I was recently looking for an addon for a game I play and came across a website that I thought was fine, I clicked on the website called bestwowaddons and it immediatly redirected me to another website called tuies.xyz. The website asked me to update my chrome and had a link button but I just closed out the tab, after that I went and scanned my pc with malwarebytes, mbar from norton and eset online scanner. None of the scans detected any threats but I'm still worried cause when I first installed eset online scanner it would open then close the program and I had to restart my pc to get it to work. I have to go to work in an hr and I won't be home until later tonight. I will reply to the topic tomorrow when I wake up. Thanks a bunch and have a good day!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2021
Ran by Dohnovan (administrator) on DESKTOP-LBHF8BQ (Micro-Star International Co., Ltd MS-7A38) (04-10-2021 14:14:20)
Running from C:\Users\Dohnovan\Downloads
Loaded Profiles: Dohnovan
Platform: Windows 10 Home Version 20H2 19042.1237 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adlice -> ) C:\Program Files\UCheck\UCheck64.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepositoryͱ621.inf_amd64_f6054ee530919325\B371622\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepositoryͱ621.inf_amd64_f6054ee530919325\B371622\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(BrightFort LLC -> ) C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\Dohnovan\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe <2>
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesGG.exe [14546768 2021-09-08] (SteelSeries ApS -> SteelSeries ApS)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [70858912 2021-07-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3522168 2021-09-16] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Discord] => C:\Users\Dohnovan\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11223920 2021-07-06] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3522168 2021-09-16] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\94.1.30.87\Installer\chrmstp.exe [2021-10-01] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {003F3181-A20A-4D6E-AF07-3F433F29B336} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63960 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {08E5B611-4DA5-4724-BF5F-CEB73F9E0C7D} - System32\Tasks\SSAudioSvc64Run => C:\Program Files\Steelseries\SS Audio\Foundation\x64\SSAudioSvc64.exe [797088 2020-01-08] (A-Volute -> )
Task: {0E5910AF-1715-4EAC-B195-D681FFD5A83F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1717720 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {2375A8AC-D351-4C27-A84C-B2A4999986C7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {237AC036-8D6E-419A-8CEC-C9065BDF0DFA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AFE60A3-3C00-4AF5-BFF5-8D96C9C8F860} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {410227B3-2D72-4BD0-84E4-4510B87BEE40} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Dohnovan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-03] (ESET, spol. s r.o. -> ESET)
Task: {45759402-4A81-4698-B19A-AC3847C58764} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {46C985FF-E8CD-47E1-B79E-C8BED82C0F88} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B6602AC-DE36-4E1E-9812-98B2BA5145F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {534D2581-6C13-42B2-AED8-659003D3FD3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {568E4EEF-5E99-4C66-B8E9-DA74BFF2DCA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {57D400E4-1AED-4949-8A64-6154CB072473} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1717720 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {66129C80-EAB0-4B1D-9A56-5CFE8ACA6EDF} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63960 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {72272DFC-049E-46D5-8C98-9563407B5D9D} - System32\Tasks\SSAudioSvc32Run => C:\Program Files\Steelseries\SS Audio\Foundation\SSAudioSvc32.exe [1299872 2020-01-08] (A-Volute -> )
Task: {77912C4C-1924-46CA-A4DA-2D80B75DE78D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Dohnovan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-03] (ESET, spol. s r.o. -> ESET)
Task: {7D484749-46DF-40A9-AF50-007BE595726C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {9449CE46-5A5A-4AE1-A155-33ACE9FFE2A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABF9D64A-DDE5-4C3A-B43D-BF44BA7F0D77} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1717720 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AD1F8BF8-F4D4-4936-8EDC-48A7BE2F253C} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [620504 2021-09-10] (Advanced Micro Devices Inc. -> AMD)
Task: {BC2173B5-C39F-40B2-99E4-F41B28F26961} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BDA358F7-FD10-4FAB-A724-6CE5B18B18B1} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [29145424 2021-06-15] (Adlice -> )
Task: {C7F9C868-C3E7-41C8-A0F4-32BE030F840C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E6184A99-7DEE-4300-B4FF-27848FA6AA86} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [358912 2021-09-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {EF2510AF-C11A-4F06-845C-2D10CBD72D75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7C11E4D-8953-4DE9-983A-948111C8C52C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1a8f5a04-83c8-490b-b4bc-64e8c2c6fd6d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1cd6b0cf-5059-4ef2-9609-a8d02c0c81b4}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{3c01823b-a919-4197-a2ce-b7ef6cd5d03a}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{57a5de9c-d2e2-48be-96b9-44b1389dcc84}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8f09853e-c450-47d3-b7bc-5aedbe848278}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{dad6bf82-733a-495c-84a7-154afa6ad446}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e0510115-42dc-46d8-842a-cc54eeda8aa9}: [DhcpNameServer] 10.0.1.1
Edge:
=======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-12]
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-11]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-05-26]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Dohnovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2021-06-23]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default [2021-10-04]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Slides) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-14]
CHR Extension: (Docs) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-14]
CHR Extension: (Google Drive) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-02]
CHR Extension: (Sheets) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-14]
CHR Extension: (Google Docs Offline) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (MetaMask) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-24]
Brave:
=======
BRA Profile: C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-08-29]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-08-29]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-08-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2021-08-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-08-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Dohnovan\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-08-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [511448 2021-09-10] (Advanced Micro Devices Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-08-22] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-09-19] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5117648 2021-07-13] (SurfRight B.V. -> SurfRight B.V.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-05] (Malwarebytes Inc -> Malwarebytes)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-28] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-06-25] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-09-16] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-08-30] (Razer USA Ltd. -> Razer Inc.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [31568 2021-09-08] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2021-07-07] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepositoryͱ621.inf_amd64_f6054ee530919325\B371622\amdkmdag.sys [80473616 2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [410640 2021-07-13] (Microsoft Windows Hardware Compatibility Publisher -> SurfRight B.V.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-31] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl927b4999; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55BDAEB2-2527-48D0-99B3-8A3745A83E92}\MpKslDrv.sys [130296 2021-10-04] (Microsoft Windows -> Microsoft Corporation)
R1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [48640 2018-04-11] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME)
S3 ocznvme; C:\WINDOWS\System32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_024e; C:\WINDOWS\System32\drivers\RzDev_024e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [135688 2016-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2018-02-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 AMDRyzenMasterDriverV17; \??\C:\Program Files\AMD\CNext\CNext\AMDRyzenMasterDriver.sys [X]
S3 cpuz149; \??\C:\Users\Dohnovan\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-04 14:14 - 2021-10-04 14:16 - 000027002 _____ C:\Users\Dohnovan\Downloads\FRST.txt
2021-10-04 14:13 - 2021-10-04 14:13 - 000000000 ____D C:\Users\Dohnovan\Downloads\FRST-OlderVersion
2021-10-04 14:12 - 2021-10-04 14:15 - 000000000 ____D C:\FRST
2021-10-04 14:11 - 2021-10-04 14:13 - 002308096 _____ (Farbar) C:\Users\Dohnovan\Downloads\FRST64.exe
2021-10-04 08:21 - 2021-10-04 08:21 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\64359530.sys
2021-10-04 08:01 - 2021-10-04 08:01 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2021-10-04 08:01 - 2021-10-04 08:01 - 000003870 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-10-04 08:01 - 2021-10-04 08:01 - 000003428 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-10-03 22:42 - 2021-10-03 22:42 - 000001282 _____ C:\Users\Dohnovan\Desktop\ESET Online Scanner.lnk
2021-10-03 22:38 - 2021-10-03 22:38 - 000003084 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-10-03 22:16 - 2021-10-03 22:16 - 011697056 _____ (ESET) C:\Users\Dohnovan\Downloads\esetonlinescanner (2).exe
2021-10-03 22:03 - 2021-10-03 22:03 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\ESET
2021-10-03 21:00 - 2021-10-03 21:00 - 000071445 _____ C:\Users\Dohnovan\Downloads\Postal-v3.4.0.zip
2021-09-27 12:53 - 2021-09-27 12:53 - 000025404 _____ C:\Users\Dohnovan\Downloads\BindPad_2.2.4.zip
2021-09-27 11:29 - 2021-09-27 11:29 - 000310225 _____ C:\Users\Dohnovan\Downloads\OA_-_Nations_Benefits_-_Wave_1.pdf
2021-09-27 11:27 - 2021-09-27 11:27 - 000340116 _____ C:\Users\Dohnovan\Downloads\Enterprise_-_OA_Wave_2_2021.pdf
2021-09-27 11:22 - 2021-09-27 11:22 - 000336860 _____ C:\Users\Dohnovan\Downloads\Payroll_-_OA_Wave_2_2021.pdf
2021-09-27 11:09 - 2021-09-27 11:09 - 000509171 _____ C:\Users\Dohnovan\Downloads\GBA_GUIDEBOOK.pdf
2021-09-24 12:28 - 2021-09-24 12:28 - 001190701 _____ C:\Users\Dohnovan\Downloads\Goodwill Employee Handbook - Final 1-30-2020 (1).pdf
2021-09-23 16:57 - 2021-09-23 16:57 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-22 14:36 - 2021-09-22 14:36 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2021-09-22 14:36 - 2021-09-22 14:36 - 000003200 _____ C:\WINDOWS\system32\Tasks\StartAUEP
2021-09-22 14:30 - 2021-10-03 22:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-09-22 14:29 - 2021-09-22 14:29 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-09-22 14:29 - 2021-09-22 14:29 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-09-22 14:29 - 2021-09-22 14:29 - 000002620 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2021-09-22 14:29 - 2021-09-22 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-09-22 14:29 - 2021-09-22 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-09-22 14:29 - 2021-09-22 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-09-22 14:28 - 2021-09-22 14:28 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-09-22 14:28 - 2021-09-22 14:28 - 000000000 ____D C:\Users\Dohnovan\AppData\LocalLow\AMD
2021-09-22 14:17 - 2021-09-10 17:19 - 001869320 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 001869320 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 001448968 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 001448968 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 001107184 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 001107184 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000959872 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000959872 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000797192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000674304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000557568 _____ C:\WINDOWS\system32\GameManager64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000500736 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 000491536 _____ C:\WINDOWS\system32\EEURestart.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 000418832 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000344080 _____ C:\WINDOWS\system32\clinfo.exe
2021-09-22 14:17 - 2021-09-10 17:19 - 000201728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000181264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000178704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000166928 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000158224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000142864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000141328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000091136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000075792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000047120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000044040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000019936 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-09-22 14:17 - 2021-09-10 17:19 - 000019928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 084036616 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 069085184 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 001395200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 001395200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000942096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000846352 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-09-22 14:17 - 2021-09-10 17:18 - 000769552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000524808 _____ C:\WINDOWS\system32\atieah64.exe
2021-09-22 14:17 - 2021-09-10 17:18 - 000468984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000466952 _____ C:\WINDOWS\system32\amdlogum.exe
2021-09-22 14:17 - 2021-09-10 17:18 - 000393208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-09-22 14:17 - 2021-09-10 17:18 - 000260624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000219664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000193440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000157360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000150520 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000139728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000139256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000137728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000131584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000113152 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000111088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000110080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-09-22 14:17 - 2021-09-10 17:18 - 000070656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 069809168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 001689408 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 001368240 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000557584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000535552 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000420880 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000150064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000139704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000125584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-09-22 14:17 - 2021-09-10 17:17 - 000111072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-09-22 14:17 - 2021-09-10 13:45 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-09-22 14:17 - 2021-09-10 13:45 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-09-22 14:17 - 2021-09-10 13:38 - 058201176 _____ C:\WINDOWS\system32\amdxc64.so
2021-09-22 14:17 - 2021-09-10 12:36 - 000562656 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-09-22 14:17 - 2021-09-10 12:36 - 000562656 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-09-22 14:17 - 2021-08-02 23:55 - 000246200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2021-09-19 18:03 - 2021-09-19 18:03 - 000526279 _____ C:\Users\Dohnovan\Downloads\Icicle.rar
2021-09-14 23:23 - 2021-10-03 22:22 - 000000075 _____ C:\Users\Dohnovan\Desktop\settings.sav
2021-09-14 23:14 - 2021-09-14 23:14 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-14 23:14 - 2021-09-14 23:14 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-14 23:14 - 2021-09-14 23:14 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-14 23:14 - 2021-09-14 23:14 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-14 23:14 - 2021-09-14 23:14 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-14 23:13 - 2021-09-14 23:13 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-14 23:13 - 2021-09-14 23:13 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-14 23:13 - 2021-09-14 23:13 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-14 23:13 - 2021-09-14 23:13 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-14 23:13 - 2021-09-14 23:13 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-14 23:13 - 2021-09-14 23:13 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-14 23:13 - 2021-09-14 23:13 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-14 23:13 - 2021-09-14 23:13 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-14 23:13 - 2021-09-14 23:13 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-14 23:12 - 2021-09-14 23:12 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-14 23:12 - 2021-09-14 23:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-14 23:12 - 2021-09-14 23:12 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-14 23:12 - 2021-09-14 23:12 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-14 23:12 - 2021-09-14 23:12 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-14 23:12 - 2021-09-14 23:12 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-14 22:42 - 2021-09-14 22:42 - 000000000 ___HD C:\$WinREAgent
2021-09-10 14:48 - 2021-09-10 14:48 - 000000030 _____ C:\Users\Dohnovan\Desktop\work.txt
2021-09-07 13:25 - 2021-09-07 13:25 - 000002572 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harver System Checker.lnk
2021-09-07 13:25 - 2021-09-07 13:25 - 000002564 _____ C:\Users\Dohnovan\Desktop\Harver System Checker.lnk
2021-09-07 13:25 - 2021-09-07 13:25 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\@harver
2021-09-07 13:25 - 2021-09-07 13:25 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\@harversaas-diagnostic-app-updater
2021-09-06 14:49 - 2021-09-06 14:49 - 012430284 _____ C:\Users\Dohnovan\Downloads\DBM-Warmane-main.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-04 14:17 - 2021-03-23 18:05 - 000000000 ____D C:\ProgramData\TEMP
2021-10-04 14:01 - 2020-06-18 15:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-04 14:01 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-04 13:41 - 2020-12-09 20:01 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\discord
2021-10-04 13:39 - 2021-07-15 19:23 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Discord
2021-10-04 13:26 - 2018-01-14 11:41 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-04 09:30 - 2021-05-31 15:23 - 000000000 ____D C:\Users\Dohnovan\Desktop\mbar
2021-10-04 09:30 - 2019-04-05 09:21 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-10-03 22:49 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-03 22:49 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-03 22:42 - 2019-06-20 10:43 - 000001388 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-10-03 22:41 - 2018-04-14 10:45 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\CrashDumps
2021-10-03 22:37 - 2020-06-18 14:32 - 000000000 ____D C:\Users\Dohnovan
2021-10-03 22:36 - 2020-06-18 16:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-03 22:36 - 2020-06-18 15:39 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-03 22:25 - 2020-06-18 15:39 - 000436016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-03 22:25 - 2019-06-19 15:54 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2021-10-03 22:24 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-03 22:24 - 2017-04-11 10:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-10-03 22:22 - 2021-08-10 12:24 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\steelseries-gg-client
2021-10-03 21:01 - 2020-06-03 11:41 - 000000000 ____D C:\Users\Dohnovan\Desktop\World of Warcraft 3.3.5a
2021-10-03 19:01 - 2017-12-08 22:06 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-03 08:17 - 2020-06-13 10:56 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-03 08:17 - 2020-06-13 10:56 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-02 08:53 - 2020-11-02 10:08 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6b1325f7ebb04
2021-10-02 08:53 - 2020-11-02 10:07 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b1323b307d96
2021-10-01 16:07 - 2020-09-19 15:59 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-10-01 16:07 - 2020-09-19 15:59 - 000002330 _____ C:\Users\Public\Desktop\Brave.lnk
2021-09-30 14:21 - 2020-06-18 16:04 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 14:21 - 2020-06-18 16:04 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 08:10 - 2018-03-13 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-09-27 15:52 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-26 20:19 - 2020-06-18 16:04 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2108490749-413910539-1021375685-1003
2021-09-26 20:19 - 2020-06-18 14:32 - 000002395 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 18:46 - 2020-06-18 15:49 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-24 17:23 - 2018-05-21 16:36 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\D3DSCache
2021-09-24 06:10 - 2018-01-14 11:42 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 06:10 - 2018-01-14 11:42 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-23 16:57 - 2021-08-18 09:59 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Zoom
2021-09-22 14:36 - 2020-06-03 15:42 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-09-22 14:36 - 2018-05-21 16:18 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\AMD
2021-09-22 14:35 - 2021-07-15 19:24 - 000002249 _____ C:\Users\Dohnovan\Desktop\Discord.lnk
2021-09-22 14:35 - 2017-04-11 10:20 - 000000000 ____D C:\Program Files\AMD
2021-09-22 14:17 - 2017-04-11 10:20 - 000000000 ____D C:\AMD
2021-09-17 17:30 - 2021-01-04 11:37 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\AMD_Common
2021-09-15 14:10 - 2017-04-07 15:15 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-14 23:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-14 23:25 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-14 23:22 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-14 22:40 - 2017-12-09 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-14 22:37 - 2017-12-09 11:40 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-10 17:18 - 2021-07-09 17:22 - 000109520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2021-09-10 17:18 - 2021-07-09 17:09 - 001537024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-09-10 17:18 - 2020-06-03 14:27 - 001848320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-09-10 17:18 - 2020-06-03 14:27 - 000202696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-09-10 17:18 - 2020-06-03 14:27 - 000170232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-09-10 17:18 - 2020-06-03 14:27 - 000113664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-09-10 14:21 - 2021-03-30 11:35 - 002443328 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2021-09-10 10:57 - 2018-04-19 16:31 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-09-10 10:54 - 2017-04-07 15:10 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-10 09:50 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-08 11:11 - 2017-12-13 05:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2021-03-01 20:52 - 2021-03-08 23:19 - 000007598 _____ () C:\Users\Dohnovan\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2021
Ran by Dohnovan (04-10-2021 14:18:11)
Running from C:\Users\Dohnovan\Downloads
Windows 10 Home Version 20H2 19042.1237 (X64) (2020-06-18 22:05:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2108490749-413910539-1021375685-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2108490749-413910539-1021375685-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2108490749-413910539-1021375685-1002 - Limited - Disabled)
Dohnovan (S-1-5-21-2108490749-413910539-1021375685-1003 - Administrator - Enabled) => C:\Users\Dohnovan
Guest (S-1-5-21-2108490749-413910539-1021375685-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2108490749-413910539-1021375685-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.9.1 - Advanced Micro Devices, Inc.)
APOInstallerMSISetup (HKLM\...\{5C4734F8-9AF3-4324-A36E-DC147853B2F5}) (Version: 1.2.1101 - Steelseries) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.36.1 - Asmedia Technology)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{C9BA81B6-4A0F-454A-B331-81A45A57573E}) (Version: 1.2.1101 - Steelseries) Hidden
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Black Desert (HKLM-x32\...\BlackDesert_NA_is1) (Version: 1.0 - PearlAbyss Corp.)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 94.1.30.87 - Brave Software Inc)
Discord (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Discord) (Version: 1.0.9002 - Discord Inc.)
ExitLag version 4.183 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 4.183 - ExitLag)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.6.1.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Harver System Checker 2.0.6 (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\57ba83c7-44cc-50c5-93e2-68092ebb1ce7) (Version: 2.0.6 - Harver)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.14.907 - SurfRight B.V.)
Intel® Wireless Bluetooth® (HKLM-x32\...\{0E13241D-76B0-4A4C-9665-3969F55C08D5}) (Version: 19.40.1702.1091 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{263d87d0-9772-40be-ab36-eabbdbff49f7}) (Version: 21.20.1 - Intel Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
ProductDaemonSetup (HKLM\...\{C31282E4-C1A3-433C-A803-D9ED4A99DC8F}) (Version: 1.2.1101 - Steelseries) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.21.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0920.091710 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Revo Uninstaller 2.2.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.8 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{36366F19-5CCC-46DF-81CC-89E4EAC2A6E1}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
SSAudio (HKLM-x32\...\{1c112a1f-1120-415d-85ab-7a3de5b0a9c2}) (Version: 1.2.1101 - Steelseries)
SSAudioDaemonMSISetup (HKLM\...\{CDEA766D-38C5-448B-8316-02D01C842E1E}) (Version: 1.2.1101 - Steelseries) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 8.0.0 (HKLM\...\SteelSeries Engine 3) (Version: 8.0.0 - SteelSeries ApS)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1220 - SUPERAntiSpyware.com)
The Witcher 3 Mod Manager (HKLM\...\{B8F09437-C8B5-4DFD-B655-C93E8C05A8DE}) (Version: 0.6.4 - stefan3372)
UCheck version 4.0.6.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.0.6.0 - Adlice Software)
ULauncher (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\ULauncher) (Version: 0.33.52 - uwow.biz)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-3) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.)
Packages:
=========
9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.3.75.0_x64__hvr7qkvwfhvx6 [2020-07-19] (Magik Hub) [MS Ad]
Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-12] (eyeo GmbH)
AdGuard AdBlocker -> C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-11] (Performix)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.203.500.0_x86__kgqvnymyfvs32 [2021-10-01] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.2.17.0_x86__h6adky7gbf63m [2021-09-13] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.44.4400.0_x86__ytsefhwckbdv6 [2021-10-01] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-24] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.9.13.0_x86__h6adky7gbf63m [2021-10-01] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3202.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Studios)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-12-09] (Plex)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-12-27] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [HitmanPro.Alert Shell Extension] -> {6FAC02B7-77D6-418B-AC11-962C65CDE8DD} => C:\WINDOWS\system32\hmpshell.dll [2021-07-13] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-04-21 03:53 - 2021-04-21 03:53 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-19 06:40 - 2020-03-19 06:40 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2020-03-19 06:40 - 2020-03-19 06:40 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2021-07-07 06:37 - 2021-07-07 06:37 - 000562688 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-07-07 06:37 - 2021-07-07 06:37 - 000058880 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-09-10 14:42 - 2021-09-10 14:42 - 001711616 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2020-04-19 10:41 - 2020-04-19 10:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-19 10:41 - 2020-04-19 10:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:53 - 2021-04-21 03:53 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2108490749-413910539-1021375685-1003 -> {DFAEECB9-2C31-4635-BFCD-485BAEABDD31} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 15:03 - 2020-12-29 17:04 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\Dohnovan\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Bluetooth Network Connection: ExitLag Game Booster -> nt_ndextlag (enabled)
Wi-Fi: ExitLag Game Booster -> nt_ndextlag (enabled)
Local Area Connection: ExitLag Game Booster -> nt_ndextlag (enabled)
Ethernet 2: ExitLag Game Booster -> nt_ndextlag (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "OPENVPN-GUI"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0412D97-2B69-47C9-BBFB-2ED8469D7CE2}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe => No File
FirewallRules: [{54B9FF3F-545D-4E04-86D8-EA8F5621F500}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe => No File
FirewallRules: [UDP Query User{A0E149A6-970C-44C4-AFFC-02FC91A4CB96}C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe => No File
FirewallRules: [TCP Query User{C8177E75-DFAB-46C2-B950-CE420F73D664}C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandsgotyenhanced\binaries\win64\borderlandsgoty.exe => No File
FirewallRules: [{E246DB11-0299-4E9E-BAF1-F9600C9E1E87}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F01FBF58-567C-4C2D-9E09-69501E7126D0}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0C6F481E-F930-4C76-AE5C-202166C80AE3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{3A8F03ED-1DF4-4EFC-AB24-470F3D8E2A04}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A73A6A68-3D6E-4ACB-BB1C-69891D2BC2E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D98FA1A5-1463-4F80-B944-62DCFE82B0DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{21FC1428-1EFB-47FF-BF78-DB5B1945382E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A8E5B1A0-6D7D-4D9C-96E1-B72039726CC2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3D351B8C-C55C-4E63-8639-18CAD54C17A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{F51AAC48-DBDB-4C61-8F51-A45DA1FA8EB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{8D6BD339-6DB0-4B01-B064-950E1CB534FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{D37551E3-AE21-495A-90C1-0CE6907D3259}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{F2E459D0-8C52-44F9-B805-AFDA263B500D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AE0EC883-ECC1-4257-9241-1C9586835901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{2C813A9F-F998-4D44-8B34-6963CF481A47}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{355EBCE9-2330-4B92-8E46-C7C76C402DA4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{4F7CACBF-BBB5-428E-B6EE-D1163044D084}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{31B319D4-01B2-48FE-81A7-51110CE771B7}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{732F52FA-463B-4228-8163-A5EC1E0B8C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{50E286A9-EC43-4A42-82B3-B541B6893C62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{1F8ED8C6-7BC4-4A9D-A0C4-CB325EFD5D6B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{10E915F4-B060-41ED-9099-5EF5FEDC51B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{A1107BB9-D07D-4538-921E-DD81D2AEECB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{DCD1F17A-2BEB-42E9-AC79-2A27FFA26A0E}] => (Allow) C:\Users\Dohnovan\AppData\Local\uwow.biz\ULauncher\ULauncher.exe => No File
FirewallRules: [{C4CC9AC9-07BD-47C8-8259-C0203C0F8F96}] => (Allow) C:\Users\Dohnovan\AppData\Local\uwow.biz\ULauncher\ULauncher.exe => No File
FirewallRules: [{BCAA2A6E-48D3-4CDA-948C-91ED4C30BEEF}] => (Allow) C:\Users\Dohnovan\AppData\Local\uwow.biz\ULauncher\ULauncher-64.exe => No File
FirewallRules: [{59194558-1F74-47C0-A292-E4C268CE4DE2}] => (Allow) C:\Users\Dohnovan\AppData\Local\uwow.biz\ULauncher\ULauncher-64.exe => No File
FirewallRules: [{DF89A7C7-70CA-43B2-89FA-5ACD631CC317}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{47E669C5-EA82-4003-BFAA-1B77955F294F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{0E651DF0-62D3-41D5-B039-3C42CE903B96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{0E3D7240-E0CA-4AD9-AB7E-83B299E16D7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{FE841FE0-AF52-4F88-BAD3-FC27B3BBE355}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe => No File
FirewallRules: [{2B60EF73-79AF-4C30-B219-5C308A76B9A8}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe => No File
FirewallRules: [TCP Query User{AAE24D0B-66E4-4DBF-9D11-BDB5DA9EBBC4}C:\nexon\library\vindictus\appdata\en-us\vindictus.exe] => (Allow) C:\nexon\library\vindictus\appdata\en-us\vindictus.exe => No File
FirewallRules: [UDP Query User{06001795-8783-4528-BC5A-AFC3D003C53F}C:\nexon\library\vindictus\appdata\en-us\vindictus.exe] => (Allow) C:\nexon\library\vindictus\appdata\en-us\vindictus.exe => No File
FirewallRules: [{0D5E5246-A81D-468F-9430-DFC8227F37BF}] => (Allow) C:\nexon\library\vindictus\appdata\en-us\vindictus.exe => No File
FirewallRules: [{B909D68E-397F-4B5F-BF10-32E134BD926D}] => (Allow) C:\nexon\library\vindictus\appdata\en-us\vindictus.exe => No File
FirewallRules: [{54ABB1D1-2DBD-4DA9-BE0E-58C743F320FF}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [{D83A3869-F28B-4A4C-B367-B9F8F6B62C4D}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [{69712494-47AF-4F6B-81B1-D640176259B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam\nxsteam.exe => No File
FirewallRules: [{48BA3E5F-AFA4-43B6-9E64-80C5BA70286F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam\nxsteam.exe => No File
FirewallRules: [{1BE0A6A0-5613-4700-829E-225605C5D1E7}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{E2421D3E-73BD-4E25-9656-92F5F49738FB}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{91B94865-65B7-45CA-AF9E-44B3023CB9CC}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{5E6DF25B-EE60-4F06-B08B-00004B89EB93}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{E5143819-BFC2-4C59-9BAD-1344103E4AD5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{FF3D1063-02E7-4038-8B96-7596039786DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39B48F71-0830-42FC-A13A-0F698E6A8A87}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C4B794D-4AB7-4578-9BD7-26297A3C9E24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AD13146-2654-4E80-8E3E-3D2E9B62E6EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB8FEBBB-6628-47F5-803B-46B0F78DE4C4}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8DF02C6B-D5E9-434A-9987-D9A1544C024B}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{188F4C79-E313-408E-9BC2-9A8627714F05}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{093A4023-8BA4-40A8-937A-7E3E26A36939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DBF7A4A0-370F-475C-AD48-E9EB329F39A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2646AFA2-162E-42A1-80E5-8FCE3C4E271C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{63CB26E2-BC63-42BC-A5D0-0E12FF443786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{5E207D8B-3BCE-4A94-A395-EDB08807843E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25CCACBF-D00F-4DE0-8FDF-ED1A812FAADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StateOfDecay2\StateOfDecay2\Binaries\Win64\StateOfDecay2-Win64-Shipping.exe (Undead Labs, LLC) [File not signed]
FirewallRules: [{3351BAF1-BD8E-4881-9C12-D3FEA0E049E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StateOfDecay2\StateOfDecay2\Binaries\Win64\StateOfDecay2-Win64-Shipping.exe (Undead Labs, LLC) [File not signed]
FirewallRules: [{C352B958-6E94-40B3-88AF-A69CC8BF5CB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{68C81444-1097-4A61-ACE3-076398183070}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9BD8C418-A5C0-4B11-AFF4-4F757DB64AC0}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
22-09-2021 14:21:16 Radeon Installer
29-09-2021 16:35:08 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/03/2021 10:41:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002e1a4c
Faulting process id: 0x1b90
Faulting application start time: 0x01d7b8d989824976
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 65742a4b-25ef-48e1-b6d3-61ff9cdc751f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/03/2021 10:11:14 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (10/03/2021 09:33:53 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (10/02/2021 03:41:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Windows (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/26/2021 09:47:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Windows (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/23/2021 05:38:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow.exe version 3.3.5.12340 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 5ddc
Start Time: 01d7b0d11355b458
Termination Time: 11
Application Path: C:\Users\Dohnovan\Desktop\World of Warcraft 3.3.5a\Wow.exe
Report Id: 2e450f56-81af-417c-9795-4627381b1e41
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (09/22/2021 02:16:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow.exe version 3.3.5.12340 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 36d4
Start Time: 01d7afdfcd362676
Termination Time: 8
Application Path: C:\Users\Dohnovan\Desktop\World of Warcraft 3.3.5a\Wow.exe
Report Id: 47de8a7b-9ce8-446f-84bb-2e5124bb6027
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (09/22/2021 12:29:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow.exe version 3.3.5.12340 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 731c
Start Time: 01d7afdabfb115fa
Termination Time: 7
Application Path: C:\Users\Dohnovan\Desktop\World of Warcraft 3.3.5a\Wow.exe
Report Id: 92e2eab5-82ba-40f9-b8ac-5f0c2c9b6fa1
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
System errors:
=============
Error: (10/03/2021 10:44:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (10/03/2021 10:44:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dohnovan\AppData\Local\Temp\ehdrv.sys
Error: (10/03/2021 10:44:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (10/03/2021 10:44:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dohnovan\AppData\Local\Temp\ehdrv.sys
Error: (10/03/2021 10:44:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (10/03/2021 10:44:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dohnovan\AppData\Local\Temp\ehdrv.sys
Error: (10/03/2021 10:44:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (10/03/2021 10:44:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dohnovan\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-10-04 12:12:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-10-03 12:35:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-10-02 15:08:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-10-01 12:33:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-29 15:28:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2020-12-31 15:28:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264983736925672704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-31 04:40:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264983736925672704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.51 05/02/2017
Motherboard: Micro-Star International Co., Ltd B350M BAZOOKA (MS-7A38)
Processor: AMD Ryzen 5 1400 Quad-Core Processor
Percentage of memory in use: 74%
Total physical RAM: 8144.69 MB
Available physical RAM: 2088.58 MB
Total Virtual: 14800.69 MB
Available Virtual: 3366.68 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:219.18 GB) NTFS
Drive d: (Windows) (RAMDisk) (Total:930.91 GB) (Free:219.16 GB) NTFS
\\?\Volume{34b487b2-1f24-455b-888b-88fe24145180}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{7c6e70a3-6b38-47db-a32a-880393128539}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1BA58450)
Partition: GPT.
==================== End of Addition.txt =======================
Edited by Eldon123, 04 October 2021 - 02:31 PM.