snapp\AppData\Roaming\SpaceEngineers
2023-03-10 23:10 - 2021-08-31 21:39 - 000000000 ____D C:\Users\snapp\AppData\Roaming\TeamViewer
2023-03-10 23:10 - 2020-12-31 16:36 - 000000000 ___DC C:\WINDOWS\Panther
2023-03-10 23:10 - 2019-12-19 12:42 - 000000000 ____D C:\Users\snapp\AppData\Roaming\WhatsApp
2023-03-10 23:10 - 2019-12-19 00:08 - 000000000 ____D C:\Users\snapp\AppData\Local\SquirrelTemp
2023-03-10 23:10 - 2019-12-18 22:31 - 000000000 ____D C:\Users\snapp\AppData\Local\VirtualStore
2023-03-10 23:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-10 23:09 - 2021-05-26 08:44 - 000000000 ____D C:\Users\snapp\.idlerc
2023-03-10 23:08 - 2021-08-31 21:39 - 000000000 ____D C:\Program Files\TeamViewer
2023-03-10 23:08 - 2020-12-31 15:24 - 000000000 ____D C:\ProgramData\AomeiBR
2023-03-10 23:08 - 2019-12-03 12:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Olympus Games
2023-03-10 22:00 - 2022-09-26 20:48 - 000000000 ____D C:\ProgramData\obs-studio-hook
2023-03-10 22:00 - 2019-04-29 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-03-10 21:40 - 2020-12-31 15:25 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-03-10 21:30 - 2020-12-31 15:25 - 000000312 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-03-10 21:28 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-10 20:27 - 2023-01-27 22:12 - 000000000 __SHD C:\tmp
2023-03-10 20:06 - 2019-12-18 22:30 - 000000000 ____D C:\Users\snapp\AppData\Local\AMD
2023-03-10 20:03 - 2022-10-03 12:47 - 000000000 ____D C:\Users\snapp\AppData\Roaming\Cricut Design Space
2023-03-10 19:46 - 2019-12-18 21:13 - 000000000 ____D C:\Program Files\AMD
2023-03-10 19:33 - 2019-04-08 15:47 - 000000000 ____D C:\AMD
2023-03-10 19:16 - 2020-06-13 17:18 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-03-10 14:25 - 2022-11-02 08:16 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-03-10 14:22 - 2022-12-09 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-03-10 14:21 - 2019-04-08 17:01 - 000000000 ____D C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-08 20:46 - 2021-10-07 18:02 - 002028424 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-03-08 20:40 - 2022-11-13 17:02 - 000187480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-03-08 20:40 - 2021-10-07 18:01 - 000231800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-03-08 20:01 - 2022-12-12 19:08 - 000000000 ____D C:\Users\snapp\Documents\cv
2023-03-08 14:18 - 2019-04-08 15:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-07 19:25 - 2020-11-19 07:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-05 21:11 - 2019-12-18 21:14 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-03-05 19:52 - 2021-10-18 01:24 - 003034248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2023-03-04 16:48 - 2022-02-24 16:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-03 15:04 - 2022-10-03 12:47 - 000002489 _____ C:\Users\snapp\Desktop\Cricut Design Space.lnk
2023-03-01 15:38 - 2020-11-19 07:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-01 15:38 - 2019-12-18 22:30 - 000000000 ____D C:\Users\snapp\AppData\Local\ConnectedDevicesPlatform
2023-02-28 16:23 - 2020-12-31 18:13 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-27 12:06 - 2022-10-28 11:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-02-27 12:06 - 2022-10-28 11:24 - 000000000 ____D C:\Program Files\Adobe
2023-02-27 12:06 - 2022-10-28 11:24 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-02-24 13:28 - 2021-11-25 17:56 - 000002197 _____ C:\Users\snapp\Desktop\WhatsApp.lnk
2023-02-24 13:28 - 2019-05-08 22:43 - 000000000 ____D C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2023-02-18 01:51 - 2021-04-15 14:54 - 000000000 ____D C:\Users\snapp\AppData\Roaming\WeMod
2023-02-16 20:26 - 2022-11-08 14:06 - 000000000 ____D C:\Users\snapp\AppData\Local\babl-0.1
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 03:44 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-14 20:49 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-14 20:42 - 2020-11-19 07:32 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-14 01:05 - 2022-10-13 20:09 - 000000000 ____D C:\Users\snapp\AppData\Local\WeMod
2023-02-14 01:05 - 2021-04-15 14:54 - 000002169 _____ C:\Users\snapp\Desktop\WeMod.lnk
2023-02-14 01:05 - 2019-09-08 12:35 - 000000000 ____D C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2023-02-13 21:51 - 2020-07-31 01:20 - 000000000 ____D C:\Users\snapp\AppData\Roaming\TS3Client
2023-02-12 20:43 - 2022-06-19 21:04 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2023-02-12 20:43 - 2020-05-17 13:32 - 000000000 ____D C:\Program Files\Rockstar Games
2023-02-12 18:46 - 2022-11-08 15:08 - 000000000 ____D C:\Users\snapp\AppData\Local\gtk-2.0
2023-02-09 20:05 - 2020-02-14 17:42 - 000000000 ____D C:\Program Files (x86)\Origin
2023-02-09 18:54 - 2023-01-30 00:10 - 000000000 ____D C:\Users\snapp\AppData\Local\RedM
==================== Files in the root of some directories ========
2019-10-23 07:39 - 2015-12-18 22:41 - 000573952 _____ () C:\Users\snapp\DS4Updater.exe
2019-10-23 07:39 - 2016-10-08 22:17 - 003168256 _____ () C:\Users\snapp\DS4Windows.exe
2023-02-10 15:53 - 2023-02-10 15:53 - 000000024 _____ () C:\Users\snapp\AppData\Roaming\C23W6Vk43XTwu662.dat
2023-02-10 15:53 - 2023-02-10 23:13 - 000000192 _____ () C:\Users\snapp\AppData\Roaming\xg_111111673_pc_seasun.dat
2023-02-12 19:02 - 2023-02-12 19:02 - 000010729 _____ () C:\Users\snapp\AppData\Local\recently-used.xbel
==================== FLock ==============================
2022-12-15 23:07 C:\WINDOWS\system32\smartscreen.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Microsoft Windows 10 Home Version 22H2 19045.2604 (X64) (2020-12-31 18:28:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1831343195-971935447-3481176198-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1831343195-971935447-3481176198-503 - Limited - Disabled)
Guest (S-1-5-21-1831343195-971935447-3481176198-501 - Limited - Disabled)
snapp (S-1-5-21-1831343195-971935447-3481176198-1001 - Administrator - Enabled) => C:\Users\snapp
WDAGUtilityAccount (S-1-5-21-1831343195-971935447-3481176198-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.10.0.573 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.2.0.18 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_0) (Version: 24.0.0.59 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.0.1424 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.0.1424 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{260a52b1-dc81-4e22-b58d-5dd3b57a7b65}) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.) Hidden
Anno 2070 Complete Edition (HKLM-x32\...\Uplay Install 678) (Version: - Ubisoft)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Biomutant (HKLM-x32\...\1633865805_is1) (Version: 1.4 - GOG.com)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Cricut Design Space (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\{113DD42F-AE80-489B-8F15-FB8499306C48}) (Version: 7.28.136 - Cricut, Inc.)
Discord (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
GIMP 2.10.32-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.64 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.24.248 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.24.248 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.16130.20218 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.038.0219.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\Teams) (Version: 1.5.00.4689 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NOW TV Player 8.5.1.0 (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\com.bskyb.nowtvplayer_is1) (Version: 8.5.1.0 - NOW TV)
NVIDIA GeForce NOW 2.0.30.112 (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.30.112 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
OpenOffice 4.1.10 (HKLM-x32\...\{7CC01309-694E-48C0-86A7-1DDEE4232E9A}) (Version: 4.110.9807 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.119.52718 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
REDlauncher (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
RedM (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\CitizenFX_RedM) (Version: - Cfx.re)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1210.1 - GIGABYTE)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.69.1334 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{9AD089CB-3A6C-4F55-A210-7DF503DFF95A}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
WeMod (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\WeMod) (Version: 8.4.1 - WeMod)
WhatsApp (HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.940 - Broadcom Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-10-28] (Adobe Systems Incorporated)
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.22.40027.0_x64__0a9344xs7nr4m [2023-02-25] (Advanced Micro Devices Inc.)
Bloons Monkey City -> C:\Program Files\WindowsApps\NinjaKiwi.BloonsMonkeyCity_1.12.4.0_x86__g04ay3csa72hr [2023-01-28] (Ninja Kiwi)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-21] (Canon Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-08] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt [2023-02-28] (Meta) [Startup Task]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-08-16] (Any DVD & Office App)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-14] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-28] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1831343195-971935447-3481176198-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-203EDEC1C474} -> [Creative Cloud Files] => C:\Users\snapp\Creative Cloud Files [2022-10-28 11:31]
CustomCLSID: HKU\S-1-5-21-1831343195-971935447-3481176198-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\snapp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1831343195-971935447-3481176198-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1831343195-971935447-3481176198-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-02] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-02] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-02] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-02] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncShell64.dll [2023-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-02] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-11] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\snapp\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TikTok (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TikTok.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube Music (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TikTok.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\snapp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
==================== Loaded Modules (Whitelisted) =============
2022-10-28 15:06 - 2022-10-28 15:06 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2022-10-28 15:06 - 2022-10-28 15:06 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2022-02-24 16:53 - 2022-02-24 16:53 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2022-02-24 16:53 - 2022-02-24 16:53 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2021-12-22 20:38 - 2021-09-23 09:36 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-12-22 20:38 - 2021-09-23 09:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-22 20:38 - 2021-09-23 09:36 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-02-09 20:05 - 2021-09-23 09:36 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
-
March 11th, 2023, 10:38 AM
#3
My pc is running slow second file part 2
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\snapp\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-19 04:30 - 2019-12-19 04:27 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\snapp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1831343195-971935447-3481176198-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_008DE36F3D073F230CB792BE4144BBD9"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4A741B0C-832B-495C-A315-C3BF03C21E71}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.3.0\ABService.exe => No File
FirewallRules: [{A72B7C1E-3F5B-49DA-B666-F2A98FDB14D9}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.3.0\ABService.exe => No File
FirewallRules: [{B7A83FA2-A0E8-4984-A73C-17D8A12DB80F}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{B6E34CDD-4859-4943-9C71-73CDB0FF0ED0}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{0A1BF255-350E-4912-8474-E3F0B0D14F6A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{C5575C8B-4B00-42A0-BD20-7ACF7EB4575E}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [UDP Query User{84EABF5B-4772-4C2B-8591-CE678357B61A}C:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe => No File
FirewallRules: [TCP Query User{755F6AA5-4D2D-4D96-AF9A-4BEE04369B55}C:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base82893\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0EDBA478-B70D-43BA-8568-5D3A554F4A68}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{433B53A7-B687-42F1-9548-B3FD6C81910F}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{8AC64219-2E42-49E2-B875-A3F8F3A0458A}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{97BDFED0-B222-4C4A-AD99-25D0CC22066A}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{E5D3FC04-FDFF-42C2-992D-D246AB142DE5}C:\program files (x86)\starcraft ii\versions\base82457\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base82457\sc2_x64.exe => No File
FirewallRules: [TCP Query User{5D83D3CA-5BAF-4967-9AEA-08272E4D99EC}C:\program files (x86)\starcraft ii\versions\base82457\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base82457\sc2_x64.exe => No File
FirewallRules: [{BE71900A-5D47-4762-AB81-FB4F4BE98D57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{723018D8-D243-4CDC-9B74-EEDD0EF13F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{36EB5928-A94C-468C-8E26-BBE961AA5F24}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{331D9C78-2FF7-4342-AE89-0C20863E71F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D71139E-CBB5-4ED4-9424-5303F7042935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin => No File
FirewallRules: [{67570DB1-8C23-487E-85AC-DDE047C7A005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin => No File
FirewallRules: [TCP Query User{4A52B5D6-D2BB-4600-B12D-6C00D9D00FBE}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\client\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\client\empyrion.exe => No File
FirewallRules: [UDP Query User{7D2C51A7-B2B6-40EA-A389-3EDBA9F07329}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\client\empyrion.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\client\empyrion.exe => No File
FirewallRules: [TCP Query User{3EBDB578-AD6C-4F9A-9F30-DCD2AB966EB5}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\dedicatedserver\empyriondedicated.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\dedicatedserver\empyriondedicated.exe => No File
FirewallRules: [UDP Query User{F39C58FE-A38F-455C-A0BF-F58E7BDCF7D9}C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\dedicatedserver\empyriondedicated.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empyrion - galactic survival\dedicatedserver\empyriondedicated.exe => No File
FirewallRules: [{0E91CAC3-45B2-4019-8DB2-63B8FA09C580}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{52D686A6-A00B-4F93-85FF-AAA5420C914F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B21738A5-C763-4A93-A346-D78A1A928F5A}] => (Allow) C:\Users\snapp\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{F8F88091-5FA1-4D26-B172-64CC47F9F4F0}] => (Allow) C:\Users\snapp\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{32165739-B08A-45D6-A6A8-0470D5BFC159}] => (Allow) C:\Users\snapp\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{1A8A549F-40EC-419D-987B-2C08A417D6AA}] => (Allow) C:\Users\snapp\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [TCP Query User{1B83DD43-7830-4DCA-94DD-A267AB88390B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{3576B4D6-C431-4683-9A21-BAA26C8BA695}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{27A8C1AB-979C-46DE-B560-929B8454C3C3}C:\games\world_of_tanks_eu_(2)\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu_(2)\win32\worldoftanks.exe => No File
FirewallRules: [UDP Query User{55CC51AA-09AB-4D90-9D30-C6281487D141}C:\games\world_of_tanks_eu_(2)\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu_(2)\win32\worldoftanks.exe => No File
FirewallRules: [TCP Query User{3B55BA3C-1E99-4D6D-A3F7-81C6708BC25E}C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe => No File
FirewallRules: [UDP Query User{C05D6EC2-6742-400E-B468-1FE250FC78E7}C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe => No File
FirewallRules: [TCP Query User{FA82D803-6CFA-4F67-93EC-489E583E29C8}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe => No File
FirewallRules: [UDP Query User{75DC55A9-53A8-41D8-B0F1-7DE1437B6113}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe => No File
FirewallRules: [TCP Query User{EEE72649-67B9-40EC-AED7-AB9E4CB6D6FA}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => No File
FirewallRules: [UDP Query User{4CB97262-E109-4929-BF1A-D2BB6E0F9633}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => No File
FirewallRules: [{5E57CEB6-AE80-4CEA-992D-EA666F9C057A}] => (Allow) C:\Program Files\Epic Games\BreakpointFreeTrial\GRB_BE.exe => No File
FirewallRules: [{F964DA15-67C8-49A5-8078-0EC695A5A116}] => (Allow) C:\Program Files\Epic Games\BreakpointFreeTrial\GRB_BE.exe => No File
FirewallRules: [TCP Query User{4B229900-9163-41A6-A8B8-72CEA489918F}C:\program files\epic games\breakpointfreetrial\grb.exe] => (Allow) C:\program files\epic games\breakpointfreetrial\grb.exe => No File
FirewallRules: [UDP Query User{0C46CD74-D05E-42B7-968E-D425B16EB4E1}C:\program files\epic games\breakpointfreetrial\grb.exe] => (Allow) C:\program files\epic games\breakpointfreetrial\grb.exe => No File
FirewallRules: [TCP Query User{D5E585BA-40BA-4686-B744-52E1B2C58F8F}C:\games\world_of_tanks_eu_(2)\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu_(2)\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{0E07FADA-66B2-4617-8A83-64FBAA4CF43F}C:\games\world_of_tanks_eu_(2)\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu_(2)\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{C59B3204-1601-49F3-9F21-C57DD8166B66}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{DD5F2150-D870-4553-B919-96230113B804}C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\snapp\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{12CB567A-5398-474A-A3D2-D5547AC1B8DC}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{0C238518-4606-4A83-BEEB-67686E8C630D}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{CDF2C282-0928-41D7-B15D-E1C9CB4E712D}C:\users\snapp\appdata\local\fivem\fivem.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{539C6A5A-A8FE-4E7B-B231-21F8C2D99905}C:\users\snapp\appdata\local\fivem\fivem.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{7667C5F7-F2F8-4686-93DC-63EF5ED29A27}C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{362289F7-592A-4E38-A6CD-EA2E48E83B49}C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{FDF08816-C5F9-485C-AF23-0013F3988075}C:\program files\windowsapps\facebook.317180b0bb486_520.3.60.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_520.3.60.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{8707EA4D-A221-4EDA-AF4B-EC2B967AECA6}C:\program files\windowsapps\facebook.317180b0bb486_520.3.60.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_520.3.60.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{6085B5FD-F26B-45D0-BA13-818C10AC4322}C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe => No File
FirewallRules: [UDP Query User{E850024F-1DE2-4D7F-A720-B1C8FD8B30ED}C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe => No File
FirewallRules: [{8EE2113B-098D-4A49-8A66-9639DB7A0254}] => (Allow) LPort=3001
FirewallRules: [TCP Query User{EB4CBB43-AE6F-459A-9B10-8B12D048AA1D}C:\program files (x86)\steam\steamapps\common\eco\eco_data\server\ecoserver32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eco\eco_data\server\ecoserver32.exe => No File
FirewallRules: [UDP Query User{46842699-F5CD-4CEF-B968-B222DD1CF085}C:\program files (x86)\steam\steamapps\common\eco\eco_data\server\ecoserver32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eco\eco_data\server\ecoserver32.exe => No File
FirewallRules: [TCP Query User{78D8A5DC-2C06-4412-AA7C-114EBEEDCFAB}C:\users\snapp\appdata\local\fivem\fivem.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{3B901C09-9D7A-47FA-8EF5-64A96FB74A70}C:\users\snapp\appdata\local\fivem\fivem.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.exe => No File
FirewallRules: [TCP Query User{CEAD5BBF-CBD9-404B-83C7-56D5A76C29E3}C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{2FB6551D-B0D1-423C-806D-42BA8FDE5311}C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{8F967156-A7AC-4BE1-8413-787BFEA176E6}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File
FirewallRules: [UDP Query User{ED94D3E9-C55A-4F60-AC1C-112A4FF02CCA}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File
FirewallRules: [TCP Query User{1437F5E1-5850-4F65-A765-7CB91ECF127B}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe => No File
FirewallRules: [UDP Query User{DCDDBCBE-1900-4388-8047-BB9D00D98510}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe => No File
FirewallRules: [TCP Query User{CB40E3B3-0B4A-4F5F-97D9-774DF19E79BD}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{6924FE76-ED5A-4624-861C-43368C0ADCA2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{C2C39C8B-D1CB-4876-9F09-C3CDC9DF0085}C:\program files (x86)\steam\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe => No File
FirewallRules: [UDP Query User{36DA5E51-0F4D-4BBB-BAF0-1706C3EDBE1C}C:\program files (x86)\steam\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe => No File
FirewallRules: [TCP Query User{F71468B3-952A-453E-8610-50E9252B5064}C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{A690E7DF-60E1-49DD-9965-BB0BE991241F}C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_620.8.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{9E057782-11B9-4EE2-8C18-A71A254487BB}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [UDP Query User{3560645C-E217-4312-AEE8-076ECC0FE390}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [TCP Query User{CCE59CF5-7474-4140-9E5A-F1D957EF799C}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe => No File
FirewallRules: [UDP Query User{B28FE712-C064-4082-8011-921F5D05295C}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe => No File
FirewallRules: [{4B837B17-A99C-453C-B0C8-B14F71518A13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe => No File
FirewallRules: [{E6437188-678F-4446-950D-C8332B878F1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe => No File
FirewallRules: [{71BEC7F7-F802-49F3-93AA-93543F364B79}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{7785D1CF-F1FD-4C9A-9C50-067A70102D1E}C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0AFB4F91-6DF2-4765-BE9E-446A00564BB4}C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe => No File
FirewallRules: [TCP Query User{5F449207-475D-49E8-8233-FB10314E3DC1}C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [UDP Query User{3D51100D-9A2B-4E5E-A514-8F7E5A9051C8}C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe => No File
FirewallRules: [TCP Query User{2F8CEC31-CD8F-4291-8D48-D0261C99787E}C:\program files (x86)\gog galaxy\games\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) C:\program files (x86)\gog galaxy\games\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe (Experiment 101) [File not signed]
FirewallRules: [UDP Query User{6921C7E5-EF30-4C1D-97B7-85144996E1F7}C:\program files (x86)\gog galaxy\games\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) C:\program files (x86)\gog galaxy\games\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe (Experiment 101) [File not signed]
FirewallRules: [{A9F622A9-379D-42E3-9A34-00FE8B251D09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe => No File
FirewallRules: [{CEA664CD-4895-4E61-BDD5-B098F325A785}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe => No File
FirewallRules: [TCP Query User{387D9457-04B9-42FD-8A72-7E17818470CE}C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{4E70F0DD-5117-4731-877E-F413E9573408}C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{F32C332C-CA8A-4A47-A9CA-9D7BDF425D08}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{7ADFA136-83E8-478C-B763-16BBFA20C63B}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe => No File
FirewallRules: [{BF5824B4-638D-421E-B7AD-BDF68DDCCEDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdoms Reborn\KingdomsReborn.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DB5049B-6E52-4223-AC07-1FEDAB00A7EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdoms Reborn\KingdomsReborn.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C44EA691-D64D-41EB-A357-77DE0D401AB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe => No File
FirewallRules: [{BA9C17ED-1264-4A91-A685-088A6BAD21F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{01866B47-2907-4228-8C13-CDB9253B1D89}C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{53883194-4597-4D5D-90E0-CA7B2B5CFB09}C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [{721F423D-E49A-44C8-8ED2-0AACDA170FC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{F51EA856-85C6-4FEA-9194-6EA5A4141AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{C96CC5B6-9774-45DC-91B6-E3017F545AA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070 Complete Edition\Anno5.exe (UBISOFT ENTERTAINMENT INC. -> Related Designs)
FirewallRules: [{408CE1BA-C3EB-40E3-91F7-AF7C4B1822A0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070 Complete Edition\Anno5.exe (UBISOFT ENTERTAINMENT INC. -> Related Designs)
FirewallRules: [{2A8EE712-767D-4051-9426-945E68390B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe => No File
FirewallRules: [{F02B9B2E-E952-404B-B329-4684BDB03EC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe => No File
FirewallRules: [{2378B9AE-2325-4EF8-AA3B-0593C7EA261B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe => No File
FirewallRules: [{12B70073-D307-48E6-B0A5-8647B4806E3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe => No File
FirewallRules: [{48E1218A-0CD0-45C5-88C3-FD12D692BA11}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdoms Reborn\KingdomsReborn.exe => No File
FirewallRules: [{90CA50DE-46B7-49B5-8F27-062B53DE06D4}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdoms Reborn\KingdomsReborn.exe => No File
FirewallRules: [{E1C23B87-0DB3-444A-A318-866F3807D730}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{4AAA3FD5-D01A-4B5C-9E83-DED55A5FCB49}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [TCP Query User{8DFF8F2A-B479-49C6-93EA-E2C9E4381C95}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{76AD43E6-018E-48B1-8E2B-C9289C675396}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [{2FA1E464-4D8F-4DF6-9A2A-941382E40337}] => (Allow) D:\SteamLibrary\steamapps\common\Eco\Eco.exe () [File not signed]
FirewallRules: [{C374C2FE-E4F6-4937-8540-85417057E004}] => (Allow) D:\SteamLibrary\steamapps\common\Eco\Eco.exe () [File not signed]
FirewallRules: [TCP Query User{AFA467FA-3AF5-4297-8199-6E92FF3B0D34}C:\users\snapp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\snapp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DDFBB01B-0187-47E3-B16A-55DAB8E5561E}C:\users\snapp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\snapp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEDB12BF-11F8-48BB-A134-F37160425ACA}] => (Allow) D:\SteamLibrary\steamapps\common\Ranch Simulator\Ranch_Simulator.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BA5F0639-76CC-479C-974B-F2418126D191}] => (Allow) D:\SteamLibrary\steamapps\common\Ranch Simulator\Ranch_Simulator.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0DB7B77A-90A8-4D22-8EB8-0BE96CB1419E}D:\steamlibrary\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{ECF48C6E-C568-4F56-8978-2DB312037A05}D:\steamlibrary\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{4CC88108-B9C1-4AE2-979C-A0AD68278ABC}D:\steamlibrary\steamapps\common\day of dragons\dragons\binaries\win64\dragons-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\day of dragons\dragons\binaries\win64\dragons-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0C202055-159A-4BFC-8A56-7042CEB8A398}D:\steamlibrary\steamapps\common\day of dragons\dragons\binaries\win64\dragons-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\day of dragons\dragons\binaries\win64\dragons-win64-shipping.exe => No File
FirewallRules: [{05F5DF75-AC79-4B40-A009-69452029F9FE}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{8A4154A1-F975-4B99-B28A-7573CCD70EE7}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{67B6BF86-4ED8-48CC-98AC-43CB64A04634}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Time At Portia\Portia.exe () [File not signed]
FirewallRules: [{0A8399C1-146F-4227-B1E4-598C99D4FF36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Time At Portia\Portia.exe () [File not signed]
FirewallRules: [{9A6A45C0-3B9D-459D-BAF7-D0E2FFDCBF69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AC37C69A-44FA-46EC-9763-D2985195FCE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{7A9F305E-A2DA-4337-802C-CF6A27CD4E18}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{4BE8AF0C-549F-4CC3-8CC2-B18123B43C4C}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1ACB4882-2E04-42CE-A542-5EB689C6CE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{D494BC4D-3238-421D-AF9C-D565146F4A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{47A79A42-16C3-46C8-B5BF-FB6ECA4D9C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [{1A47EC63-0B8C-4BF7-931A-326C4E01ABEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [{AF60D46D-D5AB-42A7-AF7A-C516E8C41CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE3DE\BattleServer.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [{6ADCC6CE-FC65-43CF-9A4C-53BA8DC8BD53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE3DE\BattleServer.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [{A4B15A20-B4E4-4B03-A6D0-134E26149D3B}] => (Allow) D:\SteamLibrary\steamapps\common\Dinkum\Dinkum.exe () [File not signed]
FirewallRules: [{D76C6620-E001-4971-A6E5-DDC0F1C790AF}] => (Allow) D:\SteamLibrary\steamapps\common\Dinkum\Dinkum.exe () [File not signed]
FirewallRules: [{B3F82967-8FFA-4368-8E81-B62772DBF819}] => (Allow) D:\SteamLibrary\steamapps\common\PlateUp! Demo\CouchCoopMono2\PlateUp.exe => No File
FirewallRules: [{FC6C51D2-ABA3-4392-8A2B-E0979D87D1E4}] => (Allow) D:\SteamLibrary\steamapps\common\PlateUp! Demo\CouchCoopMono2\PlateUp.exe => No File
FirewallRules: [{31132BAD-ABB6-4C8D-B3D9-19F75A4164AA}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{27D6D32D-1881-4AF7-8652-D9B4FFD32024}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{88785C5E-C720-4E86-9884-02E1EF64109C}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9F8FBE16-EB1C-463B-970B-C2F6AB45AC37}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2748972A-47B6-489F-AEC8-9E2EAD29AFAE}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{1F245BF4-66B0-4288-B6C5-55E86754596D}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{999D9E28-32FD-4986-8380-042D19027CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{55DD9DBB-BC6C-4FF5-A79C-3291930E156C}] => (Allow) D:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{E71D6D3D-DBBF-4E41-A966-9D93C3DA342A}] => (Allow) D:\SteamLibrary\steamapps\common\Re-Legend\Relegend.exe () [File not signed]
FirewallRules: [{9DD37CA6-35D4-4229-A944-B80EC7E36596}] => (Allow) D:\SteamLibrary\steamapps\common\Re-Legend\Relegend.exe () [File not signed]
FirewallRules: [{D101E263-A4AE-4B83-97EC-B48E05D6DBBE}] => (Allow) D:\SteamLibrary\steamapps\common\KEPLERTH\Keplerth.exe () [File not signed]
FirewallRules: [{D585F452-EB04-41FB-B6B2-CA84B0DDE035}] => (Allow) D:\SteamLibrary\steamapps\common\KEPLERTH\Keplerth.exe () [File not signed]
FirewallRules: [{FB1A2345-3669-4D55-9649-BCA648934D82}] => (Allow) D:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{C8AFB444-ED00-4A8E-8E52-0EECF4EAE4AE}] => (Allow) D:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{93CC5F44-A7C1-4FFC-89C5-86E731DEB556}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{41DB282C-CF0C-4397-8D4E-298A29003175}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{77527DE9-3698-4F29-BD37-EB0DA3558287}C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1491_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1491_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{4745A846-D773-49F1-96F8-A76A95DFD3B9}C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1491_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1491_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{0DE122CF-E112-4443-BDEB-403385041F10}C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1436_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1436_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{F6BEA440-1C7D-429C-9218-FDEB60B57134}C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1436_gtaprocess.exe] => (Allow) C:\users\snapp\appdata\local\redm\redm.app\data\cache\subprocess\redm_b1436_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{D829DF65-566C-443F-9B11-627639ED2EF2}] => (Allow) D:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{687A68A1-5032-4284-8AA2-F9C1F8C359E5}] => (Allow) D:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{A0C764D5-D6E0-4134-9577-98ABA7EBFC7D}] => (Allow) D:\SteamLibrary\steamapps\common\Craftopia\Craftopia.exe () [File not signed]
FirewallRules: [{B874D319-A619-4B51-AB3B-59EA548F839B}] => (Allow) D:\SteamLibrary\steamapps\common\Craftopia\Craftopia.exe () [File not signed]
FirewallRules: [{DDD2B8BA-856D-4EE1-A0C7-C0A8664E07B2}] => (Allow) D:\SteamLibrary\steamapps\common\PlateUp\PlateUp\PlateUp.exe () [File not signed]
FirewallRules: [{C76247C4-CAFE-479E-9FD0-50F3F9AFBF33}] => (Allow) D:\SteamLibrary\steamapps\common\PlateUp\PlateUp\PlateUp.exe () [File not signed]
FirewallRules: [{258E76FC-179F-4810-B578-AFDFAA5E5803}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE95ADD5-B9D5-4CC4-9C65-5B7233009113}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3F2F605-BFCB-485F-85B9-EFAD1A821895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3296347D-53F0-49B2-B2D6-4987A81546F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17CE13C4-A939-474E-86FD-B2706507EE72}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52842B98-D54E-4C6C-A209-885EFC30B9F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/11/2023 01:13:43 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\NOVA$ via https://AMD-KeyId-907d65e9b562315997...lates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 11 Mar 2023 13:13:42 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9c081fe4-d57c-4d89-8bdd-55f3d0c485db
Method: GET(547ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (03/11/2023 12:53:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\NOVA$ via https://AMD-KeyId-907d65e9b562315997...lates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 11 Mar 2023 12:53:47 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 932167bc-2030-4b46-9ec9-84b5b2b3a955
Method: GET(937ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (03/11/2023 12:22:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (03/11/2023 12:17:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GameBar.exe version 5.823.1271.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 3200
Start Time: 01d9541335ad507e
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
Report Id: 759ad513-7f95-4bb8-a794-efbdab7aca70
Faulting package full name: Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (03/11/2023 11:47:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.19041.2604, time stamp: 0xa808a517
Faulting module name: ntdll.dll, version: 10.0.19041.2130, time stamp: 0xb5ced1c6
Exception code: 0xc0000374
Fault offset: 0x00000000000ff6a9
Faulting process id: 0x1c48
Faulting application start time: 0x01d9540f082d58cf
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 4d91c90f-35f5-4e28-bf99-365d80d29293
Faulting package full name:
Faulting package-relative application ID:
Error: (03/11/2023 11:45:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (5676,R,98) SUS20ClientDataStore: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00C14.log.
Error: (03/11/2023 11:43:07 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\NOVA$ via https://AMD-KeyId-907d65e9b562315997...lates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 11 Mar 2023 11:43:06 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 502923d4-f566-4384-8dff-54b487cce92a
Method: GET(625ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (03/10/2023 10:44:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\NOVA$ via https://AMD-KeyId-907d65e9b562315997...lates/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 10 Mar 2023 22:44:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 36f63728-1792-4250-8c5d-2194c6336b89
Method: GET(797ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (03/11/2023 01:21:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.
Error: (03/11/2023 01:19:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
Error: (03/11/2023 01:17:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (03/11/2023 01:12:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AMDRyzenMasterDriverV13 service failed to start due to the following error:
A certificate was explicitly revoked by its issuer.
Error: (03/11/2023 01:12:11 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (03/11/2023 01:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/11/2023 01:01:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (03/11/2023 01:01:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.
Windows Defender:
================
Date: 2023-03-08 19:47:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-05 18:34:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-04 13:31:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-03 13:43:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-02 13:28:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-03-11 13:52:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P4.20 08/03/2021
Motherboard: ASRock B450M Steel Legend
Processor: AMD Ryzen 7 5800X 8-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 16310.22 MB
Available physical RAM: 8252.96 MB
Total Virtual: 26038.22 MB
Available Virtual: 13905.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.47 GB) (Free:380.63 GB) (Model: TOSHIBA HDWD110) NTFS
Drive d: (Dis Da ****) (Fixed) (Total:931.51 GB) (Free:265.62 GB) (Model: WD Blue SN570 1TB) NTFS
\\?\Volume{e2a0282a-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS
\\?\Volume{e2a0282a-0000-0000-0000-70c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E2A0282A)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9535B33F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
March 11th, 2023, 01:52 PM
#4
@Azura.. I have merged your 3 separate threads into the first original thread to keep them all together in sequence. Pls add new posts/replies below in this thread and do not create a new thread to continue. tnks.
Someone will be by to have a look at your issue soon.
VirtualDr email notices are not working.
Check back regularly for responses.
_____________________
cat lovers click here
-
March 11th, 2023, 02:17 PM
#5
Thank you it wasnt showing for me for ages im new here
-
March 12th, 2023, 03:20 AM
#6
So far, I don't see anything malicious...
 Download RogueKiller from one of the following links and save it to your Desktop:
Link 1
Link 2
- Close all the running programs
- Double click on downloaded setup.exe file to install the program.
- Click on Start Scan button.
- Click on another Start Scan button.
- Wait until the Status box shows Scan Finished
- Click on Remove Selected.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
- Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
- Then click Finish.
- Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
- If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
- The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8/10 users right-click and select Run As Administrator - The tool will start to update the database if one is required.
- Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Logfile button.
- A window will open which lists the logs of your scans.
- Click on the Scan tab.
- Double-click the most recent scan which will be at the top of the list....the log will appear.
- Review the results...see note below
- After reviewing the log, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
- To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
- Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
- A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
-
March 12th, 2023, 07:55 AM
#7
Hi I've tried running rogue killer and after installation all I get is a popup saying you'll need a new all to open this HTTPS link and the ok is greyed out and I have nothing on my task bar to even close the popup
-
March 12th, 2023, 07:55 AM
#8
Hi I've tried running rogue killer and after installation all I get is a popup saying you'll need a new app to open this HTTPS link and the ok is greyed out and I have nothing on my task bar to even close the popup
-
March 12th, 2023, 10:35 AM
#9
Program : RogueKiller Anti-Malware
Version : 15.8.1.0
x64 : Yes
Program Date : Mar 3 2023
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : snapp
User is Admin : Yes
Date : 2023/03/12 12:37:19
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 1053
Found items : 3
Total scanned : 82954
Signatures Version : 20230220_124148
Truesight Driver : Yes
Updates Count : 4
Arguments : -minimize
************************* Warnings *************************
************************* Updates *************************
CPUID CPU-Z 1.94 (64-bit), version 1.94
[+] Available Version : 2.05
[+] Size : 4.66 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CPUID\CPU-Z\
GIMP 2.10.32-1 (64-bit), version 2.10.32
[+] Available Version : 2.10.34
[+] Size : 1.19 GB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\GIMP 2\
Google Chrome (32-bit), version 111.0.5563.64
[+] Available Version : 111.0.5563.65
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\Google\Chrome\Application
OpenOffice 4.1.10 (32-bit), version 4.110.9807
[+] Available Version : 4.114
[+] Size : 339 MB
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\OpenOffice 4\
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
>>>>>> XX - Software
└── [PUP.MailRU (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1831343195-971935447-3481176198-1001\Software\GameCenter -- N/A -> Found
>>>>>> XX - System Policies
└── [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
[Tr.Gen (Malicious)] (folder) found.000 -- C:\found.000 -> Found
************************* Web Browsers *************************
************************* Antirootkit *************************
this is the file from roguekiller
-
March 12th, 2023, 10:36 AM
#10
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/12/23
Scan Time: 12:17 PM
Log File: d04e7b18-c0cf-11ed-9fa3-7085c2c41529.json
-Software Information-
Version: 4.5.24.248
Components Version: 1.0.1944
Update Package Version: 1.0.66609
License: Trial
-System Information-
OS: Windows 10 (Build 19045.2604)
CPU: x64
File System: NTFS
User: Nova\snapp
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 291732
Threats Detected: 16
Threats Quarantined: 0
Time Elapsed: 8 min, 46 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 3
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 462, 454808, , , , , ,
PUP.Optional.Conduit, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 150, 454835, , , , , ,
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 462, 454808, , , , , ,
File: 13
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 462, 454808, , , , , BD1B9326413D4452A09AEF7E20F68FE8, CE3AF7DFB0AFEC3271A0F8B64ED925AD07E8B7735FA460D1280ACC7E91F41FC5
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000016.ldb, No Action By User, 462, 454808, , , , , 410C56E1704BF2FA49892176D16839EF, 19E77B93432AB565E6F1BDCF1AA9E09D800FB419C4ECBDFDD2A7484E05760978
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000018.log, No Action By User, 462, 454808, , , , , 631B7E0A4735F89C13328FD892BEF083, B2E5C9B99903BA2145ABC6B10819E52200197B28BBF8A7087311F1C7950279AA
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000019.ldb, No Action By User, 462, 454808, , , , , CC07A2696F296E12AC881B8B43F6F321, 8469A2133D2AB6E1D0A6A2FFF22F085AA1685458D3FA46F196685807867616CD
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 462, 454808, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 462, 454808, , , , , ,
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 462, 454808, , , , , 9B7C24B779D42B5E57C9D4A32AC1EC77, 5A79411CBA607A70CAD67D96A4C8F135685237E6E31B51BB73A42700207970DB
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 462, 454808, , , , , 061DCACB4F7167E88A8795641BD68359, 78AAC6AEB59EBFF9026105F7D0D4AFE281C1B4D7EE02BDE61E92FB919B31A505
PUP.Optional.Trovi, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 462, 454808, , , , , D0B401835A670CB707514E2CC0BEE9A8, E60A140495EC8461D463EBBBBDA6262FB10188FBD9F676FB9E93B53D80DE3FF1
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 462, 454808, , , , , C26ECD5738A661FFD0B46CB644D966CF, 5C64BB8DB4D3865D5FAC969DF043C63C2CC27F0C6999A83EE0670AD9F374A800
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 462, 454808, 1.0.66609, , ame, , 5896F9EA58F549901E034CE70F726534, 3B581080242F5D0F61A445650AA32E8A4C8299116EC5DBEE5E15FA707D66856F
PUP.Optional.Conduit, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 150, 454835, 1.0.66609, , ame, , 5896F9EA58F549901E034CE70F726534, 3B581080242F5D0F61A445650AA32E8A4C8299116EC5DBEE5E15FA707D66856F
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 462, 454808, 1.0.66609, , ame, , 5896F9EA58F549901E034CE70F726534, 3B581080242F5D0F61A445650AA32E8A4C8299116EC5DBEE5E15FA707D66856F
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
here is the file from malwarebytes
-
March 12th, 2023, 10:40 AM
#11
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:07
# OS: Windows 10 (Build 19045.2604)
# Scanned: 32102
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Users\snapp\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\rei
PUP.Optional.Reimage C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
PUP.Optional.Legacy Trovi search
PUP.Optional.Trovi Trovi search
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
March 12th, 2023, 10:42 AM
#12
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:15
# OS: Windows 10 (Build 19045.2604)
# Cleaned: 4
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Deleted C:\Users\snapp\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\rei
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Trovi search
Not Deleted Trovi search
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1679 octets] - [12/03/2023 14:38:15]
AdwCleaner[S01].txt - [1740 octets] - [12/03/2023 14:38:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
March 13th, 2023, 03:21 AM
#13
Your MBAM log says "No Action By User".
Please, rerun MBAM, fix all issues and post new log.
-
March 13th, 2023, 05:48 AM
#14
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/13/23
Scan Time: 9:36 AM
Log File: 825dd8fa-c182-11ed-9690-7085c2c41529.json
-Software Information-
Version: 4.5.24.248
Components Version: 1.0.1944
Update Package Version: 1.0.66653
License: Trial
-System Information-
OS: Windows 10 (Build 19045.2604)
CPU: x64
File System: NTFS
User: Nova\snapp
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 292083
Threats Detected: 17
Threats Quarantined: 17
Time Elapsed: 10 min, 25 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 3
PUP.Optional.Conduit, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 150, 454835, , , , , ,
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 462, 454808, , , , , ,
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 462, 454808, , , , , ,
File: 14
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 150, 454835, , , , , BD1B9326413D4452A09AEF7E20F68FE8, CE3AF7DFB0AFEC3271A0F8B64ED925AD07E8B7735FA460D1280ACC7E91F41FC5
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000016.ldb, Quarantined, 150, 454835, , , , , 410C56E1704BF2FA49892176D16839EF, 19E77B93432AB565E6F1BDCF1AA9E09D800FB419C4ECBDFDD2A7484E05760978
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000019.ldb, Quarantined, 150, 454835, , , , , CC07A2696F296E12AC881B8B43F6F321, 8469A2133D2AB6E1D0A6A2FFF22F085AA1685458D3FA46F196685807867616CD
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000021.log, Quarantined, 150, 454835, , , , , 53ACD2599C92C30B3D6F77A769F703D7, 717968E1E097A524A250EEFADE921BB4758FE963E037F40A2386F7FA41084AC0
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000022.ldb, Quarantined, 150, 454835, , , , , D4A2E20CA939DB95478EA51405B255AE, 86BA6160810CC530DE82F10213920810C979DC0449ECB51630F2CA5878CBD8FD
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 150, 454835, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 150, 454835, , , , , ,
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 150, 454835, , , , , CC8789DC389CCBBE5C59777CEFB87A44, 71E4555315171D92CF5ABCBA0534884F8941737DB0C5E2AB890B9801CCC8616F
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 150, 454835, , , , , 6D493F815D05B1ABBAB8364E4272AA1F, 488E8601AA52CF2497759F933954E278A47896C3E740E007C8641DF0A854509F
PUP.Optional.Conduit, C:\Users\snapp\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 150, 454835, , , , , 6E1BE99C3BB8782A76FD5C02074A5E68, 8A89C4CC858F2F14B6D0C1B4DEC3A971D07D8C5DC92EEDB1FBC469D0BF8F1F1D
PUP.Optional.Conduit, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 150, 454835, , , , , DA984D43E01DFC397E0028A8B3AD63FD, C250A1BDF3EE64AFB01BF574182B55AEF15096CECB15E12692D0767EEC2B74EF
PUP.Optional.Conduit, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 150, 454835, 1.0.66653, , ame, , 76F8324F7BFF2F151F3217CCB54C8486, D1083F509670BF43932A02AE74F92028A30DDDF1DE0D3E445049D52EC2992F6E
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 462, 454808, 1.0.66653, , ame, , 76F8324F7BFF2F151F3217CCB54C8486, D1083F509670BF43932A02AE74F92028A30DDDF1DE0D3E445049D52EC2992F6E
PUP.Optional.Trovi, C:\USERS\SNAPP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 462, 454808, 1.0.66653, , ame, , 76F8324F7BFF2F151F3217CCB54C8486, D1083F509670BF43932A02AE74F92028A30DDDF1DE0D3E445049D52EC2992F6E
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
March 14th, 2023, 03:04 AM
#15
OK.
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
- Double click to run it.
- Press Scan button.
- Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
