I'm having a similar problem as user daddybear.
I've ran many scans with Malwarebytes and windows defender. Malwarebytes returns clean, and windows defender returns 2 PUA's, both being Win32/Softcnapp. However I can't remove or quarantine them.
They are both located in C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\Update\ even after I uninstalled superantispyware with Revo uninstaller.
I've run FRST but I didn't want to try to fix it by myself as I don't want to mess anything up. I also didn't want to use any of the fixlists from daddybear's post because I assume they were made specifically for his PC.
I've attached the FRST.txt and Addition.txt
Any help would be much appreciated, thanks in advance.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by Alex (administrator) on DESKTOP-5RRUQ43 (Micro-Star International Co., Ltd MS-7C02) (20-04-2024 19:31:37)
Running from E:\New folder\FRST64.exe
Loaded Profiles: Alex
Platform: Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Private Internet Access\pia-service.exe ->) (Private Internet Access, Inc. -> ) C:\Program Files\Private Internet Access\pia-ss-local.exe
(C:\Program Files\Private Internet Access\pia-service.exe ->) (Private Internet Access, Inc. -> The OpenVPN Project) C:\Program Files\Private Internet Access\pia-openvpn.exe
(C:\Users\Alex\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Alex\AppData\Local\Programs\Opera GX\107.0.5045.89\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\Alex\AppData\Local\Discord\app-1.0.9042\Discord.exe <6>
(explorer.exe ->) (File-New-Project -> File-New-Project) D:\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(explorer.exe ->) (Private Internet Access, Inc. -> Private Internet Access Incorporated) C:\Program Files\Private Internet Access\pia-client.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.062.0326.0002\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\Alex\AppData\Local\Programs\Opera GX\opera.exe <26>
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MsMpEng.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_a11b30fa0ef6c854\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Private Internet Access, Inc. -> ) C:\Program Files\Private Internet Access\pia-service.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => "C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe" -background (No File)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2022-12-09] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Discord] => C:\Users\Alex\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3146936 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13952992 2023-09-05] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Private Internet Access] => C:\Program Files\Private Internet Access\pia-client.exe [5280960 2023-12-12] (Private Internet Access, Inc. -> Private Internet Access Incorporated)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3593992 2024-03-27] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Bethesda.net] => [X]
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Spotify] => C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe [33526600 2024-03-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [Overwolf] => D:\Thunderstore\overwolf\OverwolfLauncher.exe [1790472 2024-04-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [MicrosoftEdgeAutoLaunch_9907A6E846273BFEEA9614E5E48A76AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37180368 2023-12-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (No File)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3593992 2024-03-27] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\124.0.6367.60\Installer\chrmstp.exe [2024-04-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2024-04-04]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {95AC517F-A8F0-4260-9745-4A4CD170BF19} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {FD6F0FB4-7B40-4904-AB27-DAF6B487A994} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [5002168 2024-04-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid f29cb7f3-f610-4863-bc27-19 (the data entry has 10 more characters).
Task: {343BE131-0972-4D4F-ADE6-1A27B055FB80} - System32\Tasks\AVG\AVG Secure VPN Emergency Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1474496 2024-04-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {B0DFD682-15E3-4409-BE8B-10E212A813A7} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [7523256 2024-03-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {415836B0-56C4-475C-A941-52C9129133E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {CB00E801-FD06-4E34-B464-EF4B4700ECC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {E301944B-BE54-490E-89AE-9DDA7F7D78C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {6825E9C2-5FB9-4588-A40C-C3646A2759B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {124FE1D1-0610-4896-9A16-7F9C361C9A04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {24E44E82-8163-47D3-9FD4-715C45B415F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [57176 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/SetTaskbarTask
Task: {7F79B04E-1F80-4DFF-9B20-F0B20E8E24FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {F4B07AAF-F513-4FFD-B695-241F31D2C92A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {CB52B523-3E85-4D2B-A82A-51D90C41BD2A} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {0DA738E8-849B-4F3A-8B43-CAFF5D04DEC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpCmdRun.exe [1658408 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {555A6BFC-17AB-4D6E-B945-BF90E359BF1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpCmdRun.exe [1658408 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AA83BD2-D207-4F8D-827A-15B3B4A1F748} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpCmdRun.exe [1658408 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A1A3222-CE38-45FF-8B47-6875F6E1FF35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpCmdRun.exe [1658408 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2703FFAC-3635-4E0C-BD73-0A9970CFC5F3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-20] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {5D50D5FC-0105-481C-8BAA-259CF1B26B23} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3285030820-2945007817-2664301725-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-20] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {8F565678-4DEC-464E-BF20-1C6E0EDD9BDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34208 2024-04-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {1C180DAE-8997-412B-A292-FF9A0A2B05B1} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DB39BED7-85A4-4017-9E11-8A46935332EC} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9C9CEE09-6B44-48A7-AF46-3894B0D516EB} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5A6461B2-E3E4-4AE3-AC22-0C2657AEEF2A} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {11B88BD9-7729-4CC1-8CA0-F17BB985EBA0} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {DFAF8FEF-F15E-4AA7-AF40-26E48DE7A21E} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task (No File)
Task: {4995CF78-0DAB-423E-9857-5FC3A4F3584D} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -startupTask (No File)
Task: {4B7C53F0-255E-4157-B946-C2E7C3B3D05A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AC720A67-58BC-4ADF-AD4E-5F8C2D85A7E4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59AE2667-FC0C-4103-9D4B-4C95AA908B59} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B37022D3-F3B2-4310-A6AF-36A6A87A8129} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE20B19D-8AFB-42B2-A1E0-BE9B90BF45CB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A97BB45-A966-4B59-97EB-B8487643F3F1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E77D969-9C15-4BE0-8CB8-11DE0D3A5B8A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF08338A-54F3-4A7A-93B4-A59DB61C55E5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E52539F3-E786-497E-9A81-39420F2BFBFA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6966987E-91D0-4808-B08F-EF6A0D507E9B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {60B8B55A-7773-47F4-B9D5-4CA9441F6549} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3285030820-2945007817-2664301725-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6CFCBCF9-A6AD-4C8B-8231-A7F3FE052206} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1621869041 => C:\Users\Alex\AppData\Local\Programs\Opera GX\launcher.exe [2304416 2024-04-12] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Alex\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {4514C527-E737-4D15-AF8D-9D4B9F6F72FC} - System32\Tasks\Opera GX scheduled Autoupdate 1619709097 => C:\Users\Alex\AppData\Local\Programs\Opera GX\launcher.exe [2304416 2024-04-12] (Opera Norway AS -> Opera Software)
Task: {40282D82-230E-4554-8DF6-23373AC4BB12} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-04] (Overwolf Ltd -> Overwolf LTD) -> D:\Thunderstore\overwolf\/RunningFrom Schedule
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c2469ee-7529-4cab-817c-e393ccc33adc}: [NameServer] 100.120.240.1
Tcpip\..\Interfaces\{bb4bd6da-8a00-4563-82c9-bfec8a6b5e96}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bb4bd6da-8a00-4563-82c9-bfec8a6b5e96}: [DhcpDomain] cgocable.net
Tcpip\..\Interfaces\{be2cc06e-0fac-4fa5-823f-78e758a3b5c6}: [DhcpNameServer] 10.0.0.241
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-20]
Edge Extension: (Torrent Scanner) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-08]
Edge Extension: (Open with Google Drive™ Viewer) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2020-07-06]
Edge Extension: (Microsoft Rewards) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2022-10-19]
Edge Extension: (Dark Mode) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2024-04-06]
Edge Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-06-15]
Edge Extension: (PDF Viewer) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2023-10-13]
FireFox:
========
FF DefaultProfile: knklshjm.default
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\knklshjm.default [2023-01-05]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\rpv5h7q9.default-release [2024-04-20]
FF Notifications: Mozilla\Firefox\Profiles\rpv5h7q9.default-release -> hxxps://www.chess.com
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\rpv5h7q9.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-03-17]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\rpv5h7q9.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-04-20]
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2024-04-20]
CHR Extension: (Torrent Scanner) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-02-03]
CHR Extension: (Open with Google Drive™ Viewer) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2020-04-30]
CHR Extension: (doge) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgcaoolikaglnbglicnbkghjjemhpjdb [2020-04-30]
CHR Extension: (Give Up) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2020-04-30]
CHR Extension: (Alarm Clock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmbkahepbpnlepjhehjaagnpednddkdi [2020-04-30]
CHR Extension: (Causality Games) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2020-04-30]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-11]
CHR Extension: (Pixlr Editor) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2020-04-30]
CHR Extension: (Little Alchemy) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2020-04-30]
CHR Extension: (Googulator) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchmgljjkaeadokijkhefbhpfbihhhda [2020-04-30]
CHR Extension: (Google Hangouts) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (PDF Viewer) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2024-02-03]
CHR Extension: (Cube Slam) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn [2020-04-30]
CHR Extension: (Canvas Rider) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2020-04-30]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001) Opera GXStable - "C:\Users\Alex\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-03-24] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [613920 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2022-12-09] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2022-12-09] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2022-12-09] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-10-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2024-01-11] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-11-04] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncHelper.exe [3512232 2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-09-05] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-09-05] (GOG sp. z o.o -> GOG.com)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
S3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [461864 2022-12-09] (Corsair Memory, Inc. -> Corsair)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-08] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MpDefenderCoreService.exe [1488888 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_a11b30fa0ef6c854\Display.NvContainer\NVDisplay.Container.exe [1275424 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.062.0326.0002\OneDriveUpdaterService.exe [3852200 2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-04] (Overwolf Ltd -> Overwolf LTD)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1391840 2023-12-12] (Private Internet Access, Inc. -> )
S3 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4455000 2023-12-12] (Private Internet Access, Inc. -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1874864 2024-03-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-03-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-03-26] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; D:\Program Files\ROCKSTAR GAMES\Launcher\RockstarService.exe [1355760 2023-08-24] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [12322752 2024-04-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\NisSrv.exe [3236712 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.1-0\MsMpEng.exe [133600 2024-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-10-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 avgVpnRdr; C:\WINDOWS\System32\drivers\avgVpnRdr.sys [78664 2024-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R3 avgWintun; C:\WINDOWS\System32\drivers\avgWintun.sys [40768 2024-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-12] (Microsoft Corporation) [File not signed]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-04-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2022-09-12] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [201280 2024-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-04-20] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-02-12] (TEFINCOM S.A. -> WireGuard LLC)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-10-12] (Nvidia Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\WINDOWS\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39944 2020-12-09] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-07-14] (Microsoft Corporation) [File not signed]
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-20] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys [14536 2019-06-24] (EVGA -> OpenLibSys.org)
U1 avgbdisk; no ImagePath
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-20 17:26 - 2024-04-20 19:31 - 000000000 ____D C:\FRST
2024-04-20 17:04 - 2024-04-20 17:04 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-04-20 16:43 - 2024-04-20 17:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-20 16:39 - 2024-04-20 16:39 - 000000815 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2024-04-20 16:39 - 2024-04-20 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2024-04-13 10:40 - 2024-04-14 13:09 - 000000553 _____ C:\Users\Alex\Desktop\rpcs3.exe - Shortcut.lnk
2024-04-12 23:58 - 2024-04-12 23:58 - 000000000 ____D C:\Users\Alex\AppData\Local\ASP.NET
2024-04-12 23:50 - 2024-04-20 16:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2024-04-12 23:49 - 2024-04-20 16:46 - 000000000 ____D C:\Users\Public\Documents\reWASD
2024-04-12 23:49 - 2024-04-12 23:49 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-04-12 20:48 - 2024-04-12 20:48 - 000000000 ____D C:\Users\Alex\AppData\Roaming\DigitalData
2024-04-09 18:54 - 2024-04-09 18:54 - 000000000 ___HD C:\$WinREAgent
2024-04-07 10:43 - 2024-04-03 09:53 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-07 10:43 - 2024-04-03 09:53 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-04-07 10:43 - 2024-04-03 09:53 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-07 10:43 - 2024-04-03 09:53 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-04-07 10:43 - 2024-04-03 09:53 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-04-07 10:43 - 2024-04-03 09:53 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-04-07 10:43 - 2024-04-03 09:53 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-04-07 10:43 - 2024-04-03 09:53 - 001295104 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-07 10:43 - 2024-04-03 09:53 - 001295104 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-04-07 10:43 - 2024-04-03 09:53 - 001226864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-04-07 10:43 - 2024-04-03 09:50 - 001543712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-04-07 10:43 - 2024-04-03 09:50 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-04-07 10:43 - 2024-04-03 09:50 - 001046040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-04-07 10:43 - 2024-04-03 09:50 - 000841736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-04-07 10:43 - 2024-04-03 09:50 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-04-07 10:43 - 2024-04-03 09:50 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 012929568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 002174496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 001626120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 001024544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 000787464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-04-07 10:43 - 2024-04-03 09:49 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-04-07 10:43 - 2024-04-03 09:48 - 016034848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-04-07 10:43 - 2024-04-03 09:48 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-04-07 10:43 - 2024-04-03 09:48 - 005913200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-04-07 10:43 - 2024-04-03 09:48 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-04-07 10:43 - 2024-04-03 09:48 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-04-07 10:43 - 2024-04-03 09:48 - 000853008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-04-07 10:43 - 2024-04-02 21:54 - 000119466 _____ C:\WINDOWS\system32\nvinfo.pb
2024-04-06 18:43 - 2024-04-06 18:43 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2024-04-06 14:49 - 2024-04-06 14:50 - 001080012 _____ C:\WINDOWS\Minidump\040624-13062-01.dmp
2024-04-06 14:44 - 2024-04-06 14:44 - 000962548 _____ C:\WINDOWS\Minidump\040624-13046-01.dmp
2024-04-06 14:37 - 2024-04-06 18:56 - 001238476 _____ C:\WINDOWS\ntbtlog.txt
2024-04-06 13:56 - 2024-04-06 13:56 - 000001938 _____ C:\Users\Alex\Desktop\PC Health Check.lnk
2024-04-06 13:56 - 2024-04-06 13:56 - 000001344 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2024-04-06 13:56 - 2024-04-06 13:56 - 000000000 ___RD C:\Users\Alex\AppData\Local\PCHealthCheck
2024-04-06 13:23 - 2024-04-06 13:23 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-06 13:23 - 2024-04-06 13:23 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-29 19:53 - 2024-03-29 19:53 - 005169703 _____ C:\Users\Alex\Desktop\eternalmodinjector_75cee.zip
2024-03-29 12:20 - 2024-03-29 12:58 - 000000113 _____ C:\Users\Alex\Desktop\New Text Document (7).txt
2024-03-28 22:10 - 2024-04-06 14:49 - 1728825474 _____ C:\WINDOWS\MEMORY.DMP
2024-03-24 20:43 - 2024-03-24 20:43 - 000001654 _____ C:\Users\Alex\Desktop\Dragon Center.lnk
2024-03-21 03:17 - 2024-03-21 03:17 - 000351664 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2024-03-21 03:11 - 2024-03-21 03:11 - 000312752 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-20 19:31 - 2020-04-30 04:49 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-20 19:20 - 2021-12-15 02:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-20 19:20 - 2020-04-30 03:36 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-20 19:04 - 2020-04-30 04:33 - 000000000 ____D C:\Users\Alex\AppData\Local\Discord
2024-04-20 18:43 - 2023-01-05 22:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-04-20 18:37 - 2021-04-25 01:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-20 18:37 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-20 17:11 - 2021-04-25 01:30 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-20 17:11 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-20 17:05 - 2020-04-30 04:33 - 000000000 ____D C:\Users\Alex\AppData\Roaming\discord
2024-04-20 17:05 - 2020-04-30 03:10 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-20 17:04 - 2023-05-10 00:00 - 000000000 ____D C:\Users\Alex\AppData\Local\Malwarebytes
2024-04-20 17:04 - 2023-01-05 22:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-04-20 17:04 - 2023-01-04 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2024-04-20 17:04 - 2021-04-25 01:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-20 17:04 - 2021-04-25 01:21 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-20 17:04 - 2021-04-13 10:55 - 000000000 ____D C:\ProgramData\AVG
2024-04-20 17:04 - 2020-08-12 23:38 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Zoom
2024-04-20 17:03 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-04-20 17:02 - 2020-04-30 02:29 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
2024-04-20 17:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-20 17:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-20 16:55 - 2023-01-05 22:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-04-20 16:52 - 2023-11-11 22:29 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-04-20 16:52 - 2023-11-11 21:47 - 000000000 ____D C:\Users\Alex\AppData\Local\Riot Games
2024-04-20 16:52 - 2023-11-11 21:47 - 000000000 ____D C:\Riot Games
2024-04-20 16:52 - 2023-11-11 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-04-20 16:52 - 2020-05-01 00:44 - 000000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2024-04-20 16:50 - 2020-09-10 10:11 - 000000000 ____D C:\Users\Alex\AppData\Roaming\WhatsApp
2024-04-20 16:50 - 2020-09-10 10:11 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2024-04-20 16:50 - 2020-09-10 10:11 - 000000000 ____D C:\Users\Alex\AppData\Local\WhatsApp
2024-04-20 16:43 - 2020-05-15 22:25 - 000000000 ____D C:\Users\Alex\AppData\Local\FluxSoftware
2024-04-20 16:16 - 2020-04-30 02:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-20 15:41 - 2020-04-30 03:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-20 15:41 - 2020-04-30 03:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-20 15:34 - 2020-07-06 12:31 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-20 15:34 - 2020-07-06 12:31 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-18 20:45 - 2020-04-30 07:57 - 000000000 ____D C:\Users\Alex\AppData\Local\D3DSCache
2024-04-17 18:33 - 2021-04-29 11:11 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1619709097
2024-04-17 18:33 - 2021-04-29 11:11 - 000001435 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2024-04-17 18:29 - 2020-04-30 04:33 - 000002226 _____ C:\Users\Alex\Desktop\Discord.lnk
2024-04-16 20:37 - 2021-06-21 21:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-04-15 20:51 - 2021-10-16 00:44 - 000011068 _____ C:\Users\Alex\Documents\HudSight.txt
2024-04-15 18:50 - 2021-12-11 00:39 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3285030820-2945007817-2664301725-1001
2024-04-15 18:50 - 2021-04-25 01:26 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-04-15 18:50 - 2020-11-24 22:02 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-14 16:00 - 2020-07-13 16:03 - 000000000 ____D C:\Users\Alex\AppData\Roaming\obs-studio
2024-04-13 20:59 - 2023-06-28 00:53 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Spotify
2024-04-13 20:59 - 2023-06-28 00:53 - 000000000 ____D C:\Users\Alex\AppData\Local\Spotify
2024-04-13 11:03 - 2024-01-26 23:40 - 000000738 _____ C:\Users\Alex\Desktop\SnakeBite.lnk
2024-04-12 23:50 - 2020-04-30 03:10 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-12 20:20 - 2021-04-25 01:22 - 000000000 ____D C:\Users\Alex
2024-04-12 20:16 - 2021-09-14 02:24 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-04-09 19:06 - 2021-04-25 01:21 - 000287136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-09 19:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-09 19:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-09 19:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-09 19:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-09 19:00 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-09 18:58 - 2021-04-25 01:22 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-09 18:45 - 2020-04-30 02:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-09 18:43 - 2020-04-30 02:52 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-08 18:20 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-04-07 18:00 - 2021-06-08 01:09 - 000000000 ____D C:\WINDOWS\Minidump
2024-04-07 17:51 - 2023-07-04 20:47 - 000000000 ____D C:\Users\Alex\Documents\FrameView
2024-04-07 11:18 - 2020-04-30 03:11 - 000000000 ____D C:\Users\Alex\AppData\Local\NVIDIA
2024-04-07 10:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-06 18:57 - 2023-01-04 11:25 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-04-06 14:53 - 2023-01-04 11:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-04-06 13:46 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-06 13:43 - 2023-12-13 21:59 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-06 13:43 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-06 13:43 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-06 13:43 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-06 13:43 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-04 18:42 - 2021-04-25 01:26 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 18:42 - 2021-04-25 01:26 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-03 19:01 - 2021-07-01 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-04-03 19:00 - 2021-07-01 14:50 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-04-03 09:47 - 2021-04-15 17:20 - 006948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-04-03 09:47 - 2021-04-15 17:20 - 006034736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-03-29 13:11 - 2020-04-30 03:36 - 000000000 ____D C:\Users\Alex\AppData\Local\Google
2024-03-29 12:41 - 2020-04-30 02:34 - 000000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2024-03-24 20:34 - 2020-09-15 13:28 - 000000000 ____D C:\Users\Alex\Desktop\10099
2024-03-24 20:23 - 2020-06-19 13:40 - 000000000 ____D C:\Users\Alex\Documents\dzsalauncher
2024-03-24 19:59 - 2020-06-19 14:57 - 000000000 ____D C:\Users\Alex\AppData\Local\DayZ
2024-03-24 19:53 - 2020-06-19 13:40 - 000000000 ____D C:\Users\Alex\AppData\Local\DZSALauncher
2024-03-23 01:26 - 2022-02-16 11:47 - 000000000 ____D C:\Program Files\RUXIM
==================== Files in the root of some directories ========
2020-04-30 06:08 - 2020-04-30 06:08 - 137810056 _____ (Advanced Micro Devices, Inc.) C:\Users\Alex\AMD-Ryzen-Master.exe
2020-05-01 00:39 - 2020-05-01 00:39 - 049341944 _____ () C:\Users\Alex\EVGA_Precision_X1_1.0.4.0.exe
2020-04-30 07:18 - 2020-04-30 07:18 - 002066568 _____ (Oracle Corporation) C:\Users\Alex\JavaSetup8u251.exe
2020-04-30 07:20 - 2020-04-30 07:20 - 221816968 _____ (Oracle Corporation) C:\Users\Alex\jdk-8u251-windows-x64.exe
2020-09-15 14:34 - 2020-09-15 14:51 - 000000363 _____ () C:\Users\Alex\AppData\Roaming\Solve Elec 2.5 Prefs
2022-10-09 15:01 - 2022-10-09 15:01 - 000007602 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by Alex (20-04-2024 19:32:24)
Running from E:\New folder
Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2021-04-25 05:26:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3285030820-2945007817-2664301725-500 - Administrator - Disabled)
Alex (S-1-5-21-3285030820-2945007817-2664301725-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-3285030820-2945007817-2664301725-503 - Limited - Disabled)
Guest (S-1-5-21-3285030820-2945007817-2664301725-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3285030820-2945007817-2664301725-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.13 - Arduino LLC)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
AVG Secure VPN (HKLM\...\AVG Secure VPN) (Version: 24.3.9757.10918 - AVG)
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefront Extreme 2.2 (HKLM-x32\...\{AFD834CA-4579-49DF-9CF0-EA58822A7C2E}_is1) (Version: - )
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.82.0 - Bethesda Softworks)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
CORSAIR iCUE 4 Software (HKLM\...\{6F5800BD-8EBC-4C38-BAF0-5CE5205AEC9F}) (Version: 4.32.129 - Corsair)
Discord (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DZSALauncher version 0.0.4.8 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.4.8 - Maca134)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
EVGA Precision X1 (HKLM\...\EVGA Precision X1) (Version: 1.0.4.0 - EVGA Corporation)
FiveM (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.71.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.60 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
HP Support Assistant (HKLM-x32\...\{54ECA61C-83AE-4EE3-A9F7-848155A33386}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{FF81F9EB-61C1-48A4-8EE5-45C5D61BC0E0}) (Version: 12.19.53.13 - HP Inc.)
HudSight (HKLM-x32\...\HudSight_is1) (Version: 1 - )
Java 8 Update 333 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Java SE Development Kit 16.0.1 (64-bit) (HKLM\...\{75CDB88B-F917-5456-AB2D-5504DE7F43DE}) (Version: 16.0.1.0 - Oracle Corporation)
Java SE Development Kit 18.0.1.1 (64-bit) (HKLM\...\{31E89462-2587-5B56-8C7E-28A4D022A32B}) (Version: 18.0.1.1 - Oracle Corporation)
Keybinder version 1.1.1 (HKLM-x32\...\Keybinder_is1) (Version: 1.1.1 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LOOT version 0.16.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.16.1 - LOOT Team)
Malwarebytes version 4.6.12.323 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.12.323 - Malwarebytes)
Microsoft .NET Host - 8.0.3 (x86) (HKLM-x32\...\{C3185BE9-A193-4021-91F1-1E196C20CAB6}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x86) (HKLM-x32\...\{AA217943-D70A-4078-988C-31E5EC26AFE1}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x86) (HKLM-x32\...\{CE4A2F26-87B5-4569-A582-62A8D3B20BE9}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 - Shared Framework (x86) (HKLM-x32\...\{27b7a489-233a-488c-b81b-0cb173d4cd15}) (Version: 8.0.3.24116 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 Shared Framework (x86) (HKLM-x32\...\{66F03628-AF73-329C-9DB7-59A701E08AB7}) (Version: 8.0.3.24116 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.97 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.062.0326.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{2907caa8-4808-4b6b-b7e7-fb8c862823d2}) (Version: 8.0.3.33416 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{D383E279-1AD9-4DD8-9EB4-7C831665F9CC}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
Monero GUI Wallet version 0.17.2.3 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.2.3 - The Monero Developer Community)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 125.0.1 (x64 en-US)) (Version: 125.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 108.0.2 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Kombustor 4.1.6.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version: - MSI / Geeks3D)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
NVIDIA FrameView (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameView) (Version: 1.4.8323.32104943 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 552.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.12 - NVIDIA Corporation)
NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera GX Stable 107.0.5045.89 (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Opera GX 107.0.5045.89) (Version: 107.0.5045.89 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.243.1.1 - Overwolf Ltd.)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 3.5.3+07926 - Private Internet Access, Inc.)
Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0331.032712 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
REDlauncher (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.76.1567 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.9.2 - Rockstar Games)
Samsung DeX (HKLM-x32\...\{24639BA3-44DD-4648-806D-8046771E6722}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{51af111f-4665-4995-8982-55e0e02163e7}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Solve Elec 2.5 (HKLM-x32\...\Solve Elec_is1) (Version: - )
Spotify (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Spotify) (Version: 1.2.33.1042.g26c92729 - Spotify AB)
STAR WARS Battlefront II (HKLM-x32\...\1421404701_is1) (Version: 1.1 multiplayer update 2 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunderstore Mod Manager (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\Overwolf_ahpflogoookodlegojjphcjpjaejgghjnfcdjdmi) (Version: 1.37.1 - Overwolf app)
Twitch (HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows PC Health Check (HKLM\...\{0B4830D0-7D09-4230-AACD-D5FD555FB76F}) (Version: 3.9.2402.14001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 309.1.0.0.0 - Wrye & Wrye Bash Development Team)
Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-06-07] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.59.2.0_x64__gqbn7fs4pywxm [2024-04-18] (Drawboard)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne [2023-08-07] (File-New-Project) [Startup Task]
Kate -> C:\Program Files\WindowsApps\KDEe.V.Kate_24.201.6869.0_x64__7vt06qxq7ptv8 [2024-04-03] (KDE e.V.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-25] (Microsoft Corporation) [MS Ad]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.7301.0_x64__8wekyb3d8bbwe [2024-04-01] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-04-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-07] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-10] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.215.0_x64__dt26b99r8h8gj [2020-04-30] (Realtek Semiconductor Corp)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3285030820-2945007817-2664301725-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2021\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3285030820-2945007817-2664301725-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> D:\Program Files\Autodesk2019\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3285030820-2945007817-2664301725-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> D:\Program Files\Autodesk2019\AutoCAD 2019\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3285030820-2945007817-2664301725-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2021\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3285030820-2945007817-2664301725-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk2019\AutoCAD 2019\en-US\acadficn.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.062.0326.0002\FileSyncShell64.dll [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_a11b30fa0ef6c854\nvshext.dll [2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-03-02 02:55 - 2023-02-27 16:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-10-09 13:13 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-10-09 13:13 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2022-11-22 10:19 - 2022-11-22 10:19 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll
2020-12-08 03:23 - 2021-02-24 17:24 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-03-25 14:20 - 2021-02-24 17:24 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-08 03:23 - 2021-02-24 17:24 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-02-04 20:43 - 2021-02-24 17:24 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-10-09 13:13 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Alex\Desktop\bfx_2.2_setup.exe:MBAM.Zone.Identifier [173]
AlternateDataStreams: C:\Users\Alex\Desktop\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer15.log:16B67B15CB [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer16.log:2B192A174C [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer17.log:3D6CA1C7DE [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer18.log:A25BF494CE [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer19.log:43C23F3FDE [3434]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer2.log:CCB2353F35 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk:88797FF0B7 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk:34D926B811 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure VPN.lnk:7AC6E55F7D [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk:C5112377E0 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT.lnk:B021ADA33C [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [3434]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\23220642.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\23220642.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer (Whitelisted) ==========
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\Control Panel\Desktop\\Wallpaper -> c:\users\alex\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\full-size-dark-souls-wallpaper-1920x1080.jpg
DNS Servers: 10.0.0.241 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "AVG Secure VPN.lnk"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "Samsung DeX"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3285030820-2945007817-2664301725-1001\...\StartupApproved\Run: => "RiotClient"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EDBE27B6-8F08-4F24-A0C3-22A0A7A740C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0662D03B-47D3-49FE-B968-4A052895E0E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8BF24E7B-EEC5-4B62-A0BD-5A03EB02DB79}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E4D58095-CF6C-4414-8E26-D2EC6FB513AC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C2C6984F-F83C-4A8B-BEF8-12E1F68F8FD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{6EAEB914-B27C-4851-9629-D3D65C032283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [UDP Query User{3CEF3BD2-9CF1-4F68-8B66-B9F7725370B7}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{CE336FC8-2A7C-4EF9-9DD0-942E98F6AFA9}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{540E9D54-09DD-44FB-A31C-19280D8EBE4F}E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{4CA72FB0-9EB2-4DBA-B807-19C83D0ADCDD}E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0111D19B-1687-44CB-A444-0296C01FEAB4}] => (Allow) E:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0ABD7124-E320-49FD-9EB7-DE224ABB383E}] => (Allow) E:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{01F96EA7-8291-4815-B324-9C8C518AD614}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{59DF47FD-CDCD-489E-9FE0-A323DD459C45}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9488E5E3-8E5E-424E-92EF-04852E2EBCC0}] => (Allow) LPort=5357
FirewallRules: [{E53C2DEC-408D-455E-87B5-A9E1C7402159}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D9A1F9A0-D97F-4EFF-B44B-9FBE0837ACC6}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{482A5E0F-7F3A-478E-A6CB-F32C821F7DB9}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7D7F9D80-0FC1-4F46-BB22-FB7B110CB0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sekiro\Artwork_MiniSoundtrack\DigitalArtwork_MiniSoundtrack.exe => No File
FirewallRules: [{67E46072-46D1-4C5A-B5E4-0FB943BB7B0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sekiro\Artwork_MiniSoundtrack\DigitalArtwork_MiniSoundtrack.exe => No File
FirewallRules: [{611C2D0F-3DA6-4444-98E9-C84480E61318}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{F5579BA9-4155-48BA-B42B-706288373FC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [UDP Query User{AAB3C233-20A0-4469-9BBA-66FBCB13DFEE}C:\users\alex\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\alex\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{5A3D6AA7-D91C-4085-BC41-AD4E260E473B}C:\users\alex\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\alex\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{996F642E-66E2-4CFE-9B5C-345C1DD068AB}C:\program files\cisco packet tracer 7.3.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.1\bin\packettracer7.exe => No File
FirewallRules: [TCP Query User{38E38AA6-BEE4-42D0-AEEA-B6DDD8BDB833}C:\program files\cisco packet tracer 7.3.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.1\bin\packettracer7.exe => No File
FirewallRules: [UDP Query User{E8D14F1C-3286-4D8A-A087-4EAF8CBF9244}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{885D82E2-E10D-4344-897D-3B8D80F7B737}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{2E8D72B0-3995-4335-81B3-6F206467DA37}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{0A82CB6F-64A8-4DC3-ACBB-C20181C3B4AE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{84F10638-F32A-4CE9-B40D-77EBCBF0FB94}C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe] => (Allow) C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe => No File
FirewallRules: [TCP Query User{94DDE6B2-9B0A-4DC4-8379-1233EA091B9C}C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe] => (Allow) C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe => No File
FirewallRules: [{264FAD30-78AC-463D-BF31-059976EC7416}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [UDP Query User{B3F43697-787C-442E-A536-EFE65196CBEB}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [TCP Query User{4C66270E-3D78-4952-B1D5-8E98BB30CB37}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{646586B6-D0F1-4B17-A156-2156F7D86D1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{9F4F4311-6BAD-46EE-BE07-F3BF41671BA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{D4C5FD86-6DF9-4BD4-92AD-4046E72E9BB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{9296EA98-9F0E-4E67-8760-0777B0A96614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{873C5CBB-9633-4395-816A-C2A53E1FD02C}] => (Allow) LPort=25565
FirewallRules: [{20288380-D1A4-4CB4-94A5-D2ECD4581BCC}] => (Allow) LPort=25565
FirewallRules: [UDP Query User{84CD4643-CF6C-4446-B265-FD9C93AFC836}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{81E6BD35-AAF2-47F4-9DD1-78FEF903E7FD}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{155090D6-DA73-420C-A04B-A4750DB06105}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A72933EC-2CCB-4597-BCE9-1B9BF348AA1C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{49D9A0AD-0226-4E0D-A3BE-6DA37BE3B692}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D1B1D809-D9DD-436A-8298-EB64F4D0B2B7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6C9F2125-EE47-4508-962E-F98C990A9478}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BD1067B-7439-446B-AC85-113EC847D1DA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{580CA40B-5F33-4DE8-9A0F-A78D842C69B4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EC11A141-9E5C-486D-836C-38286723D4A1}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{77C1001F-7567-40AE-9CD1-5BF56E2DEBFE}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => No File
FirewallRules: [UDP Query User{BB339BE2-E7BE-4434-8B07-1F50E4157C39}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => No File
FirewallRules: [TCP Query User{B9972A5E-A5D3-4B3B-AD72-B1C9460F9FBE}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => No File
FirewallRules: [UDP Query User{E7CC2662-1898-4D7B-9B46-7B4AC867E83F}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => No File
FirewallRules: [TCP Query User{C7670FD9-9735-484C-A9A5-D1B8371D1B6F}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => No File
FirewallRules: [UDP Query User{9605CE79-DABA-4FB5-90C5-B721A41BE996}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => No File
FirewallRules: [TCP Query User{FDBC8F6C-FB96-42C5-80E9-6CAEF0CA9FFF}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => No File
FirewallRules: [UDP Query User{F7C5FDB2-D9DC-4ED1-91BC-504627F519C7}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => No File
FirewallRules: [TCP Query User{83DA881D-6181-4FD6-B628-C53357FB6BBB}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => No File
FirewallRules: [UDP Query User{66D11D4D-5EF0-48FC-A930-5AA02900E11E}C:\users\alex\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => No File
FirewallRules: [TCP Query User{32AE528C-B90B-48AA-85EA-05A3DA2682B8}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{3A004EF5-D7C9-40ED-96C4-E915A84FEBBA}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{454F6E31-577F-4AC1-9DD2-A68AA855B4C7}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Microsoft Corporation -> Mojang)
FirewallRules: [{6088749B-410C-4CB3-9863-AF5DC03119CE}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Microsoft Corporation -> Mojang)
FirewallRules: [{A8614557-608B-4DC8-8517-3872F83DC79D}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Microsoft Corporation -> Mojang)
FirewallRules: [{D28C0C6E-072C-4024-AF70-2E63F653C1A0}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Microsoft Corporation -> Mojang)
FirewallRules: [{A89FD2B9-5127-4DCB-8B88-A6442FB3A196}] => (Allow) LPort=25565
FirewallRules: [{9F3B7771-1C37-45E1-9BEE-F1B1039C12E4}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{1C8D2560-ED2C-4236-9D57-743289B27260}C:\users\alex\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\alex\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => No File
FirewallRules: [UDP Query User{249DF966-3D52-48D1-89EB-6DFF781A670D}C:\users\alex\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\alex\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => No File
FirewallRules: [TCP Query User{60A8691A-F590-4E60-A2B1-025CF3E000F6}C:\users\alex\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => No File
FirewallRules: [UDP Query User{2AF0A23D-BDEF-48B0-B1DD-6984EDE8E73F}C:\users\alex\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => No File
FirewallRules: [TCP Query User{73C02787-EF68-495C-AA72-8E856B23BC54}C:\users\alex\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => No File
FirewallRules: [UDP Query User{3FE84DCE-9CDA-44B6-A6E1-406EB448F477}C:\users\alex\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => No File
FirewallRules: [TCP Query User{D1B0FCFB-6954-4FF5-950E-B60FC316196F}C:\users\alex\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => No File
FirewallRules: [UDP Query User{2211CA15-8A04-4013-8124-ECF89B90C074}C:\users\alex\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => No File
FirewallRules: [TCP Query User{7054B779-12F7-469D-8EEF-E89883193FDD}C:\users\alex\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => No File
FirewallRules: [UDP Query User{36F67644-6734-48C2-B49C-7B82F678ABF8}C:\users\alex\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => No File
FirewallRules: [TCP Query User{405ED702-39F4-4C5B-A55E-D27A80788F1C}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [UDP Query User{4C6DC614-5BD5-48F7-88F8-D5E5F1902324}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{12C9B479-7C45-4015-97D0-C3311DD41A8B}] => (Allow) E:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{6531B4FE-CB51-44CD-B90E-930611FB3BCF}] => (Allow) E:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{6FD7C9BB-0466-4FFC-9B81-A9C0667F3C00}C:\users\alex\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{83053647-D1EE-4E96-8653-4997584F3D59}C:\users\alex\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\alex\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0C1C1261-C644-4384-AA3A-3D5A21363CFC}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed]
FirewallRules: [UDP Query User{0E007127-F94C-4C34-98DF-108FC05A5156}C:\program files\monero gui wallet\monero-wallet-gui.exe] => (Allow) C:\program files\monero gui wallet\monero-wallet-gui.exe () [File not signed]
FirewallRules: [{670A224B-D436-412E-A55D-4A36510F6325}] => (Allow) E:\SteamLibrary\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{57C516AD-242D-4648-8A74-EC851EEDB25E}] => (Allow) E:\SteamLibrary\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [TCP Query User{6D5BDCA3-00E9-47AB-A7B2-C8C77B1B9894}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [UDP Query User{77C54BE7-D54A-4007-8087-10BF9EB8E9CF}C:\program files\monero gui wallet\monerod.exe] => (Allow) C:\program files\monero gui wallet\monerod.exe => No File
FirewallRules: [TCP Query User{86FEEBDB-EC6B-48DA-A725-8E1855A54CDC}C:\users\alex\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\alex\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{5A9AD0D2-58FF-4177-8A01-0EB5D6A55C48}C:\users\alex\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\alex\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{126BAF57-7B81-485A-A6CD-20BB346D2DD0}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{611E6727-BA3D-45CA-A9DD-D37E37478819}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{1D716026-8860-49A6-AFE6-1C032A3F95B4}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [{1620FA09-0F06-448F-A102-8096E3DF2170}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [{4A57EC5B-1026-4DF3-8D44-7D2B76E84C88}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3543EB91-E36A-477C-A8C8-0F56491E03D3}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{FB53B3AE-7EBF-4CFF-88E9-1217A272F5BF}E:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) E:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4C7F1721-4BB4-4D7A-AAF2-83148257BD6F}E:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) E:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{958F5277-AD65-445A-A680-2D11258CA45F}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{37DBA89C-2123-4399-8D31-98E8A475B615}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{F3CCECA3-83FA-488F-AED2-2E771894A905}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\ArtbookOST\ELDEN RING Digital Artbook & Soundtrack.exe () [File not signed]
FirewallRules: [{05B2A8D7-C7D1-4920-B9A0-8DC48454A5F6}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\ArtbookOST\ELDEN RING Digital Artbook & Soundtrack.exe () [File not signed]
FirewallRules: [{2BAD781E-F0A1-4F37-9E0A-6AE76EB18636}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [File not signed]
FirewallRules: [{71950E17-B478-42BE-AAF5-AE4286F71B82}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [File not signed]
FirewallRules: [{AAFF72ED-7704-4819-BDFC-67160724C975}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{2798ABC5-BDC7-4D5E-9735-1014F7E4E5AA}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{93880D45-615D-45EB-87CB-A12C767A1E30}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{6F250930-7455-490C-B65E-33A17B40F30A}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{3B4661BD-7673-4313-B452-8C06BB207AC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72EE5D15-41C0-4EF8-93CA-73A7ED4A0D1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{501F847C-2F65-4569-901C-16750B2EC89B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{EEF6B54E-DDEC-4BE8-ABBD-3AFB15516626}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{18631705-A0C5-41F6-900A-2A6DBC667CCA}C:\users\alex\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\alex\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{52B2FAA5-2BBB-4776-A5F6-89B822D0CE09}C:\users\alex\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\alex\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{70D5E223-0513-498A-8307-48D9047F0C52}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\anycast.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\anycast.exe => No File
FirewallRules: [UDP Query User{223B18FB-14E1-4620-864A-6E45A232CB93}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\anycast.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\anycast.exe => No File
FirewallRules: [TCP Query User{6E54568E-2576-43E8-B0B5-82050A8D4E7E}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgecore.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgecore.exe => No File
FirewallRules: [UDP Query User{9957E15C-2965-40E1-B912-096C131DF6E5}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgecore.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgecore.exe => No File
FirewallRules: [TCP Query User{B64391DA-7F0B-40CA-B480-6E0E05F81C69}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgeencoder.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgeencoder.exe => No File
FirewallRules: [UDP Query User{848CC488-CD45-4C05-9403-180EBE83A02D}C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgeencoder.exe] => (Block) C:\users\alex\appdata\local\programs\theta-pgn\resources\bin\edgeencoder.exe => No File
FirewallRules: [TCP Query User{0FA0EB67-6393-459A-B2DF-B2656B0D0AC3}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DAC1527D-4871-4750-A40B-E8AFF121DB6F}C:\users\alex\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alex\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CF42C5E-A2F7-4A6B-8E53-4FE6E1D54F6E}] => (Allow) E:\SteamLibrary\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.) [File not signed]
FirewallRules: [{23D25BA8-A33A-4812-BD4E-989845A713D3}] => (Allow) E:\SteamLibrary\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.) [File not signed]
FirewallRules: [{49DFE874-9B03-4AC7-985E-66F5AC3E7EAF}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5B37DFB2-98E4-4FEC-B5B5-A36AF6CB9755}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{02F5FC0E-4FF4-4921-8508-ECC788F8FC44}] => (Allow) E:\SteamLibrary\steamapps\common\Chivalry 2\Chivalry2Launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{4CEEF962-A345-4D9B-98CF-4589F6421033}] => (Allow) E:\SteamLibrary\steamapps\common\Chivalry 2\Chivalry2Launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{80DBFE3A-C0DB-4640-9238-CD924A3285B5}E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{F70F696C-CD7B-418E-AC45-DFD284C0054C}E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A6730993-033F-4B44-9D45-7019F39AA9A7}E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{759C2BA8-BD04-4363-A5CA-D995A1FCD103}E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalry 2\tbl\binaries\win64\chivalry2-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{AFD0E3C9-6915-4E3B-9DB1-DEFEE71E466E}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{35D3EAD8-3095-47D4-BDA8-0BB6B63D8ED7}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [{0BEF771C-3FAD-4157-A1DC-1F69EDFB438F}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{C5C42441-865C-451B-83B3-560BDAD65FCC}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{3FA60ED8-30CC-4D3B-9B77-B388FF36454E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8AFAEB88-23DD-4EE7-BD7F-0264ACEAF06A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F90E3B1-CCD6-4255-AF3D-56DAABABD073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5DFCC620-4AC0-4663-B388-7FCBC7B3BA98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC861522-5E73-42EC-8C15-C4E59F70815B}] => (Allow) E:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{3B03014E-C91D-4E36-9C00-0F3802B48980}] => (Allow) E:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{B79FD501-A7E0-4033-B471-FC23E32D0A3F}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (Bethesda Softworks LLC -> id Software)
FirewallRules: [{6DEC0DB5-1968-4D3F-AC0D-C9E4596A400B}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (Bethesda Softworks LLC -> id Software)
FirewallRules: [{1DA1F180-2DAD-46D1-82B6-29963FF853D2}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{81EB88A2-4122-4BDB-B288-F6078519A826}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{01B78330-571C-44A6-BA20-9ED499FD2CD2}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{2FD90A4B-B86B-4D3C-A413-8D9259CEAADD}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{1CE6D534-ACD9-44E3-B752-2A9B7D202561}] => (Allow) D:\Thunderstore\overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{1FEED80D-C02C-46F1-9670-AA3A197B74FA}] => (Allow) D:\Thunderstore\overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{75056BFA-F3B1-4428-AEB4-1A5C68BB69C9}] => (Block) D:\Thunderstore\overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{7545E195-1A76-441D-93BC-0F87ABDDC435}] => (Block) D:\Thunderstore\overwolf\0.243.0.9\OverwolfBrowser.exe => No File
FirewallRules: [{FF9BD6FF-D828-4115-AA86-5F48EBE53EBB}] => (Allow) D:\Thunderstore\overwolf\0.243.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A6E37070-04DB-4FDD-9134-80E1044D2F5F}] => (Allow) D:\Thunderstore\overwolf\0.243.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{EFA11F30-B566-49C2-AF3F-99DF0449B18E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.117.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{596AA9D2-88E9-4B43-89B5-2027CF7068B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.117.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86D5BCAE-2724-4F91-BBB5-EC4F5735A548}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.117.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07FD94DF-74C9-45F5-A241-F16CDCE275E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.117.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3F02A420-C679-4121-89D9-928F70B85523}E:\rpcs3\rpcs3.exe] => (Allow) E:\rpcs3\rpcs3.exe () [File not signed]
FirewallRules: [UDP Query User{96E53BA6-F5D3-46BD-AA49-106241CC13DA}E:\rpcs3\rpcs3.exe] => (Allow) E:\rpcs3\rpcs3.exe () [File not signed]
FirewallRules: [{47E4FD3E-8920-4902-9AB3-D72377544C14}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85FE777F-6961-46DD-AC1E-84F5A241F72E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C2E9E512-E43D-4982-9847-AA20FC4B64DB}] => (Allow) LPort=32682
==================== Restore Points =========================
20-04-2024 16:58:37 Removed HP Support Solutions Framework
20-04-2024 17:01:49 Revo Uninstaller's restore point - HP Smart
==================== Faulty Device Manager Devices ============
Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/20/2024 05:08:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-5RRUQ43)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (04/20/2024 05:01:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified..
Error: (04/20/2024 05:01:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {a6995bd6-cf6f-4ee2-aca0-0b81ff4eae89}
Error: (04/20/2024 04:59:09 PM) (Source: MsiInstaller) (EventID: 1013) (User: DESKTOP-5RRUQ43)
Description: Product: HP Support Solutions Framework -- This application could not be uninstalled, because HP Support Assistant requires it.
Error: (04/20/2024 04:58:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified..
Error: (04/20/2024 04:52:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RiotClientServices.exe, version: 0.0.0.0, time stamp: 0x65736a6e
Faulting module name: RiotClientServices.exe, version: 0.0.0.0, time stamp: 0x65736a6e
Exception code: 0xc0000409
Fault offset: 0x005f2349
Faulting process id: 0x5a3c
Faulting application start time: 0x01da9364a7fc04a6
Faulting application path: C:\Riot Games\Riot Client\RiotClientServices.exe
Faulting module path: C:\Riot Games\Riot Client\RiotClientServices.exe
Report Id: 862bdf6d-4ce1-44ee-bbaa-0bb17de30f97
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2024 04:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RiotClientServices.exe, version: 77.0.1.814, time stamp: 0x65736a6e
Faulting module name: RiotClientServices.exe, version: 77.0.1.814, time stamp: 0x65736a6e
Exception code: 0xc0000409
Fault offset: 0x005f2349
Faulting process id: 0x4900
Faulting application start time: 0x01da9364270ea427
Faulting application path: C:\Riot Games\Riot Client\RiotClientServices.exe
Faulting module path: C:\Riot Games\Riot Client\RiotClientServices.exe
Report Id: 458f4a0c-0d8c-4537-94f3-5f99176e17bf
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2024 04:43:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {a6995bd6-cf6f-4ee2-aca0-0b81ff4eae89}
System errors:
=============
Error: (04/20/2024 05:04:47 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2024 05:04:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.
Error: (04/20/2024 04:53:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CCleaner Performance Optimizer Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/20/2024 04:52:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The vgc service terminated unexpectedly. It has done this 1 time(s).
Error: (04/20/2024 04:43:17 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
Error: (04/20/2024 04:05:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Defender Antivirus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (04/20/2024 03:27:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240017: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.409.404.0) - Current Channel (Broad).
Error: (04/20/2024 03:24:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Windows Defender:
================
Date: 2024-04-20 15:43:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-06 14:29:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-04-06 14:22:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-03-28 20:30:28
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Softcnapp&threatid=227565&enterprise=0
Name: PUA:Win32/Softcnapp
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\Update\1AC6DC4663E9BAC28F6ED5D3AA019A84
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\SUPERAntiSpyware\SASCore64.exe
Security intelligence Version: AV: 1.407.710.0, AS: 1.407.710.0, NIS: 1.407.710.0
Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
Date: 2024-03-27 18:54:29
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Softcnapp&threatid=227565&enterprise=0
Name: PUA:Win32/Softcnapp
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\Update\1AC6DC4663E9BAC28F6ED5D3AA019A84
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\SUPERAntiSpyware\SASCore64.exe
Security intelligence Version: AV: 1.407.710.0, AS: 1.407.710.0, NIS: 1.407.710.0
Engine Version: AM: 1.1.24030.4, NIS: 1.1.24030.4
Event[0]:
Date: 2024-04-20 16:05:54
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource: process:pid:4960,ProcessStart:133581145970959224
Engine Code: 16422
Date: 2024-04-16 21:39:20
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.409.301.0;1.409.301.0
Engine Version: 1.1.24030.4
Date: 2024-04-16 20:39:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.409.332.0
Previous security intelligence Version: 1.409.301.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.24040.1
Previous Engine Version: 1.1.24030.4
Error code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2024-04-16 20:39:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.409.332.0
Previous security intelligence Version: 1.409.301.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.24040.1
Previous Engine Version: 1.1.24030.4
Error code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2024-04-16 20:39:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.24040.1
Previous Engine Version: 1.1.24030.4
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
CodeIntegrity:
===============
Date: 2024-04-20 18:58:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3.50 11/07/2019
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processor: AMD Ryzen 5 3600X 6-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 16333.24 MB
Available physical RAM: 8195.54 MB
Total Virtual: 29133.24 MB
Available Virtual: 16825.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.13 GB) (Free:80.59 GB) (Model: WDC WDS500G2B0A-00SM50) NTFS
Drive d: (HDD) (Fixed) (Total:1863 GB) (Free:1457.46 GB) (Model: ST2000DM008-2FR102) NTFS
Drive e: (NVME) (Fixed) (Total:931.5 GB) (Free:172.79 GB) (Model: Samsung SSD 970 EVO 1TB) NTFS
\\?\Volume{e4cbc0c8-8804-416b-bcb4-72923c388991}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{191f78f8-ae54-4565-984a-599fff8a749f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Attached Files
Edited by Oh My!, 20 April 2024 - 08:44 PM.