Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2022
Ran by david (administrator) on DAVID-HOME (iBUYPOWER AMD) (13-05-2022 19:00:26)
Running from C:UsersdavidOneDriveDesktop
Loaded Profiles: david
Platform: Microsoft Windows 11 Home Version 21H2 22000.675 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherEngineBinariesWin64EpicWebHelper.exe <2>
(C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer ServicesRazer CentralCefSharp.BrowserSubprocess.exe <2>
(C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe
(C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:Program Files (x86)RazerSynapse3UserProcessRazer Synapse Service Process.exe
(C:Program Files (x86)Steamsteam.exe ->) (Valve Corp. -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>
(C:Program Files (x86)Steamsteamappscommonwallpaper_enginebinwallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:Program Files (x86)Steamsteamappscommonwallpaper_enginewallpaper32.exe
(C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:Program FilesOculusSupportoculus-runtimeOVRRedir.exe
(C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:Program FilesOculusSupportoculus-runtimeOVRServer_x64.exe
(C:Program FilesWindowsAppsMicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwemsteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeWebViewApplication101.0.1210.39msedgewebview2.exe <6>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32WindowsPowerShellv1.0powershell.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDriveOneDrive.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:Program Files (x86)RazerAPO051aDrvDriversx64THXHelper051A.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:Program Files (x86)RazerTHXVADDriversx64THXHelper22AD.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:Program Files (x86)Steamsteam.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.132GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.132GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:Program Files (x86)OriginOriginWebHelperService.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwegamingservices.exe
(services.exe ->) (Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwegamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_2b01a28ee7b06750Display.NvContainerNVDisplay.Container.exe <2>
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:Program Files (x86)RazerTHXServiceDriversx64THXService.exe
(services.exe ->) (Skutta, Kristjan -> ) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebinwallpaperservice32_c.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft OneDrive22.089.0426.0003FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbweGameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbweGameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsUUSamd64MoUsoCoreWorker.exe
(WindowsPowerShellv1.0powershell.exe ->) (Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <19>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [11235936 2020-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [THX22adHelper] => C:Program Files (x86)RazerTHXVADDriversx64THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM…Run: [THX051aHelper] => C:Program Files (x86)RazerAPO051aDrvDriversx64THXHelper051A.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM-x32…Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%MicrosoftTeamsUpdate.exe –uninstall –msiUninstall –source=default (No File)
HKLM-x32…Run: [TeamsMachineUninstallerProgramData] => %ProgramData%MicrosoftTeamsUpdate.exe –uninstall –msiUninstall –source=default (No File)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [2637200 2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [Discord] => C:UsersdavidAppDataLocalDiscordUpdate.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4282328 2022-05-12] (Valve Corp. -> Valve Corporation)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3532928 2022-05-07] (Razer USA Ltd. -> Razer Inc.)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [32632288 2022-05-12] (Epic Games Inc. -> Epic Games, Inc.)
HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Run: [Adobe Acrobat Synchronizer] => “C:Program FilesAdobeAcrobat DCAcrobatAdobeCollabSync.exe” (No File)
HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3532928 2022-05-07] (Razer USA Ltd. -> Razer Inc.)
HKLM…Windows x64Print ProcessorsCanon TS3100 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDDR.DLL [482816 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsCanon BJ Language Monitor TS3100 series: C:Windowssystem32CNMLMDR.DLL [1302016 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication101.0.4951.67Installerchrmstp.exe [2022-05-13] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14B33C1C-D4A6-4F25-A22A-BED196B5A089} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16421A1E-C984-4532-8EB0-025B3261F707} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {277EABFD-63F2-4963-A3FC-50442CA4F366} – System32TasksOneDrive Reporting Task-S-1-5-21-3551373970-2567275225-2894973676-1002 => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4215696 2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AC1E01D-2358-4FEF-BFAD-8EFF75BCCAE7} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3A500676-1291-4FAE-85B9-DF0272DBADD3} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58B72DAC-A7FA-4B6F-BD72-787E8FA67917} – System32Taskschrome settings => cmd /c powershell -WindowStyle Hidden -E “JAB2ACAAPQAgACIAMAAiADsACgAkAGwAdgAgAD0AIAAiADMAIgA7AAoAJABkACAAPQAgACIAawBvAG8AbwBiAGwAeQBjAGEAcgAuAGMAbwBtACIAOwAKACQAZQBwACAAPQAgACIAVwB5AEkAMQBPAEQAYwAyAE0AVABjAHgATQBqAFkAMABNAGoAVQB6AE4ARABRAHgATgBpAEkAcwBNAFQAWQAwAE8ARABnAHgATgBEAEEAMwBOADEAMAA9ACIAOwAKAA (the data entry has 4547 more characters). <==== ATTENTION
Task: {651923B6-92A4-4377-A09E-6A9C369BB44F} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7434924F-30AF-441A-8570-26CE8E3FE1BD} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [4215696 2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7526B4CF-F38D-4F56-AB9F-CD5FBE371257} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {7D1CF60C-ECAF-4664-9D6F-96BEFAAF3405} – System32TasksMicrosoftOfficeOffice Performance Monitor => C:Program FilesMicrosoft OfficerootVFSProgramFilesCommonX64Microsoft SharedOffice16operfmon.exe [61336 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {83426B12-0555-4618-AADF-F52754874325} – System32TasksGoogleUpdateTaskMachineUA{E3D92D2B-F3BB-49B8-BD1F-29CD748A5B58} => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [168632 2022-05-13] (Google LLC -> Google LLC)
Task: {9B63AC6A-614B-4BB7-8EC8-E28C6DF4CA11} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8376824 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DE8640A-1DEF-4E81-9138-99995C5CEC17} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A797A5E4-098B-4F82-8B06-00E497315E58} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B81EF02A-E4AE-4E1F-9984-537014787BFA} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8376824 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D92309C7-0F4D-4DA8-8D6A-3A81570B3E27} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFBFC4CB-39C6-4452-B1A1-2786387AF177} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E1B3EAEF-017F-487B-8458-0D45DA157D98} – System32TasksGoogleUpdateTaskMachineCore{D81811A3-94A5-495E-BA25-39BD0FA6800D} => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [168632 2022-05-13] (Google LLC -> Google LLC)
Task: {E6E7C680-D703-4C54-BF13-257BCE252966} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8923158-DA6C-4781-BE9F-7E0D4018FD66} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA5D6F17-71DE-40D5-8D14-287E60D6DE35} – System32TasksMicrosoftEdgeShadowStackRollbackTask => C:Program Files (x86)MicrosoftEdgeApplication101.0.1210.47Installersetup.exe [3206056 2022-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE57CCE4-D687-46AA-9BE4-B8CB1AC3E758} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
TcpipParameters: [DhcpNameServer] 192.168.1.254
Tcpip..Interfaces{d6008cba-7849-4083-b7a2-a9d5047d09d1}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersdavidAppDataLocalMicrosoftEdgeUser DataDefault [2022-05-13]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:Program FilesJavajre1.8.0_333bindtpluginnpDeployJava1.dll [2022-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:Program FilesJavajre1.8.0_333binplugin2npjp2.dll [2022-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2022-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:UsersdavidAppDataLocalGoogleChromeUser DataDefault [2022-05-13]
CHR Extension: (Chrome Web Store Payments) – C:UsersdavidAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2022-05-13]
CHR Extension: (No Name) – C:UsersdavidAppDataLocal [2022-05-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8901968 2022-01-12] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11758536 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [812520 2022-01-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:Program Files (x86)EasyAntiCheat_EOSEasyAntiCheat_EOS.exe [584680 2022-04-06] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncHelper.exe [3406224 2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [8524512 2022-05-11] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:Program FilesMicrosoft OneDrive22.089.0426.0003OneDriveUpdaterService.exe [3843472 2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; C:Program FilesOculusSupportoculus-librarianOVRLibraryService.exe [146608 2022-04-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe [513200 2022-04-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [2029544 2022-03-31] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [464928 2022-03-31] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:Program Files (x86)Razer Chroma SDKbinRzChromaStreamServer.exe [1349688 2022-02-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [299136 2022-05-06] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533824 2022-02-18] (Razer USA Ltd. -> Razer Inc.)
R2 THXService; C:Program Files (x86)RazerTHXServiceDriversx64THXService.exe [356312 2019-09-18] (Razer USA Ltd. -> THX)
R2 Wallpaper Engine Service; C:Program Files (x86)Steamsteamappscommonwallpaper_enginebinwallpaperservice32_c.exe [129696 2022-01-28] (Skutta, Kristjan -> )
S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2203.5-0NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2203.5-0MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; “C:Program Files (x86)FuturemarkSystemInfoFMSISvc.exe” [X]
R2 NVDisplay.ContainerLocalSystem; C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_2b01a28ee7b06750Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_2b01a28ee7b06750Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:WindowsSystem32driversamdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AMDSAFD; C:WindowsSystem32DriverStoreFileRepositoryamdsafd.inf_amd64_50fee1227e96ec14amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atvi-brynhildr; C:ProgramDataBattle.net_componentsbrynhildr_odinbrynhildr.sys [2355952 2021-12-21] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BEDaisy; C:Program Files (x86)Common FilesBattlEyeBEDaisy.sys [3383944 2022-05-04] (BattlEye Innovations e.K. -> )
S3 BthHFEnum; C:WindowsSystem32driversbthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:Windowssystem32driversmbae64.sys [103888 2022-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Hsp; C:WindowsSystem32driversHsp.sys [111960 2022-05-11] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [223176 2022-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:WindowsSystem32DRIVERSMbamElam.sys [21480 2022-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WindowsSystem32DRIVERSfarflt.sys [194512 2022-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:Windowssystem32DRIVERSmbam.sys [70088 2022-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [239560 2022-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:Windowssystem32DRIVERSmwac.sys [181992 2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
R3 nvvad_WaveExtensible; C:Windowssystem32driversnvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 OCULUSUDSVR; C:WindowsSystem32driversOCULUSUD.sys [3867552 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.)
R3 oculusvad_oculusvad; C:WindowsSystem32driversoculusvad.sys [75280 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:WindowsSystem32driversOculus_ViGEmBus.sys [32856 2021-12-25] (Oculus VR, LLC -> Facebook Inc.)
R3 rtcx21; C:WindowsSystem32DriverStoreFileRepositoryrtcx21x64.inf_amd64_d2a498d51a4f7becrtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 RzCommon; C:WindowsSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0517; C:WindowsSystem32driversRzDev_0517.sys [56168 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_051a; C:WindowsSystem32driversRzDev_051a.sys [54104 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0f20; C:WindowsSystem32driversRzDev_0f20.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 sTHXVAD; C:WindowsSystem32driversTHXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:Windowssystem32driverswdWdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:Windowssystem32driverswdWdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:WindowsSystem32driverszamguard64.sys [203680 2022-05-13] (Zemana Ltd. -> Zemana Ltd.)
S3 cpuz150; ??C:Windowstempcpuz150cpuz150_x64.sys [X]
S3 cpuz152; ??C:Windowstempcpuz152cpuz152_x64.sys [X]
S1 ZAM; ??C:WindowsSystem32driverszam64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-13 18:58 – 2022-05-13 19:00 – 000000000 ____D C:FRST
2022-05-13 17:30 – 2022-05-13 17:30 – 000000000 ____D C:UsersdavidAppDataLocalchrome_settings
2022-05-13 17:29 – 2022-05-13 17:29 – 000000000 ___HD C:$SysReset
2022-05-13 17:14 – 2022-05-13 17:14 – 000194512 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys
2022-05-13 17:14 – 2022-05-13 17:14 – 000181992 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys
2022-05-13 17:14 – 2022-05-13 17:14 – 000070088 _____ (Malwarebytes) C:Windowssystem32Driversmbam.sys
2022-05-13 16:46 – 2022-05-13 19:00 – 000132306 _____ C:WindowsZAM_Guard.krnl.trace
2022-05-13 16:46 – 2022-05-13 17:14 – 000000000 ____D C:Program Files (x86)MalwareFox AntiMalware
2022-05-13 16:46 – 2022-05-13 17:12 – 000421566 _____ C:WindowsZAM.krnl.trace
2022-05-13 16:46 – 2022-05-13 16:46 – 000203680 _____ (Zemana Ltd.) C:Windowssystem32Driverszamguard64.sys
2022-05-13 16:46 – 2022-05-13 16:46 – 000000000 ____D C:UsersdavidAppDataLocalWolf of Webstreet OPC Private Limited
2022-05-13 16:45 – 2022-05-13 16:45 – 006617512 _____ (Zemana Ltd. ) C:UsersdavidDownloadsMalwareFox.exe
2022-05-13 16:45 – 2022-05-13 16:45 – 000000000 ____D C:UsersdavidAppDataLocalZemana
2022-05-13 16:22 – 2022-05-13 16:23 – 000000000 ____D C:AdwCleaner
2022-05-13 16:22 – 2022-05-13 16:22 – 008551608 _____ (Malwarebytes) C:UsersdavidDownloadsadwcleaner.exe
2022-05-13 15:53 – 2022-05-13 15:53 – 000003496 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA{E3D92D2B-F3BB-49B8-BD1F-29CD748A5B58}
2022-05-13 15:53 – 2022-05-13 15:53 – 000003372 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore{D81811A3-94A5-495E-BA25-39BD0FA6800D}
2022-05-13 15:53 – 2022-05-13 15:53 – 000002330 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2022-05-13 15:53 – 2022-05-13 15:53 – 000002289 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2022-05-13 15:53 – 2022-05-13 15:53 – 000000000 ____D C:Program FilesGoogle
2022-05-13 15:52 – 2022-05-13 15:52 – 001414600 _____ (Google LLC) C:UsersdavidDownloadsChromeSetup (2).exe
2022-05-13 15:52 – 2022-05-13 15:52 – 001414600 _____ (Google LLC) C:UsersdavidDownloadsChromeSetup (1).exe
2022-05-13 15:51 – 2022-05-13 15:51 – 000004784 _____ C:Windowssystem32TasksMicrosoftEdgeShadowStackRollbackTask
2022-05-13 15:51 – 2022-05-13 15:51 – 000002523 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2022-05-13 15:51 – 2022-05-13 15:51 – 000002361 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2022-05-11 06:43 – 2022-05-11 06:43 – 002125824 _____ C:Windowssystem32dwmscene.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000831488 _____ (Microsoft Corporation) C:Windowssystem32Bubbles.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000774144 _____ C:Windowssystem32FsNVSDeviceSource.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000643072 _____ C:Windowssystem32SettingSyncDownloadHelper.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000557056 _____ (Microsoft Corporation) C:Windowssystem32PhotoScreensaver.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000485376 _____ (Microsoft Corporation) C:WindowsSysWOW64PhotoScreensaver.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000460800 _____ C:WindowsSysWOW64SettingSyncDownloadHelper.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000442368 _____ (Microsoft Corporation) C:Windowssystem32html.iec
2022-05-11 06:43 – 2022-05-11 06:43 – 000356352 _____ C:Windowssystem32Windows.Internal.UI.Shell.WindowTabManager.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000341504 _____ (Microsoft Corporation) C:WindowsSysWOW64html.iec
2022-05-11 06:43 – 2022-05-11 06:43 – 000335872 _____ C:Windowssystem32Windows.Internal.UI.Dialogs.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000323584 _____ (Microsoft Corporation) C:Windowssystem32unimdm.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000311296 _____ C:Windowssystem32EsclScan.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000294912 _____ C:Windowssystem32pnpdiag.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000254976 _____ (Microsoft Corporation) C:WindowsSysWOW64unimdm.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000253952 _____ (Microsoft Corporation) C:Windowssystem32ssText3d.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000208896 _____ C:Windowssystem32BthpanContextHandler.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:Windowssystem32l3codecp.acm
2022-05-11 06:43 – 2022-05-11 06:43 – 000196096 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:WindowsSysWOW64l3codecp.acm
2022-05-11 06:43 – 2022-05-11 06:43 – 000188416 _____ C:Windowssystem32EsclProtocol.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000180224 _____ C:Windowssystem32CloudExperienceHostRedirection.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000176128 _____ (Microsoft Corporation) C:Windowssystem32Ribbons.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000176128 _____ (Microsoft Corporation) C:Windowssystem32Mystify.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000122880 _____ (Microsoft Corporation) C:Windowssystem32remotesp.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000098304 _____ C:Windowssystem32sstpcfg.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000088064 _____ (Microsoft Corporation) C:WindowsSysWOW64remotesp.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000086016 _____ C:Windowssystem32printticketvalidation.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000086016 _____ C:Windowssystem32CredProvCommonCore.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000079192 _____ C:Windowssystem32DriversNDKPerf.sys
2022-05-11 06:43 – 2022-05-11 06:43 – 000077824 _____ C:Windowssystem32APMonUI.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000069632 _____ (Microsoft Corporation) C:Windowssystem32kmddsp.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000065536 _____ (Microsoft Corporation) C:Windowssystem32format.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000061440 _____ (Microsoft Corporation) C:Windowssystem32scrnsave.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000061440 _____ (Microsoft Corporation) C:Windowssystem32hidphone.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000051712 _____ C:WindowsSysWOW64CredProvCommonCore.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000049152 _____ (Microsoft Corporation) C:Windowssystem32more.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000049152 _____ (Microsoft Corporation) C:Windowssystem32mode.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000046592 _____ (Microsoft Corporation) C:WindowsSysWOW64format.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000042752 _____ C:Windowssystem32wow64base.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000040960 _____ C:Windowssystem32WsdProviderUtil.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000040960 _____ (Microsoft Corporation) C:Windowssystem32tree.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000039424 _____ (Microsoft Corporation) C:WindowsSysWOW64kmddsp.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000038760 _____ (Microsoft Corporation) C:WindowsSysWOW64msgsm32.acm
2022-05-11 06:43 – 2022-05-11 06:43 – 000034112 _____ (Microsoft Corporation) C:WindowsSysWOW64imaadp32.acm
2022-05-11 06:43 – 2022-05-11 06:43 – 000033568 _____ (Microsoft Corporation) C:WindowsSysWOW64msadp32.acm
2022-05-11 06:43 – 2022-05-11 06:43 – 000032768 _____ (Microsoft Corporation) C:WindowsSysWOW64scrnsave.scr
2022-05-11 06:43 – 2022-05-11 06:43 – 000032768 _____ (Microsoft Corporation) C:WindowsSysWOW64hidphone.tsp
2022-05-11 06:43 – 2022-05-11 06:43 – 000027136 _____ (Microsoft Corporation) C:WindowsSysWOW64mode.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000024576 _____ (Microsoft Corporation) C:WindowsSysWOW64more.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000019456 _____ C:WindowsSysWOW64WsdProviderUtil.dll
2022-05-11 06:43 – 2022-05-11 06:43 – 000017920 _____ (Microsoft Corporation) C:WindowsSysWOW64tree.com
2022-05-11 06:43 – 2022-05-11 06:43 – 000015046 _____ C:Windowssystem32DrtmAuthTxt.wim
2022-05-11 06:42 – 2022-05-11 06:42 – 000335872 _____ C:Windowssystem32Windows.Management.InprocObjects.dll
2022-05-11 06:42 – 2022-05-11 06:42 – 000286720 _____ C:Windowssystem32Microsoft.Bluetooth.Audio.dll
2022-05-11 06:42 – 2022-05-11 06:42 – 000067528 _____ (Microsoft Corporation) C:Windowssystem32msgsm32.acm
2022-05-11 06:42 – 2022-05-11 06:42 – 000063392 _____ (Microsoft Corporation) C:Windowssystem32imaadp32.acm
2022-05-11 06:42 – 2022-05-11 06:42 – 000059264 _____ (Microsoft Corporation) C:Windowssystem32msadp32.acm
2022-05-11 06:40 – 2022-05-11 06:40 – 000000000 ___HD C:$WinREAgent
2022-05-11 06:39 – 2022-05-11 06:39 – 000000000 ____D C:UsersdavidAppDataLocalLowOracle
2022-05-11 06:35 – 2022-05-11 06:35 – 000000000 ____D C:UsersdavidAppDataLocalAWSToolkit
2022-05-11 06:29 – 2022-05-11 06:29 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2022-05-11 06:29 – 2022-05-11 06:29 – 000002028 _____ C:UsersPublicDesktopMalwarebytes.lnk
2022-05-11 06:29 – 2022-05-11 06:29 – 000000000 ____D C:UsersdavidAppDataLocalmbam
2022-05-11 06:28 – 2022-05-11 06:59 – 000239560 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2022-05-11 06:28 – 2022-05-11 06:28 – 002443448 _____ (Malwarebytes) C:UsersdavidDownloadsMBSetup-130589.130589-consumer.exe
2022-05-11 06:28 – 2022-05-11 06:28 – 000223176 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2022-05-11 06:28 – 2022-05-11 06:28 – 000103888 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2022-05-11 06:28 – 2022-05-11 06:28 – 000021480 _____ (Malwarebytes) C:Windowssystem32DriversMbamElam.sys
2022-05-11 06:28 – 2022-05-11 06:28 – 000000000 ____D C:ProgramDataMalwarebytes
2022-05-11 06:28 – 2022-05-11 06:28 – 000000000 ____D C:Program FilesMalwarebytes
2022-05-11 06:17 – 2022-05-11 06:17 – 000468576 _____ C:UsersdavidDownloads1652264230172311420762056.zip
2022-05-11 06:02 – 2022-05-11 06:02 – 000025796 _____ C:UsersdavidDownloadsaf3902-unlocked.pdf
2022-05-09 11:39 – 2022-05-09 11:39 – 000000000 ____D C:ProgramDatadbg
2022-05-08 08:15 – 2022-05-08 08:15 – 000013180 _____ C:Windowssystem32Taskschrome settings
2022-05-03 21:42 – 2022-05-03 21:42 – 000000000 ____D C:UsersdavidAppDataLocalLowNVIDIA
2022-05-03 21:42 – 2022-05-03 21:42 – 000000000 ____D C:UsersdavidAppDataLocalLowAdobe
2022-05-03 21:42 – 2022-05-03 21:42 – 000000000 ____D C:UsersdavidAppDataLocalSolidDocuments
2022-05-03 21:38 – 2022-05-11 07:00 – 000000000 ___RD C:UsersdavidCreative Cloud Files
2022-05-03 21:35 – 2022-05-13 17:13 – 000000000 ____D C:ProgramDataAdobe
2022-05-03 21:34 – 2022-05-13 17:13 – 000000000 ____D C:Program FilesCommon FilesAdobe
2022-05-03 21:34 – 2022-05-13 17:13 – 000000000 ____D C:Program FilesAdobe
2022-05-03 21:34 – 2022-05-13 17:13 – 000000000 ____D C:Program Files (x86)Adobe
2022-05-03 21:34 – 2022-05-11 06:45 – 000000000 ____D C:UsersdavidAppDataLocalAdobe
2022-05-02 21:01 – 2022-05-02 21:01 – 003155319 _____ C:UsersdavidDownloadsPOI Formal.pptx
2022-05-02 20:32 – 2022-05-02 20:32 – 002888362 _____ C:UsersdavidOneDriveDocumentsPOI Formal.pptx
2022-04-22 13:33 – 2022-04-22 13:33 – 000439651 _____ C:UsersdavidDownloadsSC-POA.pdf
2022-04-22 13:21 – 2022-04-22 13:22 – 032735079 _____ C:UsersdavidDownloadsiCloud Photos.zip
2022-04-21 01:56 – 2022-04-21 01:56 – 000012709 _____ C:UsersdavidDownloadsestimates.pdf
2022-04-16 03:29 – 2022-03-18 01:43 – 001905904 _____ C:Windowssystem32vulkaninfo-1-999-0-0-0.exe
2022-04-16 03:29 – 2022-03-18 01:43 – 001905904 _____ C:Windowssystem32vulkaninfo.exe
2022-04-16 03:29 – 2022-03-18 01:43 – 001478392 _____ C:WindowsSysWOW64vulkaninfo-1-999-0-0-0.exe
2022-04-16 03:29 – 2022-03-18 01:43 – 001478392 _____ C:WindowsSysWOW64vulkaninfo.exe
2022-04-16 03:29 – 2022-03-18 01:43 – 001467840 _____ (Khronos Group) C:Windowssystem32OpenCL.dll
2022-04-16 03:29 – 2022-03-18 01:43 – 001432312 _____ C:Windowssystem32vulkan-1-999-0-0-0.dll
2022-04-16 03:29 – 2022-03-18 01:43 – 001432312 _____ C:Windowssystem32vulkan-1.dll
2022-04-16 03:29 – 2022-03-18 01:43 – 001209400 _____ (Khronos Group) C:WindowsSysWOW64OpenCL.dll
2022-04-16 03:29 – 2022-03-18 01:43 – 001145584 _____ C:WindowsSysWOW64vulkan-1-999-0-0-0.dll
2022-04-16 03:29 – 2022-03-18 01:43 – 001145584 _____ C:WindowsSysWOW64vulkan-1.dll
2022-04-16 03:29 – 2022-03-18 01:40 – 000795704 _____ C:Windowssystem32nvofapi64.dll
2022-04-16 03:29 – 2022-03-18 01:40 – 000715944 _____ (NVIDIA Corporation) C:Windowssystem32nvml.dll
2022-04-16 03:29 – 2022-03-18 01:40 – 000636480 _____ C:WindowsSysWOW64nvofapi.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 002121688 _____ (NVIDIA Corporation) C:Windowssystem32NvFBC64.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 001600680 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvFBC.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 001529936 _____ (NVIDIA Corporation) C:Windowssystem32NvIFR64.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 001175696 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvIFR.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 000981648 _____ (NVIDIA Corporation) C:Windowssystem32nvEncodeAPI64.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 000792208 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvEncodeAPI.dll
2022-04-16 03:29 – 2022-03-18 01:39 – 000712664 _____ (NVIDIA Corporation) C:Windowssystem32nvidia-smi.exe
2022-04-16 03:29 – 2022-03-18 01:38 – 008610472 _____ (NVIDIA Corporation) C:Windowssystem32nvcuvid.dll
2022-04-16 03:29 – 2022-03-18 01:38 – 007713872 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuvid.dll
2022-04-16 03:29 – 2022-03-18 01:38 – 005729752 _____ (NVIDIA Corporation) C:Windowssystem32nvcpl.dll
2022-04-16 03:29 – 2022-03-18 01:38 – 005101528 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuda.dll
2022-04-16 03:29 – 2022-03-18 01:38 – 002931856 _____ (NVIDIA Corporation) C:Windowssystem32nvcuda.dll
2022-04-16 03:29 – 2022-03-18 01:38 – 000456872 _____ (NVIDIA Corporation) C:Windowssystem32nvdebugdump.exe
2022-04-16 03:29 – 2022-03-18 01:36 – 000850088 _____ (NVIDIA Corporation) C:Windowssystem32MCU.exe
2022-04-16 03:29 – 2022-03-17 12:33 – 000089337 _____ C:Windowssystem32nvinfo.pb
2022-04-16 03:29 – 2022-03-17 12:33 – 000047792 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvhdap64.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-05-13 18:58 – 2021-10-27 04:17 – 000000000 ____D C:Program Files (x86)Google
2022-05-13 18:56 – 2021-09-30 19:57 – 000000000 ____D C:Windowssystem32SleepStudy
2022-05-13 18:55 – 2021-06-05 08:10 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2022-05-13 18:47 – 2021-10-27 04:27 – 000000000 ____D C:Program Files (x86)Steam
2022-05-13 18:06 – 2021-06-05 08:10 – 000000000 ___HD C:Program FilesWindowsApps
2022-05-13 18:06 – 2021-06-05 08:10 – 000000000 ____D C:WindowsAppReadiness
2022-05-13 17:28 – 2021-10-27 04:26 – 000000000 ____D C:UsersdavidAppDataRoamingdiscord
2022-05-13 17:21 – 2021-09-30 20:03 – 000803404 _____ C:Windowssystem32PerfStringBackup.INI
2022-05-13 17:21 – 2021-06-05 08:09 – 000000000 ____D C:WindowsINF
2022-05-13 17:17 – 2021-12-25 20:59 – 000000000 ____D C:UsersdavidAppDataLocalOculus
2022-05-13 17:17 – 2021-10-27 04:26 – 000000000 ____D C:UsersdavidAppDataLocalDiscord
2022-05-13 17:17 – 2021-10-27 04:14 – 000000000 ____D C:UsersdavidAppDataLocalD3DSCache
2022-05-13 17:17 – 2021-10-27 04:13 – 000000000 ___RD C:UsersdavidOneDrive
2022-05-13 17:17 – 2021-10-20 05:02 – 000000000 ____D C:ProgramDataNVIDIA
2022-05-13 17:14 – 2021-10-27 04:13 – 000000000 ____D C:Usersdavid
2022-05-13 17:14 – 2021-09-30 19:57 – 000472216 _____ C:Windowssystem32FNTCACHE.DAT
2022-05-13 17:14 – 2021-09-30 19:57 – 000012288 ___SH C:DumpStack.log.tmp
2022-05-13 17:14 – 2021-09-30 19:57 – 000000006 ____H C:WindowsTasksSA.DAT
2022-05-13 17:14 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSystemTemp
2022-05-13 17:14 – 2021-06-05 08:01 – 000524288 _____ C:Windowssystem32configBBI
2022-05-13 17:14 – 2021-06-05 08:01 – 000032768 _____ C:Windowssystem32configELAM
2022-05-13 17:13 – 2021-10-27 06:04 – 000000000 ____D C:temp
2022-05-13 17:13 – 2021-10-27 04:14 – 000000000 ____D C:UsersdavidAppDataRoamingAdobe
2022-05-13 17:13 – 2021-10-27 04:14 – 000000000 ____D C:UsersdavidAppDataLocalPackages
2022-05-13 17:13 – 2021-09-30 20:14 – 000000000 ____D C:ProgramDataPackages
2022-05-13 16:13 – 2022-04-01 10:55 – 000000000 ____D C:UsersdavidAppDataLocalOverwolf
2022-05-13 15:53 – 2021-10-27 04:17 – 000000000 ____D C:UsersdavidAppDataLocalGoogle
2022-05-11 06:58 – 2021-06-05 09:17 – 000000000 ____D C:Program FilesWindows Photo Viewer
2022-05-11 06:58 – 2021-06-05 09:17 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___SD C:WindowsSysWOW64F12
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___SD C:Windowssystem32UNP
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___SD C:Windowssystem32F12
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___SD C:Windowssystem32DiagSvcs
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___RD C:WindowsPrintDialog
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ___RD C:WindowsImmersiveControlPanel
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSysWOW64setup
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSysWOW64Dism
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSysWOW64Com
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSystemResources
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32WinBioPlugIns
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32SystemResetPlatform
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32Sysprep
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32setup
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32oobe
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32Dism
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32Com
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32appraiser
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:WindowsIME
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Windowsbcastdvr
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Program FilesWindows Defender
2022-05-11 06:58 – 2021-06-05 08:10 – 000000000 ____D C:Program FilesCommon FilesSystem
2022-05-11 06:58 – 2021-06-05 08:01 – 000000000 ____D C:Windowsservicing
2022-05-11 06:52 – 2021-10-27 04:29 – 000000000 ____D C:UsersdavidAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
2022-05-11 06:46 – 2021-11-10 19:29 – 000000000 ____D C:Windowssystem32MRT
2022-05-11 06:45 – 2021-11-10 19:29 – 145501456 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2022-05-11 06:45 – 2021-06-05 08:08 – 000245760 _____ (Microsoft Corporation) C:Windowssystem32msclmd.dll
2022-05-11 06:45 – 2021-06-05 08:08 – 000207360 _____ (Microsoft Corporation) C:WindowsSysWOW64msclmd.dll
2022-05-11 06:45 – 2021-06-05 08:01 – 000000000 ____D C:WindowsCbsTemp
2022-05-11 06:42 – 2021-09-30 20:00 – 003101696 _____ (Microsoft Corporation) C:WindowsSysWOW64PrintConfig.dll
2022-05-11 06:40 – 2022-04-01 12:17 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2022-05-11 06:40 – 2022-04-01 12:17 – 000000000 ____D C:Program FilesJava
2022-05-11 06:39 – 2022-04-01 12:17 – 000193816 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge-64.dll
2022-05-11 06:33 – 2021-10-27 04:15 – 000000000 ____D C:Program FilesMicrosoft OneDrive
2022-05-11 06:28 – 2021-06-05 08:10 – 000000000 ___HD C:WindowsELAMBKUP
2022-05-11 06:12 – 2021-06-05 08:10 – 000000000 ____D C:WindowsLiveKernelReports
2022-05-11 06:03 – 2021-10-27 06:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer
2022-05-11 06:02 – 2021-12-14 00:41 – 000003596 _____ C:Windowssystem32TasksOneDrive Reporting Task-S-1-5-21-3551373970-2567275225-2894973676-1002
2022-05-11 06:02 – 2021-09-30 20:34 – 000003194 _____ C:Windowssystem32TasksOneDrive Per-Machine Standalone Update Task
2022-05-11 06:02 – 2021-09-30 20:33 – 000002139 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2022-05-08 15:55 – 2021-11-11 06:27 – 000000000 ____D C:UsersdavidAppDataRoaming.minecraft
2022-05-05 20:08 – 2021-10-27 04:50 – 000000000 ____D C:UsersdavidAppDataLocalCrashDumps
2022-05-03 21:35 – 2021-10-27 04:47 – 000000000 ____D C:ProgramDataPackage Cache
2022-05-01 18:32 – 2021-09-30 20:27 – 000000000 ____D C:Program FilesMicrosoft Office
2022-05-01 18:27 – 2021-10-27 06:03 – 000000000 ____D C:Program Files (x86)Razer Chroma SDK
2022-04-28 21:30 – 2021-09-30 19:57 – 000003536 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2022-04-28 21:30 – 2021-09-30 19:57 – 000003412 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2022-04-25 18:43 – 2021-12-25 21:01 – 000000000 ____D C:Program FilesOculus
2022-04-16 04:04 – 2021-10-27 04:15 – 000000000 ____D C:UsersdavidAppDataLocalPlaceholderTileLogoFolder
2022-04-16 03:31 – 2021-10-27 04:19 – 000000000 ____D C:UsersdavidAppDataLocalNVIDIA
2022-04-16 03:29 – 2021-10-27 04:47 – 000004308 _____ C:Windowssystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003976 _____ C:Windowssystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003940 _____ C:Windowssystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-27 04:47 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:29 – 2021-10-20 05:02 – 000000000 ____D C:ProgramDataNVIDIA Corporation
2022-04-16 03:28 – 2021-10-27 04:47 – 000003894 _____ C:Windowssystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:28 – 2021-10-27 04:47 – 000003654 _____ C:Windowssystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-16 03:28 – 2021-10-20 05:02 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation
2022-04-16 03:28 – 2021-10-20 05:01 – 000000000 ____D C:Program FilesNVIDIA Corporation
2022-04-15 02:58 – 2021-11-10 19:33 – 000000000 ____D C:Program Files (x86)Battle.net
2022-04-15 02:58 – 2021-10-27 04:21 – 000000000 ____D C:UsersdavidAppDataLocalBattle.net
2022-04-15 02:57 – 2021-10-27 04:23 – 000000000 ____D C:Program Files (x86)Call of Duty Modern Warfare
2022-04-15 02:49 – 2021-11-10 23:35 – 000000000 ____D C:Program Files (x86)Call of Duty Vanguard
2022-04-13 13:32 – 2021-11-15 01:43 – 000000000 ____D C:Program Files (x86)Origin
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSysWOW64vi-VN
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:WindowsSysWOW64eu-ES
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32vi-VN
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:Windowssystem32eu-ES
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:WindowsShellExperiences
2022-04-13 09:30 – 2021-06-05 08:10 – 000000000 ____D C:WindowsDiagTrack
==================== Files in the root of some directories ========
2022-05-03 21:48 – 2022-05-03 21:48 – 000000000 _____ () C:UsersdavidAppDataLocaloobelibMkey.log
2022-02-18 13:33 – 2022-02-18 13:33 – 000007603 _____ () C:UsersdavidAppDataLocalResmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2022
Ran by david (13-05-2022 19:01:19)
Running from C:UsersdavidOneDriveDesktop
Microsoft Windows 11 Home Version 21H2 22000.675 (X64) (2021-10-20 11:27:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3551373970-2567275225-2894973676-500 – Administrator – Disabled)
david (S-1-5-21-3551373970-2567275225-2894973676-1002 – Administrator – Enabled) => C:Usersdavid
DefaultAccount (S-1-5-21-3551373970-2567275225-2894973676-503 – Limited – Disabled)
Guest (S-1-5-21-3551373970-2567275225-2894973676-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-3551373970-2567275225-2894973676-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 3.10.08.506 – Advanced Micro Devices, Inc.)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 21.10.1 – Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32…{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 – Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32…Battle.net) (Version: – Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32…Call of Duty Modern Warfare) (Version: – Blizzard Entertainment)
Call of Duty Vanguard (HKLM-x32…Call of Duty Vanguard) (Version: – Blizzard Entertainment)
Discord (HKUS-1-5-21-3551373970-2567275225-2894973676-1002…Discord) (Version: 1.0.9003 – Discord Inc.)
Epic Games Launcher (HKLM-x32…{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 – Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32…{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 – Epic Games, Inc.)
Far Cry 6 (HKLM-x32…Uplay Install 5266) (Version: – Ubisoft)
Google Chrome (HKLM-x32…Google Chrome) (Version: 101.0.4951.67 – Google LLC)
Java 8 Update 333 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 – Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Malwarebytes version 4.5.9.198 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 – Malwarebytes)
Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.15128.20178 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 101.0.1210.47 – Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 101.0.1210.39 – Microsoft Corporation)
Microsoft OneDrive (HKLM…OneDriveSetup.exe) (Version: 22.089.0426.0003 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 – Microsoft Corporation)
Microsoft Visio – en-us (HKLM…VisioProRetail – en-us) (Version: 16.0.15128.20178 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29913 (HKLM-x32…{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29914 (HKLM-x32…{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 – Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) – 14.11.25325 (HKLM-x32…{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 – Microsoft Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 – NVIDIA Corporation)
NVIDIA Graphics Driver 512.15 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 – NVIDIA Corporation)
Oculus (HKLM…Oculus) (Version: <3 – Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 – Microsoft Corporation) Hidden
Origin (HKLM-x32…Origin) (Version: 10.5.112.50486 – Electronic Arts, Inc.)
Promontory_GPIO Driver (HKLM-x32…{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden
Razer Synapse (HKLM-x32…Razer Synapse) (Version: 3.7.0429.050715 – Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8988.1 – Realtek Semiconductor Corp.)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
Streamlabs OBS 1.5.2 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Version: 1.5.2 – General Workings, Inc.)
Ubisoft Connect (HKLM-x32…Uplay) (Version: 127.1.10616 – Ubisoft)
Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Hidden
Packages:
=========
Canon Inkjet Print Utility -> C:Program FilesWindowsApps34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-04-08] (Canon Inc.)
Forza Horizon 5 -> C:Program FilesWindowsAppsMicrosoft.624F8B84B80_3.455.709.0_x64__8wekyb3d8bbwe [2022-04-26] (Microsoft Studios)
Minecraft for Windows 10 -> C:Program FilesWindowsAppsMicrosoft.MinecraftUWP_1.18.3104.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Studios)
Minecraft Launcher -> C:Program FilesWindowsAppsMicrosoft.4297127D64EC6_1.1.15.0_x64__8wekyb3d8bbwe [2022-05-11] (Microsoft Studios)
NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-16] (NVIDIA Corp.)
Speedtest by Ookla -> C:Program FilesWindowsAppsOokla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-11-16] (Ookla)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0 [2022-05-13] (Spotify AB) [Startup Task]
Xbox Accessories -> C:Program FilesWindowsAppsMicrosoft.XboxDevices_300.2202.25001.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation)
XboxInsiderHub -> C:Program FilesWindowsAppsMicrosoft.XboxInsider_1.2203.11001.0_x64__8wekyb3d8bbwe [2022-03-22] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-3551373970-2567275225-2894973676-1002_ClassesCLSID{2F81B25E-7507-4844-BFF2-77D2CC24CED4}localserver32 -> “C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe” -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-05-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive22.089.0426.0003FileSyncShell64.dll [2022-05-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_2b01a28ee7b06750nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-05-11] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-27 04:27 – 2022-03-03 22:23 – 126965248 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libcef.dll
2021-10-27 04:27 – 2021-11-17 07:38 – 000384000 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libegl.dll
2021-10-27 04:27 – 2021-11-17 07:38 – 008006656 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libglesv2.dll
2021-10-27 04:27 – 2022-03-03 22:23 – 000983552 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Steambincefcef.win7x64chrome_elf.dll
2021-11-15 01:43 – 2021-11-15 01:43 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll
2021-11-15 01:43 – 2021-11-15 01:43 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll
2021-11-15 01:43 – 2021-11-15 01:43 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll
2022-04-13 13:32 – 2021-11-15 01:43 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:UsersPublicShared Files:VersionCache [4418]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_333binssv.dll [2022-05-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_333binjp2ssv.dll [2022-05-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 08:08 – 2021-06-05 08:08 – 000000824 _____ C:Windowssystem32driversetchosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:Program FilesOculusSupportoculus-runtime;C:Program Files (x86)Razer Chroma SDKbin;C:Program FilesRazer Chroma SDKbin;C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsApps;C:UsersdavidAppDataLocalMicrosoftWindowsApps
HKUS-1-5-21-3551373970-2567275225-2894973676-1002Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperWindowsimg0.jpg
DNS Servers: 192.168.1.254
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D86C048C-4384-4A57-9CD7-884F4EF73AD4}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe => No File
FirewallRules: [{C12401E1-A417-4EFE-88ED-6F812B439A79}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe => No File
FirewallRules: [TCP Query User{FBD6EAC4-D1EF-422E-A824-374A7D939157}C:usersdavidappdataroamingspotifyspotify.exe] => (Allow) C:usersdavidappdataroamingspotifyspotify.exe => No File
FirewallRules: [UDP Query User{F7AF2AC2-2476-41D7-9D19-1AB8B0DED4F2}C:usersdavidappdataroamingspotifyspotify.exe] => (Allow) C:usersdavidappdataroamingspotifyspotify.exe => No File
FirewallRules: [{F5AE84FF-27FC-468D-8454-D1E187512A8F}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D4A50FA-B700-4898-A792-D887A9F4AA16}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{22C506A2-B67E-472E-B5BE-E11F427E643E}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DE772FCA-BD55-4BEC-88A0-218C272F1D87}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0FD005C7-479B-42B5-9E83-07DD5744566B}] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{1EBFFDB3-1613-4A8F-A00B-FDEE80875C15}] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{D2B17809-2DC9-4F76-8B20-DEA48108EFD8}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )
FirewallRules: [{193A9561-54EF-4F7D-8642-8C3E01776F68}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )
FirewallRules: [{6D6E31A6-56F1-4389-8D02-922B2B28EEE1}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{354E2CA2-CADC-445A-8B8D-E2A595AFAFAF}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{49547135-4434-4441-BCD3-836240DE7E04}C:program files (x86)call of duty modern warfaremodernwarfare.exe] => (Allow) C:program files (x86)call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{D38B1050-3BB8-413B-9F6A-DE18E276A065}C:program files (x86)call of duty modern warfaremodernwarfare.exe] => (Allow) C:program files (x86)call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{2FCA9DD8-432E-4154-B915-F726E8B453DA}C:program files (x86)call of duty vanguardvanguard.exe] => (Allow) C:program files (x86)call of duty vanguardvanguard.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{E068A43C-656D-40DC-8AE7-4BCF1F90278F}C:program files (x86)call of duty vanguardvanguard.exe] => (Allow) C:program files (x86)call of duty vanguardvanguard.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9AF155A4-8BA3-4E01-9526-98E8C3270BDD}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalmicrosoftwritablepackagerootruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalmicrosoftwritablepackagerootruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [UDP Query User{1714989F-9E22-412E-AFE9-2153ADC02C94}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalmicrosoftwritablepackagerootruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalmicrosoftwritablepackagerootruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [TCP Query User{FDFF6844-5DA0-40BA-ABC2-5C1917A4A032}C:program files (x86)steamsteamappscommonbattlefield 2042bf2042.exe] => (Allow) C:program files (x86)steamsteamappscommonbattlefield 2042bf2042.exe => No File
FirewallRules: [UDP Query User{88465630-7A61-4A17-AD3F-7526316593F4}C:program files (x86)steamsteamappscommonbattlefield 2042bf2042.exe] => (Allow) C:program files (x86)steamsteamappscommonbattlefield 2042bf2042.exe => No File
FirewallRules: [TCP Query User{D901E405-450A-4784-A684-9E7912DBC5CE}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [UDP Query User{CFB279B1-AE23-4823-AF2C-62733942BE4A}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [{667CC463-340B-4B44-B2E9-F4E90A825CD5}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F1A9226F-7035-49C3-B616-D8568EED107A}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C06B5968-A942-4668-B32A-C38585199B40}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{0AC8456B-DFA0-47C3-B7F0-BF650540465B}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C6BB5363-8856-4115-A651-3AFB99707275}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C98AED25-2762-4CA8-B603-45C49F827773}] => (Allow) C:Program FilesOculusSupportoculus-runtimeOVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8B40E4FA-9768-44DE-944D-511324A7D380}] => (Allow) C:Program FilesOculusSupportoculus-dashdashbinOculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{37A42AFB-6DA8-48B4-A200-F2B5CA8B60EC}] => (Allow) C:Program FilesOculusSupportoculus-dashdashbinOculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{C12EA6ED-1F95-4AC7-8A34-D3B6E327B489}] => (Allow) C:Program FilesOculusSupportoculus-worldsHome2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{59C84538-599D-4D5E-8ACB-AD3323FBFEBD}] => (Allow) C:Program FilesOculusSupportoculus-worldsHome2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{FA108ABD-9D0F-477E-A7AF-3BCE0475284D}] => (Allow) C:Program FilesOculusSupportoculus-worldsHome2BinariesWin64Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{95DA67B6-E22E-4E8D-9631-0CCD439AA416}] => (Allow) C:Program FilesOculusSupportoculus-worldsHome2BinariesWin64Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E3F4949D-7411-4332-AB9A-00C24C01BC8E}] => (Allow) C:Program FilesOculusSupportoculus-worldsEngineBinariesWin64UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E58435D6-F20E-4FBD-BFA6-9E6AD406DC1B}] => (Allow) C:Program FilesOculusSupportoculus-worldsEngineBinariesWin64UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E704A863-2F93-4E61-820D-6A2E893FB2C3}] => (Allow) C:Program FilesOculusSupportoculus-clientOculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{3A260D84-4D36-4546-B316-A1A8F1533761}] => (Allow) C:Program FilesOculusSupportoculus-clientOculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{02680741-FF51-42F9-9569-F8CD49F55D1F}] => (Allow) C:Program Files (x86)SteamsteamappscommonH3VRh3vr.exe () [File not signed]
FirewallRules: [{2244D4FB-F568-4DA4-BBEF-D33FA6E8C1C3}] => (Allow) C:Program Files (x86)SteamsteamappscommonH3VRh3vr.exe () [File not signed]
FirewallRules: [TCP Query User{A9007670-DD75-43E8-BA34-15FAA86A068C}C:program filesoculussoftwaresoftwarehyperbolic-magnetism-beat-saberbeat saber.exe] => (Allow) C:program filesoculussoftwaresoftwarehyperbolic-magnetism-beat-saberbeat saber.exe () [File not signed]
FirewallRules: [UDP Query User{49BC768B-09BA-4905-9BB4-450BC556D755}C:program filesoculussoftwaresoftwarehyperbolic-magnetism-beat-saberbeat saber.exe] => (Allow) C:program filesoculussoftwaresoftwarehyperbolic-magnetism-beat-saberbeat saber.exe () [File not signed]
FirewallRules: [{C811BD91-30FF-4BDE-BD8B-8ECCF68AC41A}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRbinwin32vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1E0DFA83-8745-41BB-8CA9-1406011A2949}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRbinwin32vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F2FF9AF1-A2EB-4AE2-8938-651A815C356D}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRtoolssteamvr_environmentsgamebinwin64steamtours.exe (Valve -> )
FirewallRules: [{D664EBB8-27C7-4D38-BBED-2E7760B4E69C}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRtoolssteamvr_environmentsgamebinwin64steamtours.exe (Valve -> )
FirewallRules: [{60ED4746-5C8A-423A-BA91-10F4F2724B99}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRtoolssteamvr_environmentsgamebinwin64steamtourscfg.exe (Valve -> )
FirewallRules: [{E0DF8F37-F454-4597-8D6B-85A130CC2948}] => (Allow) C:Program Files (x86)SteamsteamappscommonSteamVRtoolssteamvr_environmentsgamebinwin64steamtourscfg.exe (Valve -> )
FirewallRules: [{3CE79F5E-573C-422F-8613-D9B9ACED39AF}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{16CAF69B-AC57-4CAE-A7F5-448AEE734777}C:program files (x86)ubisoftubisoft game launchergamesfar cry 6binfarcry6.exe] => (Allow) C:program files (x86)ubisoftubisoft game launchergamesfar cry 6binfarcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B341011A-B8EB-4993-90FC-FDD904949633}C:program files (x86)ubisoftubisoft game launchergamesfar cry 6binfarcry6.exe] => (Allow) C:program files (x86)ubisoftubisoft game launchergamesfar cry 6binfarcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{B9523F89-D517-416A-A8E6-A7D3BBEDC5C7}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesFar Cry 6binFarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{BCAD28A5-B0C1-4358-B678-74A8468F9E14}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesFar Cry 6binFarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{91A742C2-EDA7-4F66-BE87-E9D658281A02}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesFar Cry 6bin_plusFarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{60C058E7-4E37-43C8-8CFD-5EBFD9A57A42}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesFar Cry 6bin_plusFarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{F555105B-16B3-46ED-801A-15937273FF77}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebinui32.exe (Skutta, Kristjan -> )
FirewallRules: [{2FEEA42B-7F99-452C-BD1C-7DDB8AB6C76F}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebinui32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{97E9BD52-3D09-4898-AA8A-0B10FC3F6657}C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2819C19F-37FC-4C5F-916E-C86ED7B29256}C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{BD4B5F86-D342-48B1-8B29-0DA47E12C54F}C:program filesepic gamesfortniteenginebinarieswin64epicwebhelper.exe] => (Allow) C:program filesepic gamesfortniteenginebinarieswin64epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{34C4F7A0-765B-4777-BC2B-D44DBA94A1C0}C:program filesepic gamesfortniteenginebinarieswin64epicwebhelper.exe] => (Allow) C:program filesepic gamesfortniteenginebinarieswin64epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{CEC0DA34-14FB-4EDC-9C91-56C9862FA842}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{F5929C81-E7DB-4BF3-A250-8A2CD05C07C3}] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{3AD5DEA8-086F-451F-B6DD-74DF6E23F8C2}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe
FirewallRules: [UDP Query User{470F2705-93A2-401A-B3B0-F946DAA6ECDD}C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe] => (Allow) C:usersdavidappdatalocalpackagesmicrosoft.4297127d64ec6_8wekyb3d8bbwelocalcachelocalruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe
FirewallRules: [TCP Query User{C8AFD33B-D9D7-40F1-872B-41F3DB2C3C67}C:usersdavidappdatalocaldiscordapp-1.0.9004discord.exe] => (Allow) C:usersdavidappdatalocaldiscordapp-1.0.9004discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{9D9EA98D-9B6B-432A-B962-396BE34AA950}C:usersdavidappdatalocaldiscordapp-1.0.9004discord.exe] => (Allow) C:usersdavidappdatalocaldiscordapp-1.0.9004discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{E686EF61-B2DE-4EA5-AE6F-4B0ACA05B976}] => (Allow) C:Program FilesOculusSoftwareSoftwarehyperbolic-magnetism-beat-saberBeat Saber.exe () [File not signed]
FirewallRules: [{58AF897E-BEF5-474B-80C3-BC7F4D8DD183}] => (Allow) C:Program FilesOculusSoftwareSoftwarehyperbolic-magnetism-beat-saberBeat Saber.exe () [File not signed]
FirewallRules: [{439AA80C-104A-4E34-86BB-25A3C81201FF}] => (Allow) C:Program FilesOculusSoftwareSoftwarehyperbolic-magnetism-beat-saberUnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{57B91E1D-BBA1-472B-A887-6114815F0CE0}] => (Allow) C:Program FilesOculusSoftwareSoftwarehyperbolic-magnetism-beat-saberUnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [TCP Query User{0E31B914-8C65-44AE-9F7E-5348C87F0EC5}C:usersdavidappdataroamingbloombloom.exe] => (Block) C:usersdavidappdataroamingbloombloom.exe => No File
FirewallRules: [UDP Query User{B488B4A7-2DF0-409B-8A72-7A6A0943DA00}C:usersdavidappdataroamingbloombloom.exe] => (Block) C:usersdavidappdataroamingbloombloom.exe => No File
FirewallRules: [TCP Query User{664C52E3-6D60-4627-AFCB-E84E62D1E955}C:usersdavidcurseforgeminecraftinstallruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe] => (Block) C:usersdavidcurseforgeminecraftinstallruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe
FirewallRules: [UDP Query User{585CD563-C8A1-444D-B649-0C7C2B2CE7BA}C:usersdavidcurseforgeminecraftinstallruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe] => (Block) C:usersdavidcurseforgeminecraftinstallruntimejava-runtime-betawindows-x64java-runtime-betabinjavaw.exe
FirewallRules: [TCP Query User{2D94A2A0-E901-448A-BCE4-79797E2BC048}C:program filesjavajre1.8.0_321binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_321binjavaw.exe => No File
FirewallRules: [UDP Query User{CC8F513F-DA52-4DF5-B1BD-C3BFFC12478C}C:program filesjavajre1.8.0_321binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_321binjavaw.exe => No File
FirewallRules: [TCP Query User{0B091716-FDA3-4F2C-9A50-321E4A68E869}C:usersdavidappdataroaming.technicruntimesjre-legacybinjavaw.exe] => (Allow) C:usersdavidappdataroaming.technicruntimesjre-legacybinjavaw.exe
FirewallRules: [UDP Query User{4CD52164-C6A4-4DE9-B989-2CB47D4BDD1E}C:usersdavidappdataroaming.technicruntimesjre-legacybinjavaw.exe] => (Allow) C:usersdavidappdataroaming.technicruntimesjre-legacybinjavaw.exe
FirewallRules: [{19328986-11A4-4690-8ED7-FDEE626C781F}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{248991CE-E1B9-48E5-9227-AA22AE2B3AA4}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E509DB6F-B91D-439A-9426-FDAA706881F9}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F94F1FAA-3500-4433-BB75-87C29C4AB309}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{46A5353A-02C5-46C0-A87D-CE3CD87E0503}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication101.0.1210.39msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B0ABF3F-DB2C-4183-B419-A471902DFC21}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDF95B7A-6AC4-46C1-BED0-B2A88A13A4E3}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8B4FF88-741B-4D46-842E-34F0FC2CDF25}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{EE3A867F-DE68-4C7B-AEB2-2CC0D24756FF}] => (Allow) C:Program Files (x86)SteamsteamappscommonELDEN RINGGamestart_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{587888A0-C4E3-45C5-ABDF-F4954597410F}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D8877256-3904-47C4-A88C-FD84E09B695B}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF74E75F-313F-4C2E-8F4D-5535F9A75EE7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE55B11D-10BE-4932-952C-EC774AD0E6D2}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{133FEEC4-1D5B-4A3D-9F91-4E71FA7C9449}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324EE767-F000-48DB-B0C9-509869113C5C}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2759A7E-30C6-4B30-8ECA-827DD91BCB6F}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76E8564E-8C81-43CF-811F-CFE95D685874}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{756CF1DA-32EA-4ABE-818D-1A1AF156EAE7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/13/2022 05:14:54 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/13/2022 05:14:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (05/13/2022 05:14:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (05/13/2022 05:14:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (05/13/2022 04:34:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 101.0.4951.67 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 6f88
Start Time: 01d867080233d824
Termination Time: 4294967295
Application Path: C:Program FilesGoogleChromeApplicationchrome.exe
Report Id: b677e610-e140-47ef-a7aa-1efda67fed1d
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
Error: (05/11/2022 07:10:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_InstallService, version: 10.0.22000.527, time stamp: 0xe6f2ec65
Faulting module name: ntdll.dll, version: 10.0.22000.653, time stamp: 0xbaecbb56
Exception code: 0xc0000374
Fault offset: 0x000000000010c729
Faulting process id: 0x1808
Faulting application start time: 0x01d8652645c56971
Faulting application path: C:WindowsSystem32svchost.exe
Faulting module path: C:WindowsSYSTEM32ntdll.dll
Report Id: e8646461-e72c-400e-8106-6abc584268e7
Faulting package full name:
Faulting package-relative application ID:
Error: (05/11/2022 06:59:05 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/11/2022 06:58:36 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (05/13/2022 06:06:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.
Error: (05/13/2022 05:14:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error “1115” attempting to start the service UsoSvc with arguments “Unavailable” in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (05/13/2022 05:14:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error “1115” attempting to start the service UsoSvc with arguments “Unavailable” in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (05/13/2022 05:12:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/13/2022 04:35:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/13/2022 04:35:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (05/13/2022 04:24:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (05/13/2022 04:24:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Windows Defender:
================
Date: 2022-05-11 06:29:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-05-09 20:09:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-05-08 20:09:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-05-07 20:09:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-05-06 20:09:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2022-05-05 18:36:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.1484.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.5
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2022-05-05 18:36:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.1488.0
Previous security intelligence Version: 1.363.1484.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.19200.5
Previous Engine Version: 1.1.19200.5
Error code: 0x80508007
Error description: Your device is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
Date: 2022-05-05 18:36:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.363.1488.0
Previous security intelligence Version: 1.363.1484.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.19200.5
Previous Engine Version: 1.1.19200.5
Error code: 0x80508007
Error description: Your device is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
CodeIntegrity:
===============
Date: 2022-05-05 21:29:04
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2203.5-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-02 03:14:34
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2202.4-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesMicrosoft OfficerootvfsProgramFilesCommonX64Microsoft SharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-12-22 07:17:07
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_3bab16edc4978b17NvCameraNvCameraAllowlisting64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. H.00 07/27/2021
Motherboard: Micro-Star International Co., Ltd. B550-A PRO[CEC] (MS-7C56)
Processor: AMD Ryzen 5 5600X 6-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16310.09 MB
Available physical RAM: 9682.76 MB
Total Virtual: 17334.09 MB
Available Virtual: 7416.5 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.81 GB) (Free:358.31 GB) NTFS
\?Volume{d4e572bb-3fca-4a2a-b2ed-cc28bf638e7b} (Recovery) (Fixed) (Total:0.59 GB) (Free:0.09 GB) NTFS
\?Volume{ef22a638-f996-faa4-fb0b-9fa3c99fd8b5} () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\?Volume{a2b4a81c-a469-c4c9-f372-498b85ab8b0f} () (Fixed) (Total:99.33 GB) (Free:0 GB) NTFS
\?Volume{4258a640-7cd0-4596-a96c-0763a6a07a2b} (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 48BA4288)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt =======================
Source: https://www.bleepingcomputer.com/forums/t/772032/chrome-properties-extention/