Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by samue (administrator) on DESKTOP-VMR9NA7 (17-01-2022 17:31:11)
Running from C:\Users\samue\Desktop
Loaded Profiles: samue
Platform: Microsoft Windows 10 Home Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͡901.inf_amd64_204a65b18f2a904a\B361909\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͡901.inf_amd64_204a65b18f2a904a\B361909\atiesrxx.exe
(Discord Inc. -> Discord Inc.) C:\Users\samue\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(MICROLEAVES LTD -> ) C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <6>
(Microleaves LTD -> Advanced Windows Manager) C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpatialAudioLicenseSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.188.0.22\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.188.0.22\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wacom Co., Ltd. -> ) C:\Program Files\Tablet\Wacom\Wacom_UpdateUtil.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389960 2018-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Weather] => C:\Users\samue\AppData\Roaming\Weather\Weather.exe [134113181 2021-02-06] (WeatherApplication) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1312040 2018-12-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-10-06] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [Discord] => C:\Users\samue\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe [2495672 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-01-05] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [] => [X]
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-02-24] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-01-13] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\RunOnce: [Application Restart #3] => C:\Users\samue\AppData\Roaming\Weather\Weather.exe [134113181 2021-02-06] (WeatherApplication) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-06] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0738FF8C-B2DB-4557-BF14-6AA032B8A753} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {078FBA31-9C80-4A43-AEC5-88E74F136F28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-27] (Google LLC -> Google LLC)
Task: {0BC7E0D8-4C01-465D-B5B3-5F32828DEF73} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {13B700C7-8397-4A8D-B7CB-0BDBAA30B5E0} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {15EE891E-21AD-42CB-9E4B-32F39947C9D7} - System32\Tasks\AdvancedWindowsManager #6 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {183C5E42-ECBA-47A9-A27F-F65AE864355B} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {1C66CD3B-D733-43C9-9A86-3DEBFF79B3CD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1D0CB678-50B3-4856-BF13-69ED5D81727D} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {1E409E1B-58B1-4380-88B1-B766EDCB8B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {223F24CD-498E-4ADA-91AD-0FB56D7CE485} - System32\Tasks\AdvancedWindowsManager #4 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {23343E61-70C7-42EF-94E4-930B734B7A8A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2021-06-05] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {2BFEE421-016B-478B-984D-BFF278196D39} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {30D4F409-292D-4B26-B0D6-2655D56AD3FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A3FF56B-64E1-428C-B71C-EFEAC2DA8AC0} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Windows Updater.exe [1020024 2021-04-09] (Microleaves LTD -> AdvancedWindowsManager) <==== ATTENTION
Task: {3DA0675D-3FCC-4BD6-A21E-0D03108CE074} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3DE2B95F-0A7A-447F-A6AB-D3119F3A74FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-27] (Google LLC -> Google LLC)
Task: {467C1A21-20E8-46C6-813E-FEB5E1237360} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {476A68C5-4C66-4E3E-B777-E12E5463D130} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [908144 2017-11-09] (MICROLEAVES LTD -> Microleaves) <==== ATTENTION
Task: {572F8315-0B42-4B4C-BE01-0716A435CACA} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FE26B08-4934-477E-9D79-0B9DACE3EDA2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {61C9ECD3-0C65-481A-8CF2-FCC66370A7EE} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {6B2DBB5F-5353-449B-95DE-D304B2666A1D} - System32\Tasks\AdvancedWindowsManager => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {7480ECD9-F0C1-457E-874F-663935E6EC7F} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe -o pool.minexmr.com:4444 -u 844ozfodJvN59Xn7LLDfqXNKbM1bAABZY2ZWmd5jJJQ6P2cdseRePBYAkwmEhLhoCXGFod5DXZY8eiRcnwKxjVMpFgsWU5V -p x (No File) <==== ATTENTION
Task: {76534BC4-8AEA-4095-9D72-6F54208DA8FC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7809B2BC-1799-43D3-9C09-2B695FA52517} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {8C171133-CAE9-4179-8F3D-E23107DC0A82} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {8C591FB3-CA4D-4498-813F-3916D8D9AF48} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-13] (Overwolf Ltd -> Overwolf LTD)
Task: {9A699171-4AE3-4057-A9F5-2D9AC10FD510} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9D4EAA9A-8F8E-4BD5-90B6-EB1E12F784F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D5E980D-B2E6-4054-ABB3-C992721B7A9B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1443207549-266473185-1957000176-500 => C:\Users\samue\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {AAEBCE61-B9B4-440C-94B6-B582684935F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE05780A-2EAD-48C5-97CA-3E783054FB8F} - System32\Tasks\AdvancedWindowsManager #5 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {AF13FDA5-4AB9-4F54-B720-EF13EDAC884B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AFE8648C-0DEC-482D-B596-D7E4EF066F32} - System32\Tasks\AdvancedWindowsManager #3 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {B6EF075B-766C-46F9-9111-3BF040C8321F} - System32\Tasks\AdvancedWindowsManager #1 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {BE717321-4795-48C4-A94F-54DA0D6F5005} - System32\Tasks\AdvancedWindowsManager #2 => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe [482632 2021-04-09] (Microleaves LTD -> Advanced Windows Manager) <==== ATTENTION
Task: {E5E15249-5708-4E9F-94AF-D513AF35CB3C} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {EBBF449E-ED59-4FD4-BB12-DF531E2876F1} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [199864 2017-11-02] (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {F4DF1DC4-68F6-4C44-8909-B5A9E719DCB7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {F5A92030-10EC-435D-A825-8069428DC71C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6C699AB-1705-42FD-BA7F-25F85E3B5315} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{67e5bc1d-4207-4265-9467-7b7f63a4081d}: [DhcpNameServer] 10.0.1.1 10.0.1.3
Tcpip\..\Interfaces\{f633f7ab-56bb-4545-a271-410c006b76dc}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\samue\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-16]
FireFox:
========
FF DefaultProfile: 9rbtgwa0.default
FF ProfilePath: C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\9rbtgwa0.default [0000-00-00]
FF Homepage: Mozilla\Firefox\Profiles\9rbtgwa0.default -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=AE190201&iDate=2021-02-18 01:18:29&bName=
FF NewTab: Mozilla\Firefox\Profiles\9rbtgwa0.default -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=AE190201&iDate=2021-02-18 01:18:29&bName=
FF ProfilePath: C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release [0000-00-00]
FF DownloadDir: C:\Users\samue\Desktop
FF Homepage: Mozilla\Firefox\Profiles\lkzehow4.default-release -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=AE190201&iDate=2021-02-18 01:18:29&bName=
FF NewTab: Mozilla\Firefox\Profiles\lkzehow4.default-release -> hxxps://segoonow.com/homepage?hp=1&bitmask=9996&pId=AE190201&iDate=2021-02-18 01:18:29&bName=
FF Extension: (Dark Reader) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2021-12-07]
FF Extension: (Clear Cache) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2020-12-31]
FF Extension: (Tomato Clock) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2021-09-06]
FF Extension: (SponsorBlock for YouTube - Skip Sponsorships) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2022-01-17]
FF Extension: (TinEye Reverse Image Search) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2021-10-29]
FF Extension: (Tree Style Tab) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2022-01-12]
FF Extension: (uBlock Origin) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\[email protected] [2022-01-13]
FF Extension: (Flagfox) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2022-01-03]
FF Extension: (Halo-4-wallpaper-unsc) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{192fc524-b327-4258-a129-bac739726340}.xpi [2020-12-31]
FF Extension: (ANIMATED Neutron Stars by candelora) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{2c216ba1-594a-4039-a389-b954f42ff809}.xpi [2021-07-12]
FF Extension: (Blue and Black Stamped Metal) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{3cda8d03-de1b-47b2-9075-9050cb300ee6}.xpi [2020-12-31]
FF Extension: (Psychedelic Glass Squared) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{52b92fe9-753c-4514-851f-63689f4427f2}.xpi [2020-12-31]
FF Extension: (Dark) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{6341c2d3-7376-4d9b-847c-d4679d341d87}.xpi [2020-12-31]
FF Extension: (Misty dark forest II) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{ac92fc5a-c8cd-4f87-b75c-7a4268e9b5cc}.xpi [2020-12-31]
FF Extension: (Video DownloadHelper) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (Dark Carbon Fiber 1) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{c8b661e4-148d-4fa7-8cfb-81818fd98feb}.xpi [2020-12-31]
FF Extension: (Summerwood) - C:\Users\samue\AppData\Roaming\Mozilla\Firefox\Profiles\lkzehow4.default-release\Extensions\{fb7d2936-bd43-4dcd-ae06-bf7a15401808}.xpi [2020-12-31]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-10-06] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-10-06] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bauddlpcdew.js [2021-02-18] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\rulr5djffog.js [2021-07-05] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\uvt2wwvynov.js [2021-02-18] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bauddlpcdew.cfg [2021-02-18] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\rulr5djffog.cfg [2021-07-05] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\uvt2wwvynov.cfg [2021-02-18] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-10-06] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [61832 2020-12-04] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-07-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-05-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [6161552 2021-09-01] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-01-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-16] (GOG Sp. z o.o. -> GOG.com)
R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-02-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-13] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1934744 2021-06-30] (Rockstar Games, Inc. -> Rockstar Games)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-02-24] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 EQU8_HELPER_36; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2021-09-22] (Int3 Software AB -> )
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2020-09-17] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131288 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [29368 2021-11-19] (WDKTestCert dant_ppxe9ny,132779414088034662 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-17 17:31 - 2022-01-17 17:31 - 000035205 _____ C:\Users\samue\Desktop\FRST.txt
2022-01-17 17:30 - 2022-01-17 17:30 - 000000000 ____D C:\Users\samue\Desktop\FRST-OlderVersion
2022-01-17 17:23 - 2022-01-17 17:30 - 002311680 _____ (Farbar) C:\Users\samue\Desktop\FRST64(1).exe
2022-01-17 17:21 - 2022-01-17 17:31 - 000000000 ____D C:\FRST
2022-01-17 17:21 - 2022-01-17 17:21 - 000000000 ____D C:\Users\samue\Downloads\FRST-OlderVersion
2022-01-16 15:28 - 2022-01-16 15:28 - 000002586 _____ C:\Users\Public\Desktop\Toon Boom Storyboard Pro 20.lnk
2022-01-16 15:28 - 2022-01-16 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storyboard Pro 20
2022-01-16 15:27 - 2022-01-16 15:27 - 337791096 _____ (Toon Boom Animation) C:\Users\samue\Downloads\SBP20-win-17538(2).exe
2022-01-16 01:28 - 2022-01-16 01:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-16 00:54 - 2022-01-16 01:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-15 15:11 - 2022-01-15 15:11 - 021736720 _____ C:\Users\samue\Downloads\thumbnails goblin_girl_2022 jan_15_2022.sbbkp
2022-01-14 15:11 - 2022-01-14 15:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2022-01-12 15:17 - 2022-01-12 15:17 - 009365290 _____ C:\Users\samue\Downloads\thumbnails goblin_girl_2022 its a backup.sbbkp
2022-01-12 00:54 - 2022-01-12 00:54 - 000001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2022.lnk
2022-01-08 13:03 - 2022-01-08 13:04 - 000375625 _____ C:\Users\samue\Downloads\MB_TextureBrushes.xml
2022-01-08 12:35 - 2022-01-08 12:35 - 000000000 ____D C:\Users\samue\Desktop\Goblin Girl Boards
2022-01-03 14:11 - 2022-01-03 14:11 - 000083682 _____ C:\Users\samue\Downloads\magnificent_2.zip
2022-01-03 14:10 - 2022-01-03 14:10 - 000602099 _____ C:\Users\samue\Downloads\the_centurion.zip
2022-01-03 14:10 - 2022-01-03 14:10 - 000192289 _____ C:\Users\samue\Downloads\ruritania.zip
2022-01-03 14:10 - 2022-01-03 14:10 - 000052615 _____ C:\Users\samue\Downloads\cardinal.zip
2022-01-03 14:10 - 2022-01-03 14:10 - 000020918 _____ C:\Users\samue\Downloads\seagram_tfb.zip
2022-01-03 14:09 - 2022-01-03 14:09 - 000328104 _____ C:\Users\samue\Downloads\enchanted_land.zip
2021-12-29 20:03 - 2022-01-17 01:51 - 000000000 ____D C:\Users\samue\Documents\The Witcher 3
2021-12-29 18:24 - 2021-12-29 18:24 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2021-12-28 21:45 - 2021-12-28 21:45 - 000000223 _____ C:\Users\samue\Desktop\ROUNDS.url
2021-12-28 19:59 - 2021-12-28 20:04 - 000000000 ____D C:\Users\samue\AppData\Local\Ori and the Will of The Wisps
2021-12-28 19:59 - 2021-12-28 19:59 - 000000000 ____D C:\Users\samue\AppData\LocalLow\Moon Studios
2021-12-27 18:14 - 2021-12-27 18:14 - 000000222 _____ C:\Users\samue\Desktop\The Witcher 3 Wild Hunt.url
2021-12-27 18:13 - 2021-12-27 18:13 - 000000223 _____ C:\Users\samue\Desktop\Ori and the Will of the Wisps.url
2021-12-27 18:13 - 2021-12-27 18:13 - 000000223 _____ C:\Users\samue\Desktop\A Short Hike.url
2021-12-27 18:13 - 2021-12-27 18:13 - 000000000 ____D C:\Users\samue\AppData\LocalLow\adamgryu
2021-12-27 18:03 - 2021-12-27 18:03 - 000000000 ____D C:\Users\samue\AppData\Local\TheAscent
2021-12-27 16:13 - 2021-12-27 16:13 - 000000222 _____ C:\Users\samue\Desktop\Sable.url
2021-12-27 12:01 - 2021-12-27 12:01 - 3436665791 _____ C:\WINDOWS\MEMORY.DMP
2021-12-27 12:01 - 2021-12-27 12:01 - 003138716 _____ C:\WINDOWS\Minidump\122721-15015-01.dmp
2021-12-27 11:36 - 2021-12-27 11:36 - 000000223 _____ C:\Users\samue\Desktop\Portal Reloaded.url
2021-12-27 09:47 - 2021-12-27 09:47 - 000000000 ____D C:\Users\samue\Documents\DARKSiDERS
2021-12-27 09:47 - 2021-12-27 09:47 - 000000000 ____D C:\Users\samue\AppData\Roaming\milkfactory
2021-12-19 22:35 - 2021-12-19 22:35 - 000000000 ____D C:\Users\samue\AppData\Local\HellbladeGame
2021-12-19 22:05 - 2021-12-19 22:05 - 001770744 _____ C:\Users\samue\Downloads\SteamSetup(2).exe
2021-12-19 12:53 - 2021-12-19 12:53 - 000001092 _____ C:\Users\samue\Desktop\Adobe Lightroom Classic.lnk
2021-12-19 12:53 - 2021-12-19 12:53 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-12-18 23:25 - 2021-12-18 23:25 - 000538592 _____ C:\Users\samue\Documents\touch everything.fla
2021-12-18 15:51 - 2021-12-18 15:51 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2022.lnk
2021-12-18 15:50 - 2021-12-18 15:50 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2022.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-17 17:28 - 2020-09-01 18:42 - 000000000 ____D C:\Users\samue\AppData\Roaming\discord
2022-01-17 17:27 - 2020-09-01 18:42 - 000000000 ____D C:\Users\samue\AppData\Local\Discord
2022-01-17 17:25 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-17 17:20 - 2021-04-29 17:46 - 000000000 ____D C:\Users\samue\AppData\Roaming\Toon Boom Animation
2022-01-17 17:20 - 2020-12-16 23:13 - 000000000 ____D C:\Users\samue\AppData\Roaming\WTablet
2022-01-17 17:17 - 2021-03-26 00:21 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-01-17 17:17 - 2021-03-26 00:21 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-01-17 17:17 - 2021-03-26 00:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-17 17:17 - 2020-10-27 18:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-17 17:17 - 2020-06-28 00:35 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-17 13:19 - 2021-07-17 15:03 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-17 13:19 - 2020-06-28 00:24 - 000000000 ____D C:\Users\samue\AppData\LocalLow\Mozilla
2022-01-17 01:55 - 2020-06-28 00:17 - 000000000 ____D C:\Users\samue\AppData\Local\D3DSCache
2022-01-16 23:04 - 2021-12-08 17:41 - 000000000 ____D C:\Users\samue\Desktop\gobelins work
2022-01-16 01:28 - 2020-06-28 00:24 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-16 01:28 - 2020-06-28 00:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-15 18:31 - 2021-03-26 00:21 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-15 18:31 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-15 18:27 - 2021-07-17 15:06 - 000000000 ___RD C:\Users\samue\Creative Cloud Files
2022-01-15 18:27 - 2021-07-10 13:03 - 000000000 ____D C:\Users\samue\AppData\Local\Overwolf
2022-01-15 18:26 - 2021-03-26 00:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-15 18:26 - 2021-03-26 00:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-15 18:26 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-15 16:26 - 2021-06-29 05:20 - 000000084 _____ C:\WINDOWS\system32\perfdish001.dat
2022-01-15 10:24 - 2020-07-19 01:16 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-15 10:24 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-15 10:24 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-15 07:52 - 2020-01-08 16:49 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 15:11 - 2020-12-16 23:12 - 000000000 ____D C:\Program Files\Tablet
2022-01-14 10:45 - 2021-07-10 13:04 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-01-14 10:19 - 2021-03-26 00:18 - 000000000 ____D C:\Users\samue
2022-01-14 00:11 - 2021-11-06 12:11 - 000000000 ____D C:\Users\samue\Desktop\goblins
2022-01-12 00:57 - 2020-12-10 23:26 - 000000000 ____D C:\Users\samue\AppData\Local\AMD_Common
2022-01-12 00:54 - 2020-12-16 23:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-12 00:53 - 2021-03-08 18:38 - 000000000 ____D C:\Users\samue\AppData\Roaming\audacity
2022-01-08 12:34 - 2020-12-15 17:41 - 000000000 ____D C:\Program Files\Adobe
2022-01-06 20:55 - 2020-10-27 18:13 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-06 20:55 - 2020-10-27 18:13 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 13:06 - 2021-09-09 18:04 - 000001456 _____ C:\Users\samue\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-01-05 22:20 - 2020-10-14 19:51 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-12-30 14:49 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-12-28 21:45 - 2021-08-29 20:55 - 000000000 ____D C:\Users\samue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-12-28 20:05 - 2021-07-17 15:06 - 000000000 ____D C:\Users\samue\AppData\Local\CrashDumps
2021-12-28 18:42 - 2020-09-15 22:17 - 000000000 ____D C:\Users\samue\AppData\Roaming\RenPy
2021-12-27 18:03 - 2020-03-13 13:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-27 12:01 - 2021-12-16 10:08 - 000000000 ____D C:\Users\samue\AppData\Roaming\Apple Computer
2021-12-27 12:01 - 2021-04-16 10:12 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-27 11:59 - 2020-07-21 20:39 - 000000000 ____D C:\Users\samue\AppData\Roaming\tixati
2021-12-27 09:47 - 2020-07-21 23:37 - 000000000 ____D C:\Games
2021-12-19 22:05 - 2021-06-28 00:00 - 000001039 _____ C:\Users\Public\Desktop\Steam.lnk
2021-12-18 19:10 - 2020-12-15 18:07 - 000000000 ____D C:\Users\samue\Documents\Adobe
2021-12-18 19:10 - 2020-06-28 00:19 - 000000000 ____D C:\Users\samue\AppData\Roaming\Adobe
2021-12-18 15:50 - 2020-12-15 17:40 - 000000000 ____D C:\Users\samue\AppData\Local\Adobe
2021-12-18 15:50 - 2020-12-15 17:40 - 000000000 ____D C:\ProgramData\Adobe
2021-12-18 07:24 - 2021-12-15 10:39 - 000000000 ____D C:\Users\samue\Documents\REAPER Media
==================== Files in the root of some directories ========
2020-11-07 08:16 - 2011-07-19 03:37 - 000003262 _____ () C:\Program Files (x86)\Falco.ico
2020-11-07 08:16 - 2011-07-19 04:05 - 000000046 _____ () C:\Program Files (x86)\Falco.url
2020-11-07 08:16 - 2017-11-19 13:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico
2020-11-07 08:16 - 2017-11-19 13:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url
2020-11-07 08:16 - 2016-01-05 13:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico
2020-11-07 08:16 - 2016-01-05 13:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url
2020-11-07 08:16 - 2016-12-21 01:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico
2020-11-07 08:16 - 2016-12-21 01:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url
2021-09-09 18:04 - 2022-01-06 13:06 - 000001456 _____ () C:\Users\samue\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-01-06 02:13 - 2021-01-07 20:12 - 000025282 _____ () C:\Users\samue\AppData\Local\digikamrc
2021-07-17 15:16 - 2021-07-17 15:16 - 000000000 _____ () C:\Users\samue\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
266473185-1957000176-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1I_6BR0W53I3 version 156.2 (HKLM-x32\...\1I_6BR0W53I3_is1) (Version: 156.2 - LLCLnl6 SOFTWARE)
Adobe Animate 2022 (HKLM-x32\...\FLPR_22_0_2) (Version: 22.0.2 - Adobe Inc.)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_1) (Version: 12.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.0.788.2 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_0_1) (Version: 17.0.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_1) (Version: 11.1 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_1_1) (Version: 22.1.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_1) (Version: 23.1.0.143 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.12.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{1774a753-7604-40a0-adbd-e3dc95bea5a8}) (Version: 2.04.04.111 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Aurora (HKLM-x32\...\{A65BAA2D-2281-4DEE-93E0-34F323527587}) (Version: 1.0.3 - Aurora)
Batman - The Telltale Series (HKLM-x32\...\2140144872_is1) (Version: byefbpatch - GOG.com)
Batman The Enemy Within - The Telltale Series (HKLM-x32\...\2135854393_is1) (Version: episode 5 - GOG.com)
Blacksad: Under the Skin (HKLM-x32\...\1772238447_is1) (Version: 1.0.2_11546.2810.2019111301_Hotfix1 - GOG.com)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Capture One 20 (HKLM\...\CaptureOne13_is1) (Version: 13.0.0.155 - Phase One A/S)
Cheat Engine 7.3 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
CLIP STUDIO 1.8.0 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.8.0 - CELSYS)
CLIP STUDIO PAINT 1.8.2 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.8.2 - CELSYS)
Dead Cells (HKLM-x32\...\1237807960_is1) (Version: 1.0 - GOG.com)
digiKam 7.1.0 (HKLM-x32\...\digiKam) (Version: 7.1.0 - The digiKam team)
Discord (HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Discord) (Version: 0.0.311 - Discord Inc.)
Documentation Manager (HKLM\...\{1C8E0D25-2AD1-4A5B-885E-03256A0ED8B6}) (Version: 21.70.0.6 - Intel Corporation) Hidden
DRAGON QUEST BUILDERS 2 (HKLM-x32\...\DRAGON QUEST BUILDERS 2_is1) (Version: - )
Epson Event Manager (HKLM-x32\...\{15F081E3-93FF-4FF3-B447-42CC458C4F79}) (Version: 3.11.0021 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Genshin Impact (HKLM\...\Genshin Impact Beta) (Version: 2.3.3.0 - miHoYo Co.,Ltd)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.11.2.0 - miHoYo Co.,Ltd)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Her Story (HKLM-x32\...\1435240365_is1) (Version: gog-1 - GOG.com)
Human - Fall Flat (HKLM-x32\...\{E8D22FE1-AB5F-42CA-2662-6F70B96DDD90}_is1) (Version: 0.6.0 - FreeTP.Org)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000070-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.70.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{9be285a1-83bf-4416-853d-015017626f25}) (Version: 21.70.0.6 - Intel Corporation) Hidden
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kentucky Route Zero (HKLM-x32\...\1207660653_is1) (Version: 2.3.0.9 - GOG.com)
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
LOOT version 0.15.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.15.1 - LOOT Team)
MaskVPN (HKLM-x32\...\{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 - Global Media (Thailand) Co., Ltd)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.62 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 96.0.1 (x64 en-US)) (Version: 96.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenToonz version 1.4.0 (HKLM\...\{DF519282-600D-4E03-9190-6046329B1CB4}_is1) (Version: 1.4.0 - DWANGO Co., Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.92.46430 - Electronic Arts, Inc.)
Overcooked 2 (HKLM-x32\...\Overcooked 2_is1) (Version: - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.188.0.22 - Overwolf Ltd.)
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Photo Mechanic Full (HKLM\...\{342310B8-3A44-49AB-9B22-0CC4968DA410}) (Version: 6.0.2818 - Camera Bits, Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
PSD Repair Kit 2.3 (HKLM-x32\...\PSD Repair Kit_is1) (Version: - File Master LLC)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8522 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - )
SketchUp 2020 (HKLM-x32\...\{522800F1-9FCE-44F2-8D2E-2CEC5B25A9C2}) (Version: 20.2.172 - Trimble, Inc.)
SketchUpPro (HKLM\...\{5778f9a3-781e-16f1-a6bf-08fd59dfa77b}) (Version: 20.2.172.37 - SketchUp) Hidden
Spelunky (HKLM-x32\...\1207659257_is1) (Version: 2.1.0.9 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TakeMyFile (HKLM-x32\...\{21AC19EB-58FC-43D8-984F-008619E193D6}_is1) (Version: 1.02 - US-Media-Capital)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
Thunderstore Mod Manager (HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\Overwolf_ahpflogoookodlegojjphcjpjaejgghjnfcdjdmi) (Version: 1.6.0 - Overwolf app)
Tixati (HKLM-x32\...\tixati) (Version: - )
Toon Boom Storyboard Pro 20 (HKLM-x32\...\{85D673AF-6DCA-1014-920B-4EFA9FCDC13C}) (Version: 20.10.2.17538 - Toon Boom Animation)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
viewerise v1.53.222 (HKLM-x32\...\viewerise_is1) (Version: 1.53.0.2 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.45-1 - Wacom Technology Corp.)
Weather (HKLM-x32\...\Weather) (Version: 9.1.0A - Weather)
Web Companion (HKLM-x32\...\{b08cfc25-a227-48fc-9b8e-5e686af24be3}) (Version: 7.0.2417.4248 - Lavasoft)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
Windows Driver Package - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Windows Driver Package - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S)
Windows Installer (HKLM-x32\...\{13499434-9821-4E2D-B7DF-7C0867EB1504}) (Version: 5.0.3 - AdvancedWindowsManager)
WTSilver version 0.0 (HKLM-x32\...\{13B6C361-A725-475B-96F5-5871177F4B14}_is1) (Version: 0.0 - )
Zoom (HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2020-08-21] (Hauke Hasselberg)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-07-17] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220 [2021-03-19] (Dolby Laboratories)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.38.0.0_x64__ypmq2qh89vmny [2021-03-18] (Turnipsoft)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-01] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1443207549-266473185-1957000176-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0D62594C70D7} -> [Creative Cloud Files] => C:\Users\samue\Creative Cloud Files [2021-07-17 15:06]
CustomCLSID: HKU\S-1-5-21-1443207549-266473185-1957000176-1003_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1443207549-266473185-1957000176-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-26] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-26] (Adobe Inc. -> )
ContextMenuHandlers4: [PMShellExt] -> {D33CAA34-6010-4798-A3A3-11600C03EDDB} => C:\Program Files\Camera Bits\Photo Mechanic\PMShellMenu\PMShellMenu.dll [2019-04-05] (Camera Bits, Inc.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-26] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-07-14 08:20 - 2021-10-05 20:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-07-14 08:20 - 2021-10-05 20:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-07-14 08:20 - 2021-10-05 20:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-19 05:40 - 2020-03-19 05:40 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2020-03-19 05:40 - 2020-03-19 05:40 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2021-03-19 03:38 - 2021-03-19 03:38 - 000168960 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220\DAXRPCClient.dll
2021-03-19 03:38 - 2021-03-19 03:38 - 037922304 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220\DolbyAccess.dll
2021-01-14 21:16 - 2021-01-14 21:16 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220\e_sqlite3.dll
2020-12-04 06:51 - 2020-12-04 06:51 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-01-08 16:49 - 2020-01-08 16:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-01-08 16:49 - 2020-01-08 16:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2017-02-13 13:54 - 2017-02-13 13:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 16:39 - 2009-10-21 16:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2020-07-14 08:20 - 2021-10-05 20:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2020-06-28 13:39 - 2020-06-28 13:39 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-06-28 13:39 - 2020-06-28 13:39 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-06-28 13:39 - 2020-06-28 13:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-02-14 20:09 - 2020-06-28 13:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 13:58 - 2020-07-27 13:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-12-04 07:02 - 2020-12-04 07:02 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D021821-AB91A1A2A71DC4AF78EF&form=CONMHP&conlogo=CT3331955
SearchScopes: HKU\S-1-5-21-1443207549-266473185-1957000176-1003 -> DefaultScope {C324477A-5E31-4AF0-B6FD-69ACABE8900C} URL =
SearchScopes: HKU\S-1-5-21-1443207549-266473185-1957000176-1003 -> {C324477A-5E31-4AF0-B6FD-69ACABE8900C} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-09-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1443207549-266473185-1957000176-1003\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1443207549-266473185-1957000176-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\samue\Desktop\downloads\New folder\ramon 4\image stills\The_Roses_of_Heliogabalus.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4AB78639-2387-4FEA-B82F-37297E9A6A13}C:\program files\opentoonz\opentoonz.exe] => (Allow) C:\program files\opentoonz\opentoonz.exe () [File not signed]
FirewallRules: [TCP Query User{B334B5FB-DC30-4425-82D7-B12AED8E74B9}C:\program files\opentoonz\opentoonz.exe] => (Allow) C:\program files\opentoonz\opentoonz.exe () [File not signed]
FirewallRules: [{56F31E9B-F03A-4398-AF5B-7CB32C9F2C07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{2EF4CB11-A887-45C7-9F74-6267BB88BDCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{F3BCCCD1-DD95-416D-9DA7-68F888989B1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{C8EED9C4-7B1F-4E45-980E-08084B1EF86C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [UDP Query User{01A61742-9485-43E1-B526-5F1709451EA1}C:\users\samue\appdata\roaming\weather\weather.exe] => (Block) C:\users\samue\appdata\roaming\weather\weather.exe (WeatherApplication) [File not signed]
FirewallRules: [TCP Query User{BACAB90D-6E2D-4929-A223-61F550D503F7}C:\users\samue\appdata\roaming\weather\weather.exe] => (Block) C:\users\samue\appdata\roaming\weather\weather.exe (WeatherApplication) [File not signed]
FirewallRules: [{63A3717F-C8F9-4363-98B1-FFB1D54AC029}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{DE930B60-CECE-49B4-92D5-C005F6761FB8}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{41980713-BDB2-463A-8FDC-7C044BE3E4C7}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{A4EBEB01-ED4A-47C1-8568-D1DD4E2DC8B4}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [UDP Query User{8F8008BD-5867-492D-BBF9-4D68244CEBBC}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{748ED71D-5521-48A9-AE86-775562250730}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{144A78F6-97F9-415B-817C-040667F5AFE6}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [TCP Query User{FE76C600-932C-4D4D-B5B9-0AD59A6BD85D}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [{9A1729CE-9C9E-47A4-B066-AD76E32951A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{AFEDC269-381E-4493-9D12-2CC926B7EA7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{8CDA8247-3366-4ED0-8F65-26D000ABC569}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [{AEC22BDC-0BE8-4027-A27D-4E9643B1BB71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [UDP Query User{E3DEE4AC-97BA-4EC7-A632-A9061C63A2C8}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe => No File
FirewallRules: [TCP Query User{D7A93C41-935F-468B-8128-AF2AAC44496E}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe => No File
FirewallRules: [{474675B3-94F9-4E99-A278-7A10C05DB7A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [File not signed]
FirewallRules: [{AD2368E6-E915-4330-B234-BC3E2E799B98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [File not signed]
FirewallRules: [{D879F501-3D80-49C5-A262-86CF5840EF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{D694545B-CE3D-4657-B71D-4D5BD62F8F4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{28AFF857-BB6E-483A-830C-F55A62C7EEDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDDDBA45-8D9B-4269-BD7A-E5046560BC9C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72D9DA22-4DD1-431B-908A-51A36A1CAAEE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3DF70E8-6D84-49FB-BB58-13DA33520BD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B392C3F1-A7FB-4F99-999D-DF1D0905F7DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vagrus - The Riven Realms\Vagrus.exe () [File not signed]
FirewallRules: [{75243D7C-33D7-4088-9F8A-E06690D47BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vagrus - The Riven Realms\Vagrus.exe () [File not signed]
FirewallRules: [{F15209A4-5142-4878-B8D9-17A55C90E024}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{9DE9E1FB-FC8E-49EB-AEDA-F3B32535AA50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe => No File
FirewallRules: [{2EBF1FBF-8ADC-416C-BA92-F43725CE6542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Umurangi Generation\UmurangiGeneration\Umurangi Generation.exe => No File
FirewallRules: [{77433161-CDD4-48EA-8F73-24A000DE6717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Umurangi Generation\UmurangiGeneration\Umurangi Generation.exe => No File
FirewallRules: [UDP Query User{AC769F15-DAD1-4EC5-A346-1D0C1BC864B0}C:\program files (x86)\steam\steamapps\common\paradise killer\paradisekiller\binaries\win64\paradisekiller-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paradise killer\paradisekiller\binaries\win64\paradisekiller-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CA1D28AA-2FB2-493C-A1D5-D2538F549620}C:\program files (x86)\steam\steamapps\common\paradise killer\paradisekiller\binaries\win64\paradisekiller-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paradise killer\paradisekiller\binaries\win64\paradisekiller-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B039D553-CE88-4067-949B-0BDA75171D6B}C:\users\samue\desktop\downloads\suzerain.v1.0.4\suzerain\suzerain.exe] => (Block) C:\users\samue\desktop\downloads\suzerain.v1.0.4\suzerain\suzerain.exe => No File
FirewallRules: [TCP Query User{1760C407-F5A9-40A6-B7DC-C94A6E4D1958}C:\users\samue\desktop\downloads\suzerain.v1.0.4\suzerain\suzerain.exe] => (Block) C:\users\samue\desktop\downloads\suzerain.v1.0.4\suzerain\suzerain.exe => No File
FirewallRules: [UDP Query User{EF1ED72B-FA79-415F-84B6-133FC9B995AB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{170205CA-78C5-4B35-95A6-4B71910864E9}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{BA6B4056-BDA7-4421-8EB5-665ED94D1C7D}C:\games\human - fall flat\human.exe] => (Block) C:\games\human - fall flat\human.exe () [File not signed]
FirewallRules: [TCP Query User{1042110F-46CB-405E-943B-D0045BD685A7}C:\games\human - fall flat\human.exe] => (Block) C:\games\human - fall flat\human.exe () [File not signed]
FirewallRules: [UDP Query User{2493EF62-3DB1-4396-AEB5-330BB24E4ACE}C:\users\samue\desktop\downloads\the.waylanders.amergin\the.waylanders.amergin\the.waylanders.amergin\waylanders\binaries\win64\waylanders-win64-shipping.exe] => (Block) C:\users\samue\desktop\downloads\the.waylanders.amergin\the.waylanders.amergin\the.waylanders.amergin\waylanders\binaries\win64\waylanders-win64-shipping.exe => No File
FirewallRules: [TCP Query User{F1A0AC35-5A58-4B37-8DA7-63CBCDE28107}C:\users\samue\desktop\downloads\the.waylanders.amergin\the.waylanders.amergin\the.waylanders.amergin\waylanders\binaries\win64\waylanders-win64-shipping.exe] => (Block) C:\users\samue\desktop\downloads\the.waylanders.amergin\the.waylanders.amergin\the.waylanders.amergin\waylanders\binaries\win64\waylanders-win64-shipping.exe => No File
FirewallRules: [UDP Query User{498C3AB1-A858-443D-8DF9-7DC47FAD554A}C:\games\planet zoo\planetzoo.exe] => (Block) C:\games\planet zoo\planetzoo.exe => No File
FirewallRules: [TCP Query User{273D4C12-E3EC-4C2E-BE9A-C5BEBA0F682A}C:\games\planet zoo\planetzoo.exe] => (Block) C:\games\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{86B1E3F0-9167-4546-A3F5-8E80D275938F}C:\users\samue\desktop\downloads\gang.beasts.v12.02.2020\gang beasts.exe] => (Block) C:\users\samue\desktop\downloads\gang.beasts.v12.02.2020\gang beasts.exe => No File
FirewallRules: [TCP Query User{4A340ECC-8648-489B-8FD6-CC3FC6B86862}C:\users\samue\desktop\downloads\gang.beasts.v12.02.2020\gang beasts.exe] => (Block) C:\users\samue\desktop\downloads\gang.beasts.v12.02.2020\gang beasts.exe => No File
FirewallRules: [UDP Query User{841BB8F6-96C6-4113-AF34-62F42336FAB9}C:\users\samue\desktop\downloads\hammerting\hammerting\boot.exe] => (Block) C:\users\samue\desktop\downloads\hammerting\hammerting\boot.exe => No File
FirewallRules: [TCP Query User{DAB7EF86-09FE-4E47-A4F4-9A4F8AD67BD1}C:\users\samue\desktop\downloads\hammerting\hammerting\boot.exe] => (Block) C:\users\samue\desktop\downloads\hammerting\hammerting\boot.exe => No File
FirewallRules: [UDP Query User{172FF75D-677F-48E5-A31C-FA24354F2A49}C:\users\samue\desktop\downloads\dream.daddy\ddadds.exe] => (Block) C:\users\samue\desktop\downloads\dream.daddy\ddadds.exe => No File
FirewallRules: [TCP Query User{BA2ADC61-5E17-4B52-83E8-C117DA1F8986}C:\users\samue\desktop\downloads\dream.daddy\ddadds.exe] => (Block) C:\users\samue\desktop\downloads\dream.daddy\ddadds.exe => No File
FirewallRules: [UDP Query User{8BEEE4B8-6ED2-451A-A3FF-F48AD8F8B530}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EA8BEA53-7A2C-404A-BA85-ABFB27E17E24}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{43F29391-FA9C-4D1D-B879-111B66887B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [{D7DBB605-8160-49F8-9AD6-0178AD3AC4E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [{1348591A-42E1-41A6-B4C5-0ACEE42BFB27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{440A6DF8-2081-41AB-9935-2176A9B2CB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{B0175C51-0694-4F65-BE7D-B9A2784303FA}] => (Allow) C:\Users\samue\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{88FF943A-A86C-4D4F-A257-091832BDB49D}] => (Allow) C:\Users\samue\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{9FFECBE5-092A-4D1B-A88D-AE173803FEBB}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7445F63C-091A-4FA8-83E8-430C2E2AC5DE}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{5777EE51-3D5D-4405-B324-38773378B57B}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [TCP Query User{585204BF-866A-418D-BEE5-1AD3CBFD3C98}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [UDP Query User{CA8197A6-3ACB-4F34-A7F2-02B8625DAE2C}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{2853A960-31E0-4F3F-B68E-418FF088BADE}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{61AA695C-FC1E-4285-83BE-9356EF475770}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E80F3D29-3444-4CDD-BE5A-199F68EE4628}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{2D5D5D83-C688-4176-8568-0EE62292DC16}C:\program files (x86)\steam\steamapps\common\titanfall2\titanfall2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{B806C4EB-5E67-4E56-AD29-7F2300225B24}C:\program files (x86)\steam\steamapps\common\titanfall2\titanfall2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\titanfall2\titanfall2.exe => No File
FirewallRules: [{E872E941-E2DB-4FB2-A828-D9FAAEE6FAE8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{36C72715-1205-47E3-B9F8-0A860BCB4B85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{37A2F3CD-80E5-472A-BC20-B522D572E488}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0E13EC01-F233-4D98-87FB-482F523AE318}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{09AC9C6A-AA03-4655-A3FE-9964C3DDCB96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C4A74626-C49F-412F-AD0B-77DAA633469B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AF1D80B1-B78F-4D29-9DEF-28B55B4800F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F27C7A7A-0110-4092-8D9E-1079094625B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40FC527B-A4BF-4172-929A-B4164B7AC1FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F31C6101-3A4C-4910-AE3A-78821A921A16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00A49CC9-A077-4376-9CE7-916C150431AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02CE7010-33D7-41A0-A2D7-D78E5BCA15CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{220CBB86-F7D0-41C1-A702-E86A5BAD4871}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE717FD3-A2CD-4F72-8175-DE5DC781E812}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C200BBE7-A42A-4064-89FB-D2FC6699E032}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{81A60BEE-4DAC-4776-A053-AA4DF66CC73D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [TCP Query User{05F43A19-4BA6-4C22-95DA-8DE54C2BF158}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{64B7DA58-401C-415C-9A6D-A8AF1952EC30}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{0165296D-C384-4002-AB8D-6F841957A279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{A5748AED-8E02-41F1-8ECE-9C5DD4C1448C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{7F066513-C70F-4ED0-8CA3-0B2F9507FCEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{AEB9BB1E-D1FC-43E2-9D73-A5687A419967}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{996EFAA5-CD53-45B5-9BD9-E17E9EB90924}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeTheRevolution\We.TheRevolution_x86_64.exe () [File not signed]
FirewallRules: [{C16A28C7-FB24-4362-A131-FFF17DA9291E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeTheRevolution\We.TheRevolution_x86_64.exe () [File not signed]
FirewallRules: [{DE64EDFB-22CC-43EA-AAF5-F4ACAEF999F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WHAT THE GOLF\WHAT THE GOLF.exe () [File not signed]
FirewallRules: [{4B42C671-4F84-4A8C-94D1-C4BED33A9697}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WHAT THE GOLF\WHAT THE GOLF.exe () [File not signed]
FirewallRules: [TCP Query User{78C8BD44-1ECF-4E2C-B68A-493C8D528047}C:\program files (x86)\steam\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star wars squadrons\starwarssquadrons.exe => No File
FirewallRules: [UDP Query User{8B4464B8-4ABC-40E8-848E-DD575E53CE6C}C:\program files (x86)\steam\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star wars squadrons\starwarssquadrons.exe => No File
FirewallRules: [TCP Query User{00EFDF6D-F003-4F07-9144-FC0E01376C22}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{C9901599-28C5-41B5-BD9D-453031BC84E7}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{8EDDE662-6700-4DD3-9175-451FDFC709B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poly Bridge 2\Poly Bridge 2.exe () [File not signed]
FirewallRules: [{337032C9-8402-4707-AA73-85565F028226}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poly Bridge 2\Poly Bridge 2.exe () [File not signed]
FirewallRules: [TCP Query User{237939B1-8713-411F-81EA-395CD9E98F77}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [UDP Query User{B268E5BC-BF0E-41C2-B438-5E07B1E9DAFC}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [{FA5E5D74-32E7-40F4-8899-AAE43710903C}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{4DEEE736-B1FC-4DB6-AD2B-F14F03982907}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{AF42D8D1-74A9-4900-BA34-03CF650B7747}] => (Allow) D:\SteamLibrary\steamapps\common\Tainted Grail\Tainted Grail.exe => No File
FirewallRules: [{8796E1B7-E896-4045-9D7B-55CB64001DF1}] => (Allow) D:\SteamLibrary\steamapps\common\Tainted Grail\Tainted Grail.exe => No File
FirewallRules: [{27A8887D-E209-4D2F-B658-B76A95E5D405}] => (Allow) D:\SteamLibrary\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe => No File
FirewallRules: [{49838A58-60FE-4D9C-8EAC-77145FD17DD1}] => (Allow) D:\SteamLibrary\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe => No File
FirewallRules: [{4C70BA01-13EC-4A02-9E9C-DD0D936679BA}] => (Allow) D:\SteamLibrary\steamapps\common\Ni no Kuni Wrath of the White Witch™ Remastered\NinoKuni_WotWW_Remastered.exe => No File
FirewallRules: [{5E93C050-287A-4A95-B061-1819A89C90D0}] => (Allow) D:\SteamLibrary\steamapps\common\Ni no Kuni Wrath of the White Witch™ Remastered\NinoKuni_WotWW_Remastered.exe => No File
FirewallRules: [{E425BF8A-1DC1-4E46-AEB2-DED9ADC39E5C}] => (Allow) D:\SteamLibrary\steamapps\common\CatherineClassic\Catherine.exe => No File
FirewallRules: [{FEBF4DF9-7A11-48A9-8380-E1576D316842}] => (Allow) D:\SteamLibrary\steamapps\common\CatherineClassic\Catherine.exe => No File
FirewallRules: [{A7A26BBB-9B90-477B-85FC-E47BBAE3E700}] => (Allow) D:\SteamLibrary\steamapps\common\BATTLETECH\BattleTechLauncher.exe => No File
FirewallRules: [{0632BC39-EB51-4126-8E27-7E87059FD07E}] => (Allow) D:\SteamLibrary\steamapps\common\BATTLETECH\BattleTechLauncher.exe => No File
FirewallRules: [{5E47FE40-F81B-48CA-8092-22B549BAC092}] => (Allow) D:\SteamLibrary\steamapps\common\Fell Seal\Fell Seal.exe => No File
FirewallRules: [{B821B783-F176-438F-8BB5-605EF2293A4A}] => (Allow) D:\SteamLibrary\steamapps\common\Fell Seal\Fell Seal.exe => No File
FirewallRules: [{0D1D35CF-1952-474F-BB8E-91B4EF9F39DD}] => (Allow) D:\SteamLibrary\steamapps\common\Knights of the Old Republic II\swkotor2.exe => No File
FirewallRules: [{E0A401A0-8D26-4BCC-ABF7-730236680252}] => (Allow) D:\SteamLibrary\steamapps\common\Knights of the Old Republic II\swkotor2.exe => No File
FirewallRules: [{3079EB29-2A86-41F1-BAB0-F04C5F0223D2}] => (Allow) D:\SteamLibrary\steamapps\common\TheOuterWorlds\TheOuterWorlds.exe => No File
FirewallRules: [{C2051989-C55B-45E6-90F5-E46B00CA3A3E}] => (Allow) D:\SteamLibrary\steamapps\common\TheOuterWorlds\TheOuterWorlds.exe => No File
FirewallRules: [TCP Query User{6C539AF7-45C6-41BA-94A3-D446A0291554}D:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => No File
FirewallRules: [UDP Query User{13301CC3-701E-458B-B8D3-301537699BA6}D:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => No File
FirewallRules: [{4B401781-C833-4C6E-AC11-8FA63424641F}] => (Allow) D:\SteamLibrary\steamapps\common\Vampire The Masquerade - Shadows of New York\VtM Shadows of New York.exe => No File
FirewallRules: [{66146324-8DB6-4F09-A53A-8FFC4D29E500}] => (Allow) D:\SteamLibrary\steamapps\common\Vampire The Masquerade - Shadows of New York\VtM Shadows of New York.exe => No File
FirewallRules: [TCP Query User{D0DD07D6-346C-47BA-BE1D-73D43402C8AB}C:\users\samue\desktop\downloads\the.last.spell.v0.91.2\the last spell\the last spell.exe] => (Block) C:\users\samue\desktop\downloads\the.last.spell.v0.91.2\the last spell\the last spell.exe () [File not signed]
FirewallRules: [UDP Query User{3102E11E-0B09-4836-9CCF-BB127165706D}C:\users\samue\desktop\downloads\the.last.spell.v0.91.2\the last spell\the last spell.exe] => (Block) C:\users\samue\desktop\downloads\the.last.spell.v0.91.2\the last spell\the last spell.exe () [File not signed]
FirewallRules: [{A261CF33-1CCF-4566-AA50-6C229D2BE6B4}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{2CDF3437-AD1A-44B0-8F30-F1D9446DAB6F}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{52F98834-E55E-451A-B905-46512BA2CADF}] => (Allow) D:\SteamLibrary\steamapps\common\Loop Hero\Loop Hero.exe => No File
FirewallRules: [{7D3F8A5F-71CD-4C7F-B7B8-B24847E00AA7}] => (Allow) D:\SteamLibrary\steamapps\common\Loop Hero\Loop Hero.exe => No File
FirewallRules: [{6D6797E9-EBA8-403C-8A4F-1074011181C2}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe => No File
FirewallRules: [{F39552C2-D007-4FD3-B8D0-776E0B12B2B0}] => (Allow) D:\SteamLibrary\steamapps\common\Armello\armello.exe => No File
FirewallRules: [{F74B14DF-AE23-4101-9AB3-44BF252BACD4}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe => No File
FirewallRules: [{C92DB223-2811-432D-AAEA-D12E001CD01D}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe => No File
FirewallRules: [{E6ED4459-D174-41C0-ACCC-F2BF20620FD3}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe => No File
FirewallRules: [{A9F15509-E237-476A-AD36-47A81B4B5D1C}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe => No File
FirewallRules: [{4F4EFADC-6C98-4956-B17A-5C348E2A3342}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe => No File
FirewallRules: [{71AFBD8D-B919-440B-A19F-3A47B98766B5}] => (Allow) D:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe => No File
FirewallRules: [{4CA6C30E-0D4A-4FBD-AAAC-306436739249}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x64\Hades.exe => No File
FirewallRules: [{C39FF1A2-B43E-4D20-9630-A43775061232}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x64\Hades.exe => No File
FirewallRules: [{D725FFAB-BF58-42F1-8160-3C4C29B5CBD0}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x64Vk\Hades.exe => No File
FirewallRules: [{54DDC373-48C0-43AE-8081-43E52A2789D7}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x64Vk\Hades.exe => No File
FirewallRules: [{80ED353C-F2CB-488E-9F79-E0AC739B49AC}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x86\Hades.exe => No File
FirewallRules: [{00242C50-4B6E-497E-9987-CBFCD6B7D608}] => (Allow) D:\SteamLibrary\steamapps\common\Hades\x86\Hades.exe => No File
FirewallRules: [{028C13B8-34F1-42B4-A55F-B0D2697CA2F8}] => (Allow) D:\SteamLibrary\steamapps\common\Noita\noita.exe => No File
FirewallRules: [{7F91DFB4-3E6A-4EF5-820C-52DB7586F551}] => (Allow) D:\SteamLibrary\steamapps\common\Noita\noita.exe => No File
FirewallRules: [{BFBD3AE6-8E6B-4323-AEAE-E27DD99A3C88}] => (Allow) D:\SteamLibrary\steamapps\common\The Dark Pictures Anthology - Man of Medan\ManOfMedan.exe => No File
FirewallRules: [{3E398828-8C74-4B78-A2B4-EACA06FE89A3}] => (Allow) D:\SteamLibrary\steamapps\common\The Dark Pictures Anthology - Man of Medan\ManOfMedan.exe => No File
FirewallRules: [{9D8E8C9C-B742-4006-8275-A56D95040080}] => (Allow) D:\SteamLibrary\steamapps\common\Cthulhu Saves the World\CSTW.exe => No File
FirewallRules: [{AE253542-D507-46FE-9DE5-262ADF4781E0}] => (Allow) D:\SteamLibrary\steamapps\common\Cthulhu Saves the World\CSTW.exe => No File
FirewallRules: [TCP Query User{AE5F2C61-8EF3-46A7-A768-8C7DF31C13B5}D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C4F7100C-4A34-4190-A774-C2F29E4F7D3E}D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe => No File
FirewallRules: [{F3106DE0-E3AC-4C41-8834-785109D61AFB}] => (Allow) D:\SteamLibrary\steamapps\common\Star Apprentice Classic\Game.exe => No File
FirewallRules: [{7CA16405-8A18-4AEE-B02F-6BEF4D34008B}] => (Allow) D:\SteamLibrary\steamapps\common\Star Apprentice Classic\Game.exe => No File
FirewallRules: [{0FA326A1-158D-4A8D-A0AF-60B908644661}] => (Allow) D:\SteamLibrary\steamapps\common\Eastshade\Eastshade.exe => No File
FirewallRules: [{64A032D5-E018-4F3F-81BD-388962BD1A6F}] => (Allow) D:\SteamLibrary\steamapps\common\Eastshade\Eastshade.exe => No File
FirewallRules: [{276C9354-E192-4D09-B7EE-F994206B622B}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{EB26165E-2EAD-488A-9F18-6BDD737D2E3C}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{CD889A56-6920-4590-8C0F-7EEF8BBD176C}] => (Allow) D:\SteamLibrary\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{01F6ED4D-C8F4-4B82-A591-0D51946994BF}] => (Allow) D:\SteamLibrary\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [TCP Query User{758A3EBB-BADC-4C42-8CB9-F35C8D07E05A}D:\steamlibrary\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AE24683D-1651-49E7-9F74-6A05FCD2300A}D:\steamlibrary\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe => No File
FirewallRules: [{720ACA5A-A845-4227-9416-91A891925399}] => (Allow) D:\SteamLibrary\steamapps\common\Zenimax Online\zosSteamStarter.exe => No File
FirewallRules: [{2A8C487F-6C55-42C2-A790-24D45B8CC637}] => (Allow) D:\SteamLibrary\steamapps\common\Zenimax Online\zosSteamStarter.exe => No File
FirewallRules: [{869C9FD0-F91C-4164-A503-5CEDEB2AE7BD}] => (Allow) D:\SteamLibrary\steamapps\common\Splitgate\equ8-launcher.exe => No File
FirewallRules: [{9AAB42C1-ADBB-47B2-9981-C39389BA85CA}] => (Allow) D:\SteamLibrary\steamapps\common\Splitgate\equ8-launcher.exe => No File
FirewallRules: [{C894A485-4B21-4BB8-AA15-B84A2F3F02A7}] => (Allow) D:\SteamLibrary\steamapps\common\Out of Space\Out of Space.exe => No File
FirewallRules: [{4C152555-17E9-4E49-AF98-7B1A4AF1D045}] => (Allow) D:\SteamLibrary\steamapps\common\Out of Space\Out of Space.exe => No File
FirewallRules: [{D0063132-7DB4-4CC5-837C-FE8BAFDDFD64}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe => No File
FirewallRules: [{924B2581-9B41-4981-9E6C-EF64BDE143F6}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe => No File
FirewallRules: [{5D79337C-B756-4517-9DEB-7BCB6B052F1E}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe => No File
FirewallRules: [{83F34E30-EF72-4823-BDF4-A144BF8143F8}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe => No File
FirewallRules: [TCP Query User{FEBBC73B-9A42-434B-B7CB-6BE0C71D7C03}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [UDP Query User{90FFC432-CAA4-42E9-8891-3BA9BB3B2882}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{8A04F679-0DFC-4B11-8399-BB6487797461}] => (Allow) D:\SteamLibrary\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{C7FAE89F-9C4B-4C84-8FDD-8A1005C9DE3B}] => (Allow) D:\SteamLibrary\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => No File
FirewallRules: [{97448B4A-555D-4CA8-983C-91AD23AE63B5}] => (Allow) D:\SteamLibrary\steamapps\common\Unrailed\UnrailedGame.exe => No File
FirewallRules: [{E28B77BD-92A5-4B43-B1CD-F5F7A6DA4AF0}] => (Allow) D:\SteamLibrary\steamapps\common\Unrailed\UnrailedGame.exe => No File
FirewallRules: [{28D8B84D-4884-45E1-AB5A-1171A45783C3}] => (Allow) D:\SteamLibrary\steamapps\common\Sable\Sable.exe => No File
FirewallRules: [{7C99513D-D41B-4174-9A55-775C87C10A96}] => (Allow) D:\SteamLibrary\steamapps\common\Sable\Sable.exe => No File
FirewallRules: [{F39E1024-53AF-4F52-837E-8B2E955C1277}] => (Allow) D:\SteamLibrary\steamapps\common\Eastward\Eastward.exe => No File
FirewallRules: [{3EE6C0E6-ADEB-4738-A69C-33CD48344261}] => (Allow) D:\SteamLibrary\steamapps\common\Eastward\Eastward.exe => No File
FirewallRules: [{7C253DC7-FA50-4D0F-AE59-FED2E11E4569}] => (Allow) D:\SteamLibrary\steamapps\common\Sunless Skies\Sunless Skies.exe => No File
FirewallRules: [{22F50013-8121-4C7F-B255-5646E03793DA}] => (Allow) D:\SteamLibrary\steamapps\common\Sunless Skies\Sunless Skies.exe => No File
FirewallRules: [{3AF42FA0-6D24-4366-9E1E-9CDF650CDD25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sunless Skies\Sunless Skies.exe () [File not signed]
FirewallRules: [{F7BC4B33-7C96-4323-8D9F-4588017CABD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sunless Skies\Sunless Skies.exe () [File not signed]
FirewallRules: [{6982D23E-5B70-4192-A144-528201B56888}] => (Block) C:\Program Files (x86)\Toon Boom Animation\Toon Boom Storyboard Pro 20\win64\bin\StoryboardPro.exe (Toon Boom Animation Inc. -> Toon Boom Animation Inc.)
FirewallRules: [{67A524B7-8771-4D43-B182-CB2C43C58DAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Griftlands\bin\Griftlands.exe () [File not signed]
FirewallRules: [{9C6BAB47-A9A5-4D33-AEF0-95160A4FE100}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Griftlands\bin\Griftlands.exe () [File not signed]
FirewallRules: [{F329D9EF-00FD-446F-AA52-02D91C628851}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6CD8742D-6DB1-45FC-B454-9C2DA4B7CACD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellblade\HellbladeGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{066E8C43-9756-4DDC-B518-26E609AAD4EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellblade\HellbladeGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6BDC3BDF-0720-4315-B218-FB7D34B0D8DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellblade\HellbladeGame\Binaries\Win64\HellbladeGame-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5C9BA521-FC33-4D06-BB79-C9947D521981}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hellblade\HellbladeGame\Binaries\Win64\HellbladeGame-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DFD6312D-ABA1-49BF-A35B-EF860E9AABB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Reloaded\portal2.exe () [File not signed]
FirewallRules: [{EBBEDAA2-B50F-4A1A-9302-5C835295A77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Reloaded\portal2.exe () [File not signed]
FirewallRules: [{47E33A01-D18B-462F-BE09-A74E28A599DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sable\Sable.exe () [File not signed]
FirewallRules: [{09DEC575-7C53-4978-A1E1-5872330E0EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sable\Sable.exe () [File not signed]
FirewallRules: [{4031D578-BC6C-431A-AF5A-DEFE956B6BB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Short Hike\AShortHike.exe () [File not signed]
FirewallRules: [{BE3BED28-CFF7-47FB-9AB5-4D07BF2B3A24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Short Hike\AShortHike.exe () [File not signed]
FirewallRules: [{AD8BA2B5-2CBD-47DF-95BB-D72F0039DAC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sexy Brutale\game\game.exe () [File not signed]
FirewallRules: [{99413784-0C3F-4669-A81C-631D5F9156CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sexy Brutale\game\game.exe () [File not signed]
FirewallRules: [{ADE14FCC-A446-4F08-A60E-BA0FE51CB976}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BEA70E3E-06BF-484D-903E-2F990C6FB10E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{AADF6F02-1FCB-4B39-BD1B-27C31A1A3A4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori and the Will of the Wisps\oriwotw.exe () [File not signed]
FirewallRules: [{327A7614-564E-44D5-8849-5AF63A820FE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori and the Will of the Wisps\oriwotw.exe () [File not signed]
FirewallRules: [{63041F0B-24BC-4410-9817-8D25CF529D61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ROUNDS\Rounds.exe () [File not signed]
FirewallRules: [{C30EC420-9E47-4790-8CAC-D22EFECC5CA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ROUNDS\Rounds.exe () [File not signed]
FirewallRules: [{87E82CA0-C3AE-4297-98A1-EADDB0F48CA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{920992AD-2578-4AAF-A07E-058D5BC94B70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{D58EF8C1-29A2-4F54-A1E0-AD0251FE4501}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D5C48D4F-C0D4-4F48-A643-6465FF319C44}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.21\OverwolfBrowser.exe => No File
FirewallRules: [{6F897FF3-5836-422F-9C3C-27D5A40A4029}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.21\OverwolfBrowser.exe => No File
FirewallRules: [{62E39975-F803-4F92-84B3-86EF246FEA3E}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.21\OverwolfBrowser.exe => No File
FirewallRules: [{DC99CE6D-A1F0-4172-AAC9-6B3F05603497}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.21\OverwolfBrowser.exe => No File
FirewallRules: [{A308B60D-981A-44E5-A14D-F35D8FD6240F}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0AECEEDD-8D11-4141-BAC2-61BAE84796CC}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FE9F0D5A-55D0-4F21-9091-A6000834ADB5}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B4E30F28-4BFA-4311-82B3-AD80FD824EDD}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{75850B90-9E04-4BFD-9C71-40EC7F28B88D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E5FE024-B4C7-4977-BDF8-A05D06BEB7F1}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{D2AD9D11-9F14-4B64-BCB0-9EAAE7C89D08}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-01-2022 01:32:57 Scheduled Checkpoint
16-01-2022 15:24:09 Removed Toon Boom Storyboard Pro 20.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2022 06:26:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (01/15/2022 06:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Faulting module name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Exception code: 0xc000041d
Fault offset: 0x0000000000232446
Faulting process id: 0x35c8
Faulting application start time: 0x01d80a49dc92c1d1
Faulting application path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Faulting module path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Report Id: 72d4cdb4-cf2c-442d-accc-336e0d5940e9
Faulting package full name:
Faulting package-relative application ID:
Error: (01/15/2022 06:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Faulting module name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Exception code: 0xc0000005
Fault offset: 0x0000000000232446
Faulting process id: 0x35c8
Faulting application start time: 0x01d80a49dc92c1d1
Faulting application path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Faulting module path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Report Id: 5d06c215-d7ae-410f-90b6-a613f65f040c
Faulting package full name:
Faulting package-relative application ID:
Error: (01/15/2022 11:45:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Faulting module name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Exception code: 0xc000041d
Fault offset: 0x0000000000232446
Faulting process id: 0x1a14
Faulting application start time: 0x01d80983188b57b0
Faulting application path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Faulting module path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Report Id: c6875c4d-dd9e-490a-b1f0-efb60cb334aa
Faulting package full name:
Faulting package-relative application ID:
Error: (01/15/2022 11:45:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Faulting module name: Wacom_Tablet.exe, version: 6.3.45.1, time stamp: 0x6197e722
Exception code: 0xc0000005
Fault offset: 0x0000000000232446
Faulting process id: 0x1a14
Faulting application start time: 0x01d80983188b57b0
Faulting application path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Faulting module path: C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
Report Id: 6365862a-1092-4a7f-b6b7-50466c92002c
Faulting package full name:
Faulting package-relative application ID:
Error: (01/15/2022 07:52:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-VMR9NA7)
Description: Application or service 'Microsoft Office SDX Helper' could not be shut down.
Error: (01/13/2022 03:03:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WaaSMedicAgent.exe, version: 10.0.19041.662, time stamp: 0xc38bc2fc
Faulting module name: WaaSMedicCapsule.dll, version: 10.0.19041.662, time stamp: 0x5eff0ccc
Exception code: 0xc0000005
Fault offset: 0x000000000000ae62
Faulting process id: 0x29c0
Faulting application start time: 0x01d808b70cf576b3
Faulting application path: C:\WINDOWS\System32\WaaSMedicAgent.exe
Faulting module path: C:\WINDOWS\System32\WaaSMedicCapsule.dll
Report Id: f663fb0d-a4ea-4da5-a5bd-e42a44852d00
Faulting package full name:
Faulting package-relative application ID:
Error: (01/12/2022 12:53:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WinStore.App.exe version 12101.1001.14.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 6bb4
Start Time: 01d8077899232a44
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Report Id: da62a48d-68d1-4258-8e94-a0b53644a8ff
Faulting package full name: Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Cross-process
System errors:
=============
Error: (01/17/2022 05:31:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (01/17/2022 05:31:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/17/2022 05:29:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (01/17/2022 05:29:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/17/2022 05:27:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (01/17/2022 05:27:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VMR9NA7)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/17/2022 05:25:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (01/17/2022 05:25:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-04-14 19:36:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-13 12:24:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-11 10:05:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-10 10:58:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-08 11:05:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2021-11-28 23:42:03
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\amdpcidev.inf_amd64_4e064472fc95e244\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-11-28 23:39:49
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\samue\AppData\Roaming\AMD\Chipset_Driver_Installer\AMD_Chipset_Drivers\{2AC4B528-F55F-47BC-B598-781D8A0A9B7E}\MSIFiles\program files\AMD\Chipset_IODrivers\PCI Driver\WTx64\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-11-28 23:39:49
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\samue\AppData\Roaming\AMD\Chipset_Driver_Installer\AMD_Chipset_Drivers\{2AC4B528-F55F-47BC-B598-781D8A0A9B7E}\MSIFiles\program files\AMD\Chipset_IODrivers\PCI Driver\W7x64\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-11-28 23:39:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\samue\AppData\Roaming\AMD\Chipset_Driver_Installer\AMD_Chipset_Drivers\{2AC4B528-F55F-47BC-B598-781D8A0A9B7E}\IODriver\PCI\PCI Driver\WTx64\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-11-28 23:39:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\samue\AppData\Roaming\AMD\Chipset_Driver_Installer\AMD_Chipset_Drivers\{2AC4B528-F55F-47BC-B598-781D8A0A9B7E}\IODriver\PCI\PCI Driver\W7x64\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-11-28 23:39:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\samue\AppData\Roaming\AMD\Chipset_Driver_Installer\AMD_Chipset_Drivers\MSIFiles\program files\AMD\Chipset_IODrivers\PCI Driver\WTx64\AMDPCIDev.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.50 10/14/2019
Motherboard: ASRock B450M Gaming
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 16313.94 MB
Available physical RAM: 6707.64 MB
Total Virtual: 37817.94 MB
Available Virtual: 23656.29 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.88 GB) (Free:63.05 GB) NTFS
\\?\Volume{aafe6565-c049-4b41-bf82-d2ddefc2acc6}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{743177cf-dafe-4a84-a588-20a0f7ad96e8}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 190CD766)
Partition: GPT.
==================== End of Addition.txt =======================
Edited by mallowmallow, 22 January 2022 - 11:49 AM.