For the past couple of weeks, my laptop's internet connection has been "disabled" at random times, typically after a few hours of use. I put disabled in quotes because the activity is really unusual. When it occurs, all attempts to load a web page will fail, showing a Chrome "no internet" page. The network icon in the bottom right will still show connected to my wifi router. After a few minutes, the network icon will change to the "no internet" icon (wireframe globe with struck circle). It will then switch between the two and other applications (i.e. Steam, GOG Galaxy, etc) will lose connection.
While all this is going on, however, I can still use CMD to ping raw ip addresses (google's 8.8.8.8 & my ISP's DNS 207.91.5.20) no problem & my AVAST antivirus was able to update it's definitions. I'd also like to note that attempts to ping web addresses (www.google.com) would fail.
Full scans with MalwareBytes come up empty. An AVAST boot-time scan quarantined an HTML:PhishingTwt-F [Phish] threat from Chrome's ServiceWorker Cache Storage on 9/1/2023, but has come up clean ever since.
I use MalwareBytes, AVAST, & SpyBot
I'd greatly appreciate any help you can give.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2023
Ran by William H. Harris II (administrator) on MSI (Micro-Star International Co., Ltd. GE72 6QD) (17-09-2023 16:53:03)
Running from C:\Users\William Harris\Desktop\FRST64.exe
Loaded Profiles: William H. Harris II
Platform: Microsoft Windows 10 Home Version 21H2 19044.3086 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (MSI) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(explorer.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MICRO-STAR INTERNATIONAL CO., LTD -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(services.exe ->) (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_3583fda5ef1eb1bb\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-24] (A-Volute -> )
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [3724528 2015-06-25] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301056 2015-09-11] (MSI) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3920552 2015-10-27] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13838672 2023-09-01] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-08-31] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670824 2020-12-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896104 2020-12-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [EnableCloudClipboard] 0
HKLM\Software\Policies\...\system: [CloudClipboardAutomaticUpload] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Run: [MicrosoftEdgeAutoLaunch_6454A3256F3E547D70E845B2235126AB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4219448 2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\MountPoints2: {e02927cb-e2fb-11e5-9bda-e094679c5b70} - "F:\LaunchU3.exe" -a
HKLM\...\Print\Monitors\EPSON WF-3620 Series 64MonitorBE: C:\Windows\system32\E_YLMBKEE.DLL [187392 2018-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\Torment.exe: [{8f376ce2-c213-4a6c-a329-0b2a7eb2bad8}.sdb] -> GOG.com Planescape Torment
HKLM\Software\...\AppCompatFlags\InstalledSDB\{8f376ce2-c213-4a6c-a329-0b2a7eb2bad8}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{8f376ce2-c213-4a6c-a329-0b2a7eb2bad8}.sdb [2013-01-14]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.188\Installer\chrmstp.exe [2023-09-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {71BC5CBC-62F7-4DD0-8927-DEDB0985966F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EB891F3E-9C8E-4ACD-AF8A-F2EADD0BA08B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-15] (Adobe Inc. -> Adobe)
Task: {D85182E2-8F2A-45C4-9C10-4D10AD876FDA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-15] (Adobe Inc. -> Adobe)
Task: {4E91848C-CEDC-4AF8-97BF-BF86AF1E74CE} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-08-31] (Avast Software s.r.o. -> AVAST Software)
Task: {F5745766-36F4-4F0B-A97E-92B8B05AB1B1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {E279F9CF-C092-4E76-9607-940A5518B6F4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {69BF2CB8-B63A-450E-B9C2-D03F5FACD2A9} - System32\Tasks\BorderlessGaming => C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe --silent --minimize (No File)
Task: {C91BEC57-C59A-44DC-8736-762A823748A5} - System32\Tasks\EPSON WF-3620 Series Invitation {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {EB0B9145-9513-4D9F-8B8F-675906A2F3FB} - System32\Tasks\EPSON WF-3620 Series Invitation {3F807F60-830A-4206-9CCB-DDF2889468AD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {FDDA8287-6EF5-4A9F-A98C-AFA2EE89F3F8} - System32\Tasks\EPSON WF-3620 Series Update {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {87A74568-AB3A-44E6-9A71-97D6FDED93F5} - System32\Tasks\EPSON WF-3620 Series Update {3F807F60-830A-4206-9CCB-DDF2889468AD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {48928804-DC6F-47BE-8C5E-E203CD6FCDBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-01] (Google Inc -> Google Inc.)
Task: {1AA9EF82-1177-4B93-B016-7FCBC5C36680} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-01] (Google Inc -> Google Inc.)
Task: {7BB8B0E3-2A52-4D70-B926-A9665FCE5E6C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel® Corporation)
Task: {FE68B9A1-DC5D-475F-845D-B0BE5D838861} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (No File)
Task: {65DAAC29-3EE3-4FA2-BED1-6AE9627A98E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A6FB835C-0844-4515-B6CD-2611E2A32A0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41B43DF8-170F-40CC-B2AC-D1352AF9D109} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A7EA4C1-C693-4413-8C5F-A8CA662989EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {680714B9-7138-4792-91AA-F8061B00744F} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [1680520 2014-01-23] (MICRO-STAR INTERNATIONAL CO., LTD -> TODO: <公司名稱>) [File not signed] -> C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
Task: {59C5BACD-81DC-4B13-A6FA-80A6C5C37CD1} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2017-07-25] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {C406A51E-A119-45A1-B004-F5AA079FAAE7} - System32\Tasks\MyTasks\autoElevatePlanescapeTorment => "D:\GOG Games\Planescape Torment\torment.exe" (No File)
Task: {35AEBCAD-F6D5-4262-A98F-6AAEB33124FB} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [816128 2015-08-24] () [File not signed]
Task: {29EE6538-A830-4F46-AE10-F548052D8E37} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [276992 2015-08-24] () [File not signed]
Task: {B3D8853B-B228-4F0D-8D09-BD9597968E3F} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-24] (A-Volute -> )
Task: {FFF35863-C79D-4E08-B962-2AB1BDD331DC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-04-13] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {87927F2C-587D-48BC-BF7F-3601F82F4EE1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-04-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {91CBF5EB-458E-426C-BD0C-3CCE0C06AE3C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {686C321E-2CC4-4CE3-9C8F-1A3FBDE89683} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E464DC5-8BDB-46E3-BBCA-239D77D3FAC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AD7E7A8-1EE9-4CF5-BBAF-EE7984ED288C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3813B4C7-3DB8-4DD3-94CE-EF9842CA2095} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {517422E9-69F4-4293-A820-BE537697430B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13AC78F3-D278-4D0D-94CC-698E1268B650} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DF23FEA-AA63-44D0-8593-5D32CA984C69} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (No File)
Task: {35F787A1-0632-4689-9F53-F0D88E83C6B1} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [436544 2023-03-30] (Alexey Nicolaychuk -> )
Task: {CEF51549-5D9D-490F-8F41-0CE26B668DA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {602B4759-7CC2-4669-B0BF-925EAA128C0D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5629064 2021-11-23] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {0E0E08C5-4385-431D-8162-EA2C33216D86} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6093928 2021-12-20] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {20DE674A-0109-48C9-8E5F-DCA452B5538F} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8969432 2019-08-29] (Safer-Networking Ltd. -> )
Task: {7C934004-4867-45FB-B1DE-690E6738F62B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3920552 2015-10-27] (Synaptics Incorporated -> Synaptics Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{07A2BB10-C9FF-4551-AC8D-DBDA40D9311A} /F:UpdateWORKGROUP\MSI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 207.91.5.20
Tcpip\..\Interfaces\{74a29de7-a2ac-482b-b10d-4d7a32c29abf}: [DhcpNameServer] 192.168.254.254 207.91.5.20
Edge:
=======
Edge Profile: C:\Users\William Harris\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-18]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: fcxjj1sc.default
FF ProfilePath: C:\Users\William Harris\AppData\Roaming\Mozilla\Firefox\Profiles\fcxjj1sc.default [2023-03-11]
FF ProfilePath: C:\Users\William Harris\AppData\Roaming\Mozilla\Firefox\Profiles\rsfcctdh.default-release [2023-08-31]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2021-09-29] [Legacy] [not signed]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-2429930631-2168461832-2155636815-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2429930631-2168461832-2155636815-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2429930631-2168461832-2155636815-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2429930631-2168461832-2155636815-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\William Harris\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-05] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default [2023-09-17]
CHR DownloadDir: D:\Storage\Downloads
CHR Notifications: Default -> hxxps://mail.protonmail.com; hxxps://steamstat.us
CHR Extension: (Sad Panda) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2018-05-10]
CHR Extension: (uBlock Origin) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
CHR Extension: (Return YouTube Dislike) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-08-05]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-07]
CHR Extension: (Real Twitter Verifier) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilodkaidiippiakjnjmeclaaodgeocli [2023-04-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Downloader for OnlyFans.com) - C:\Users\William Harris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdbbabjcnanbkimdgcdfbnghhmchomnh [2022-06-02]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-15] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-08-31] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-08-31] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-08-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [2346976 2023-08-08] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-08-08] (GOG sp. z o.o -> GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2484992 2018-09-04] (Rivet Networks LLC -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-01] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2015-09-11] (Micro-Star International Co., Ltd.) [File not signed]
R2 MsiTrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [175344 2015-06-25] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [37712 2023-09-01] (SteelSeries ApS -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 wust; C:\OSRSS\wust.exe [0 0000-00-00] () [Access Denied]
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
S2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_3583fda5ef1eb1bb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_3583fda5ef1eb1bb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238496 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392880 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272576 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559184 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [946160 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [705480 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212680 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [154752 2018-09-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-17] (Malwarebytes Inc. -> Malwarebytes)
R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43472 2023-03-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 RTCoreMini64; C:\Program Files (x86)\RivaTuner Statistics Server\PlugIns\Client\RTCoreMini64.sys [37240 2022-02-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [171664 2016-10-04] (RH Software -> Ray Hinchliffe)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows ® Win 7 DDK provider)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2021-04-05] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-12-23] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38312 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-09-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-04] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] (Micro-Star Int'l Co. Ltd. -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-17 16:53 - 2023-09-17 16:54 - 000041387 _____ C:\Users\William Harris\Desktop\FRST.txt
2023-09-17 16:50 - 2023-09-17 16:52 - 002382848 _____ (Farbar) C:\Users\William Harris\Desktop\FRST64.exe
2023-09-17 01:31 - 2023-09-17 01:31 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-15 17:26 - 2023-09-15 18:41 - 000000000 ____D C:\Users\William Harris\AppData\Roaming\Hedon
2023-09-04 18:15 - 2023-09-04 18:09 - 008791352 _____ (Malwarebytes) C:\Users\William Harris\Desktop\adwcleaner.exe
2023-09-04 18:10 - 2023-09-04 18:10 - 000000000 ____D C:\AdwCleaner
2023-08-31 20:08 - 2023-08-31 20:10 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-08-31 20:07 - 2023-08-31 20:11 - 000341662 _____ C:\WINDOWS\ntbtlog.txt
2023-08-31 18:57 - 2023-09-16 02:10 - 000000000 ____D C:\Users\William Harris\AppData\LocalLow\IGDump
2023-08-31 18:07 - 2023-08-31 18:03 - 000455314 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20230831-180749.backup
2023-08-31 18:02 - 2023-08-31 18:02 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-08-26 00:21 - 2023-08-26 00:23 - 4104122368 _____ C:\Users\William Harris\dvd.iso
2023-08-25 17:29 - 2023-08-26 00:01 - 000030090 _____ C:\Users\William Harris\Desktop\dvd.dvds
2023-08-18 23:22 - 2023-08-18 23:22 - 000000000 ____D C:\Users\William Harris\AppData\LocalLow\Forever Entertainment SA
2023-08-18 23:22 - 2023-08-18 23:22 - 000000000 ____D C:\Users\William Harris\AppData\LocalLow\Forever Entertainment S_ A_
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-17 16:54 - 2023-05-10 16:45 - 000000000 ____D C:\Users\William Harris\AppData\Local\Malwarebytes
2023-09-17 16:53 - 2018-02-23 22:42 - 000000000 ____D C:\FRST
2023-09-17 16:47 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-17 16:41 - 2016-10-04 10:57 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-17 16:38 - 2021-12-15 18:47 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-17 16:38 - 2021-05-01 05:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-17 16:38 - 2016-03-01 21:08 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-17 01:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-17 01:38 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-17 01:32 - 2023-02-14 23:53 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-17 01:31 - 2016-03-01 21:14 - 000000000 ____D C:\ProgramData\AVAST Software
2023-09-17 01:30 - 2016-03-03 21:46 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2023-09-17 01:29 - 2022-10-22 23:43 - 000000927 _____ C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A}.job
2023-09-17 01:29 - 2021-05-01 05:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-17 01:29 - 2021-05-01 05:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-16 22:17 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-16 22:17 - 2016-03-05 21:23 - 000000000 ____D C:\Users\William Harris\AppData\Local\ClassicShell
2023-09-16 22:05 - 2016-03-04 22:58 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-16 21:26 - 2023-03-09 17:01 - 000002680 _____ C:\WINDOWS\system32\Tasks\BorderlessGaming
2023-09-16 21:26 - 2022-10-22 23:43 - 000003114 _____ C:\WINDOWS\system32\Tasks\EPSON WF-3620 Series Update {07A2BB10-C9FF-4551-AC8D-DBDA40D9311A}
2023-09-16 21:26 - 2021-12-13 17:09 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2429930631-2168461832-2155636815-1001
2023-09-16 21:26 - 2021-10-11 19:44 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:44 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-10-11 19:43 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:26 - 2021-05-01 05:46 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-16 21:26 - 2021-05-01 05:46 - 000003356 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-16 21:26 - 2021-05-01 05:46 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-16 21:26 - 2021-05-01 05:46 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2023-09-16 21:26 - 2021-05-01 05:46 - 000003132 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-16 21:26 - 2021-05-01 05:46 - 000003114 _____ C:\WINDOWS\system32\Tasks\MSI_Help_Desk_Agent
2023-09-16 21:26 - 2021-05-01 05:46 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2429930631-2168461832-2155636815-1001
2023-09-16 21:26 - 2021-05-01 05:46 - 000002502 _____ C:\WINDOWS\system32\Tasks\MSI_Dragon Gaming Center
2023-09-16 21:26 - 2021-05-01 05:46 - 000002418 _____ C:\WINDOWS\system32\Tasks\RTSS
2023-09-16 21:26 - 2021-05-01 05:46 - 000002412 _____ C:\WINDOWS\system32\Tasks\NahimicMSIUILauncherRun
2023-09-16 21:26 - 2021-05-01 05:46 - 000002400 _____ C:\WINDOWS\system32\Tasks\NahimicMSIsvc64Run
2023-09-16 21:26 - 2021-05-01 05:46 - 000002392 _____ C:\WINDOWS\system32\Tasks\NahimicMSIsvc32Run
2023-09-16 21:26 - 2021-05-01 05:46 - 000002242 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2023-09-16 21:26 - 2021-05-01 05:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2023-09-16 19:18 - 2023-01-21 05:42 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-15 16:51 - 2021-01-15 16:54 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-09-12 19:31 - 2016-03-01 21:09 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-12 19:31 - 2016-03-01 21:09 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-12 15:57 - 2016-03-01 21:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-12 15:51 - 2016-03-01 21:59 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-10 23:47 - 2019-07-02 23:48 - 000000000 ____D C:\Users\William Harris\AppData\Local\D3DSCache
2023-09-10 23:46 - 2022-08-08 23:57 - 000000000 ____D C:\Users\William Harris\AppData\Roaming\tits
2023-09-09 16:45 - 2021-05-01 05:22 - 000002420 _____ C:\Users\William Harris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-05 23:52 - 2020-09-30 23:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-04 09:52 - 2019-06-26 02:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-04 09:40 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-04 09:40 - 2016-03-01 22:53 - 000918960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-09-04 00:32 - 2021-05-01 05:36 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-04 00:32 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-01 19:58 - 2020-08-15 21:49 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-01 19:58 - 2019-07-06 21:05 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-01 19:55 - 2018-02-09 22:08 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-31 23:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-31 23:20 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-08-31 20:15 - 2021-11-05 09:50 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-08-31 19:19 - 2018-02-16 20:26 - 000083430 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2023-08-31 18:02 - 2023-02-14 23:53 - 000705480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000559184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000319568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000297880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000272576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-08-31 18:02 - 2023-02-14 23:53 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-08-31 18:02 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-31 18:01 - 2023-02-14 23:53 - 000946160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-08-31 18:01 - 2023-02-14 23:53 - 000392880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-08-31 18:01 - 2023-02-14 23:53 - 000238496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-08-31 18:01 - 2023-02-14 23:53 - 000031528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-08-30 22:54 - 2023-02-23 23:58 - 000000000 ____D C:\Users\William Harris\Documents\PPSSPP
2023-08-26 00:21 - 2021-05-01 05:22 - 000000000 ____D C:\Users\William Harris
2023-08-22 19:16 - 2021-08-04 00:07 - 000000000 ____D C:\Users\William Harris\AppData\Roaming\steelseries-gg-client
==================== Files in the root of some directories ========
2016-03-07 22:50 - 2016-03-07 22:54 - 000000567 _____ () C:\Users\William Harris\AppData\Roaming\burnaware.ini
2023-02-11 19:29 - 2023-02-11 19:29 - 000000025 _____ () C:\Users\William Harris\AppData\Roaming\EV Nova License.lcs
2023-02-11 19:29 - 2023-02-11 19:35 - 000000140 _____ () C:\Users\William Harris\AppData\Roaming\EV Nova Prefs.prf
2017-11-24 23:31 - 2023-04-28 12:58 - 000000509 _____ () C:\Users\William Harris\AppData\Roaming\SineMoraEX.dat
2023-01-06 21:36 - 2023-01-06 21:36 - 000000218 _____ () C:\Users\William Harris\AppData\Local\recently-used.xbel
2016-11-24 19:06 - 2023-04-25 19:49 - 000007627 _____ () C:\Users\William Harris\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2023
Ran by William H. Harris II (17-09-2023 16:55:31)
Running from C:\Users\William Harris\Desktop
Microsoft Windows 10 Home Version 21H2 19044.3086 (X64) (2021-05-01 09:47:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2429930631-2168461832-2155636815-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2429930631-2168461832-2155636815-503 - Limited - Disabled)
Guest (S-1-5-21-2429930631-2168461832-2155636815-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2429930631-2168461832-2155636815-504 - Limited - Disabled)
William H. Harris II (S-1-5-21-2429930631-2168461832-2155636815-1001 - Administrator - Enabled) => C:\Users\William Harris
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Afterlife (HKLM-x32\...\1425308948_is1) (Version: 2.0.0.4 - GOG.com)
ArmageddonEmpires (HKLM-x32\...\{CC31A34E-1874-4A9C-BA89-2F5A1DEE6990}) (Version: - )
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.28.1 - Asmedia Technology)
AudioFXSetup (HKLM\...\{E1B6E9E2-75EF-4875-A12B-69AE6D95223F}) (Version: 1.2.701 - Nahimic) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.8.6078 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Avernum 2: Crystal Souls (HKLM-x32\...\1420648481_is1) (Version: 1.0.1 - GOG.com)
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\1207666373_is1) (Version: 2.6.6.0 - GOG.com)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\1207666353_is1) (Version: 2.6.6.0 - GOG.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.7.0.762 - Bandicam.com)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\1752654506_is1) (Version: 1.0.1643565 - GOG.com)
BioShock Remastered (HKLM-x32\...\1439656515_is1) (Version: 1.0.122872 - GOG.com)
Boot Configure (HKLM-x32\...\{2C7463BE-0672-4910-9D28-0A90C05884B5}) (Version: 20.015.08254 - Micro-Star International Co., Ltd.)
Borderlands Advanced Settings (HKLM-x32\...\{51D21612-30A7-441F-92E7-EF8ECCE344C8}) (Version: 1.0.0 - Microsoft)
Brigador: Up-Armored Edition (HKLM-x32\...\1356485086_is1) (Version: v1.65b - GOG.com)
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1509.201 - Application)
Butcher (HKLM-x32\...\1689871374_is1) (Version: W.I.M.P (gog-10) - GOG.com)
Chaos on Deponia (HKLM-x32\...\1207659124_is1) (Version: 3.3.2351 - GOG.com)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Clive Barker's Undying (HKLM-x32\...\1207659191_is1) (Version: 1.1 hotfix - GOG.com)
Command & Conquer Tiberian Sun (HKLM-x32\...\{F6D851AD-0C2D-4767-A807-C5A8501B54C3}_is1) (Version: 3.0 Beta 12 Revision 3 - Command & Conquer Communications Center)
D2SE V2.2.0 (HKLM-x32\...\{65B43D6A-6B8F-46F1-8362-7985822F3A80}_is1) (Version: 2.2.0 - Seltsamuel)
Dark Sun: Shattered Lands (HKLM-x32\...\1432723859_is1) (Version: 1.1 CS - GOG.com)
Day of the Tentacle Remastered (HKLM-x32\...\1456922969_is1) (Version: 1.3.11 (
- GOG.com)Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Diablo (HKLM-x32\...\1412601690_is1) (Version: 1.09 Hellfire v2 - GOG.com)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.)
DVDStyler v3.0.4 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.20.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version: - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Eye of the Beholder (HKLM-x32\...\1432575012_is1) (Version: 1.7 - GOG.com)
flexible survival (HKLM-x32\...\{2BBB34C9-5861-468B-945A-54119536DD1F}) (Version: 1.0.826 - Silver Games LLC)
Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 1.0.1 Unity - GOG.com)
Gargoyle (HKLM-x32\...\Gargoyle) (Version: - )
Geneforge 2 (HKLM-x32\...\1207662933_is1) (Version: 1.0.2g - GOG.com)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.68.112 - GOG.com)
GOG.com Planescape Torment (HKLM\...\{8f376ce2-c213-4a6c-a329-0b2a7eb2bad8}.sdb) (Version: - )
GonVisor 2.58.01 (HKLM-x32\...\GonVisor_is1) (Version: - GON)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Hard West (HKLM-x32\...\1442827661_is1) (Version: 1.5 - GOG.com)
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
Heretic: Shadow of the Serpent Riders (HKLM-x32\...\1290366318_is1) (Version: 1.3 - GOG.com)
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
HeXen: Beyond Heretic (HKLM-x32\...\1247951670_is1) (Version: 1.1 - GOG.com)
HoloCureLauncher (HKLM\...\{1D9D1218-5244-4C84-902A-DD9F91B92C3C}) (Version: 1.0.2 - HoloCure)
I Have No Mouth, and I Must Scream (HKLM-x32\...\1207659593_is1) (Version: gog-2 - GOG.com)
Intel® Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{5BD7E621-9791-4D9F-A620-1BA51153B749}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{A53B7EAB-86BD-4F16-8C44-011B1376326A}) (Version: 11.0.0.1162 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{555B1C57-E71B-4775-BC1D-627EEF693F0D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{205AE40D-8AD7-4F29-A430-DD2168DA562D}) (Version: 14.5.0.1081 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{31C74FA2-2AB9-41C3-BFBE-693283E4C28B}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7832532d-1bf9-4018-a433-5ffdeec9a3e6}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{6B153C64-8B8F-46D6-957C-F27E82B3C5C0}) (Version: 20.0.0.1135 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
Iratus: Lord of the Dead - Supporter Pack (HKLM-x32\...\1098351753_is1) (Version: 181.13.00 - GOG.com)
Iratus: Lord of the Dead (HKLM-x32\...\1447412730_is1) (Version: 181.13.00 - GOG.com)
IZArc 4.5 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.5 - Ivan Zahariev)
KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.)
K-Lite Codec Pack 12.0.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.1 - KLCP)
La Mulana (HKLM-x32\...\1207659117_is1) (Version: 2.1.0.12 - GOG.com)
LauncherSetup (HKLM\...\{B76D1CC1-596E-43C2-B33F-7CEECA30534C}) (Version: 1.2.701 - Nahimic) Hidden
Legend of Grimrock (HKLM-x32\...\1207659016_is1) (Version: 1.3.7 - GOG.com)
LibreOffice 7.5.4.2 (HKLM\...\{B8BF99B6-750E-45C5-A07D-AF394E5B6139}) (Version: 7.5.4.2 - The Document Foundation)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Master of Orion (Classic) (HKLM-x32\...\1207661623_is1) (Version: 1.3 - GOG.com)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 1.40b - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\OneDriveSetup.exe) (Version: 23.174.0820.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 1.3.519 - Portrait Displays, Inc.)
Myst Masterpiece Edition (HKLM-x32\...\1207658818_is1) (Version: 1.0 SVM update 4 - GOG.com)
Nahimic for MSI (HKLM-x32\...\{177bcc7b-c662-4b70-adc1-07c2460e36f6}) (Version: 1.2.7 - Nahimic)
NEO Scavenger (HKLM-x32\...\1207667263_is1) (Version: 2.8.0.9 - GOG.com)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.9 - Notepad++ Team)
Nox (HKLM-x32\...\1207658964_is1) (Version: 2.1.0.20 - GOG.com)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Graphics Driver 536.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paradox Launcher v2 (HKLM\...\{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 - Paradox Interactive)
Penumbra Black Plague (HKLM-x32\...\{5052F2A7-5DDE-47F5-BF29-673C10F3DA87}_is1) (Version: 1.0 - Frictional Games)
Penumbra Episode 1 (HKLM-x32\...\{2EF0D7ED-F944-4E0D-AC78-7DA00C0B81E4}_is1) (Version: 1.0 - Frictional Games)
Planescape: Torment Enhanced Edition (HKLM-x32\...\1132393016_is1) (Version: 3.1.4.0 - GOG.com)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: v14.03 - )
Populous 2 (HKLM-x32\...\1207658981_is1) (Version: 1.0 - GOG.com)
PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.14.4.0 - PPSSPP Team)
ProductDaemonSetup (HKLM\...\{550B8869-94C1-4AE4-8C91-50916008AB37}) (Version: 1.2.701 - Nahimic) Hidden
Quest 5.6.2 (HKLM-x32\...\Quest_is1) (Version: 5.6.2 - Alex Warren)
Quod Libet - Music Library / Editor / Player (HKLM\...\Quod Libet) (Version: 4.5.0 - The Quod Libet Development Community)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Rosalie's Mupen GUI version v0.4.5 (HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\{AD31B3C7-8374-43D0-9C6C-81A01BE4822B}_is1) (Version: v0.4.5 - Rosalie)
Sam and Max Hit the Road (HKLM-x32\...\1207666303_is1) (Version: 1.0 - GOG.com)
SCM (HKLM\...\{64218232-E7E7-4A82-A822-26925AED1CC8}) (Version: 13.015.09115 - Application)
ScriptPlayer version 1.1.0.261 (HKLM-x32\...\{6F331F84-6C70-4E9F-AAFF-8527663E68A5}_is1) (Version: 1.1.0.261 - FredTungsten)
Shadowgate (HKLM-x32\...\1207665823_is1) (Version: 2.2.0.7 - GOG.com)
Shadowrun Returns (HKLM-x32\...\1207660413_is1) (Version: 1.2.7 (A) - GOG.com)
Sine Mora EX (HKLM-x32\...\2001892744_is1) (Version: 1.0.1 - GOG.com)
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 2.0.1508.1001 - Application)
Solium Infernum (HKLM-x32\...\{203F2870-8644-4972-9E14-9E191A6C09C0}) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.9.82.0 - Safer-Networking Ltd.)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.4 - Safer-Networking Ltd.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 46.0.0 (HKLM\...\SteelSeries GG) (Version: 46.0.0 - SteelSeries ApS)
Sunless Sea (HKLM-x32\...\1421064427_is1) (Version: 2.2.11.3212 - GOG.com)
Sunless Sea: Zubmariner (HKLM-x32\...\1467270402_is1) (Version: 2.2.11.3212 - GOG.com)
Sunless Sea: Zubmariner (HKLM-x32\...\1592527019_is1) (Version: V2.2.7.3165 - GOG.com)
SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
Symphony (HKLM-x32\...\1207659079_is1) (Version: 2.3.0.14 - GOG.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.6.1 - Synaptics Incorporated)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Titan Quest - Anniversary Edition (HKLM-x32\...\1196955511_is1) (Version: 2.10.6 - GOG.com)
Torchlight (HKLM-x32\...\1207659069_is1) (Version: 1.15(A) - GOG.com)
Torchlight (HKLM-x32\...\GOGPACKTORCHLIGHT_is1) (Version: 2.0.0.12 - GOG.com)
TRON 2.0 v1.042 Update (HKLM-x32\...\TRON 2.0 v1.042 Update) (Version: - )
Turok 2: Seeds of Evil (HKLM-x32\...\1410768011_is1) (Version: 1.5.9.1 - GOG.com)
TweakUAC (HKLM-x32\...\TweakUAC_is1) (Version: 1.1 - WinAbility Software Corp.)
UIInstallUpgrade (HKLM\...\{CE9EF2BA-F1BA-4233-8C78-10AB4DCF49A8}) (Version: 1.2.701 - Nahimic) Hidden
Ultima IV - Quest of the Avatar (HKLM-x32\...\1207662433_is1) (Version: 1.0 CS - GOG.com)
Ultima Savegame Editor (HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\Ultima Savegame Editor) (Version: - )
Ultima Underworld (HKLM-x32\...\1207662463_is1) (Version: 1.0 CS - GOG.com)
Ultima V - Warriors of Destiny (HKLM-x32\...\1207662443_is1) (Version: 1.0 CS - GOG.com)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
XSplit Gamecaster (HKLM-x32\...\{D7BEC6E9-5E86-44FF-AA21-23DA71ED676B}) (Version: 2.4.1506.1243 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2163.0_x64__rh07ty8m5nkag [2019-06-26] (Rivet Networks LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-09] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-20] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-21] (Microsoft Studios) [MS Ad]
Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.1.20151.0_x64__8wekyb3d8bbwe [2023-03-09] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-C5ACADBEC7AE}\InprocServer32 -> D:\Storage\TiTS\Locale.Emulator.2.4.0.0\LEContextMenuHandler.DLL (Paddy Xu) [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-07-15] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2019-03-18] () [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2019-03-18] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_3583fda5ef1eb1bb\nvshext.dll [2023-06-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\William Harris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\57572ccfe2ab9598\FaxanaduRemastered.lnk -> C:\Users\William Harris\Desktop\Faxanadu 2.6 win64\Faxanadu Start.exe (The NWJS Community) -> --user-data-dir="C:\Users\William Harris\AppData\Local\FaxanaduRemastered\User Data" --profile-directory=Default --app-id=pkaeohpgcndgpjbaloocbofbimfgpmba
==================== Loaded Modules (Whitelisted) =============
2023-02-15 18:44 - 2023-02-15 18:44 - 000625664 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\PlugIns\Client\OverlayEditor.dll
2023-03-14 11:57 - 2023-03-14 11:57 - 000058368 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2023-03-14 11:57 - 2023-03-14 11:57 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2023-03-14 11:57 - 2023-03-14 11:57 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-06-23 19:00 - 2015-06-23 19:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2015-06-23 19:00 - 2015-06-23 19:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2014-01-22 13:44 - 2014-01-22 13:44 - 000075912 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> ) [File not signed] C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2015-09-11 17:34 - 2015-09-11 17:34 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000098304 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2016-06-29 20:37 - 2020-12-08 01:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2016-06-29 20:37 - 2020-12-07 12:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2016-06-29 20:36 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2016-06-29 20:36 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2016-06-29 20:37 - 2020-12-08 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2022-06-09 17:24 - 2021-06-19 01:55 - 001079909 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2022-06-09 17:24 - 2018-11-22 16:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
2022-06-09 17:24 - 2018-11-22 16:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\William Harris\Desktop\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\William Harris\Desktop\FRST64.exe:MBAM.Zone.Identifier [240]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem15.msn.com/?pc=NMTE
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001 -> {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7942 more sites.
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\123simsen.com -> www.123simsen.com
There are 7947 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 07:04 - 2023-09-17 01:34 - 000455314 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15615 more lines.
2023-04-28 00:13 - 2023-04-28 00:13 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\GTK\2.0\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\Control Panel\Desktop\\Wallpaper -> c:\users\william harris\pictures\desktops\99.jpg
DNS Servers: 192.168.254.254 - 207.91.5.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "NahimicMSIUILauncher"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2429930631-2168461832-2155636815-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6454A3256F3E547D70E845B2235126AB"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{EFD3B949-48E1-49A2-A961-230755246067}C:\program files (x86)\steam\steamapps\common\nightmare reaper\myproject\binaries\win64\myproject-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\nightmare reaper\myproject\binaries\win64\myproject-win64-shipping.exe (Blazing Bit Games) [File not signed]
FirewallRules: [TCP Query User{AEFF142F-0A36-47D2-9FBA-9BAE8DEC1F8D}C:\program files (x86)\steam\steamapps\common\nightmare reaper\myproject\binaries\win64\myproject-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\nightmare reaper\myproject\binaries\win64\myproject-win64-shipping.exe (Blazing Bit Games) [File not signed]
FirewallRules: [{EC347D11-09F7-4CC6-B459-BB1C305F09FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nightmare Reaper\NightmareReaper.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5D8985B8-E9E1-4C4F-8B47-DE21F14F053E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nightmare Reaper\NightmareReaper.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{CEE004B7-9947-4A06-A3A0-CF6F5E7D3B67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{DF7F3A40-9D77-420E-83A5-9ED35A3457DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{B07E27E1-31B8-4D1B-A39A-B7F255348A36}] => (Allow) D:\SteamLibrary\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [{A3CCAF7D-22C8-4B8A-9BDF-312193CC253B}] => (Allow) D:\SteamLibrary\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [UDP Query User{690081E3-9793-49AA-9139-9008A4533607}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [TCP Query User{FC4C6182-B9D7-4C03-8D16-F010045A3E94}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [UDP Query User{BBCE91A1-130F-4523-9A9A-FDD55D922B42}D:\steamlibrary\steamapps\common\amid evil\amidevil\binaries\win64\amidevil-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\amid evil\amidevil\binaries\win64\amidevil-win64-shipping.exe (INDEFATIGABLE) [File not signed]
FirewallRules: [TCP Query User{635CE562-2763-481C-8F4D-0C35502961F2}D:\steamlibrary\steamapps\common\amid evil\amidevil\binaries\win64\amidevil-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\amid evil\amidevil\binaries\win64\amidevil-win64-shipping.exe (INDEFATIGABLE) [File not signed]
FirewallRules: [{BF3947CF-B9E9-43E9-9172-E154EBBC4554}] => (Allow) D:\SteamLibrary\steamapps\common\Amid Evil\AmidEvil.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{359C6102-B440-48EB-8EDC-9109C2C93417}] => (Allow) D:\SteamLibrary\steamapps\common\Amid Evil\AmidEvil.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{586B5205-3833-4DF0-B73D-B3B89AFD1C04}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{184BEA92-5532-47BF-9272-2A7840ED4F54}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{3F2E408C-2709-4FA4-AB18-15AD9CD6F210}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\gemini_rue_pc.exe => No File
FirewallRules: [{3F93B9ED-4839-4AE5-B25B-2A2C3496B791}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\gemini_rue_pc.exe => No File
FirewallRules: [{12DAEB1B-4289-4A29-B0F8-00C3AE5BA3AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blasphemous\Blasphemous.exe () [File not signed]
FirewallRules: [{309A8AB0-5ABC-4333-B816-0EFCE6E100DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blasphemous\Blasphemous.exe () [File not signed]
FirewallRules: [UDP Query User{C52F72F4-719F-4C07-A3E4-EFF197169FB7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{31E9FCFF-9978-455F-96D4-0D1B9C5B525A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{8E3E4AA1-8BE6-49F8-828C-B2EE4A17E245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{F51AEFF0-47EE-469A-BBD2-1469C9245265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{D088357C-1481-4A65-A216-E00BF0625941}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [File not signed]
FirewallRules: [{9B83B28F-CA99-4990-BB3C-34E6318650C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [File not signed]
FirewallRules: [{1ABCFCC9-DCB2-46C7-80BA-B88049320E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{827EE9C4-5989-4DA1-975D-859275DCF588}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{FB6CB32E-8A2F-4345-89B0-4F8C9B7EB73A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{66A4E991-A8DB-4E5C-9469-4AA05D8C2989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{4A9498B5-99B9-4204-BF4B-E9BEFC0FC108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe () [File not signed]
FirewallRules: [{F4A26050-ED09-43F8-B0B4-660D90753B80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe () [File not signed]
FirewallRules: [{A371FBF4-A895-48DA-8CD0-8FD215FF7CF4}] => (Allow) D:\SteamLibrary\steamapps\common\Hand of Fate 2\Hand of Fate 2.exe () [File not signed]
FirewallRules: [{F923E310-2647-4895-A844-1A8CAA13E990}] => (Allow) D:\SteamLibrary\steamapps\common\Hand of Fate 2\Hand of Fate 2.exe () [File not signed]
FirewallRules: [UDP Query User{B5AFE6E4-F27C-40ED-BA57-556DE16D5A73}D:\steamlibrary\steamapps\common\uplink\uplink.exe] => (Allow) D:\steamlibrary\steamapps\common\uplink\uplink.exe (Introversion Software) [File not signed]
FirewallRules: [TCP Query User{2F3D5412-2069-4ADE-B940-A6E1383F5AB5}D:\steamlibrary\steamapps\common\uplink\uplink.exe] => (Allow) D:\steamlibrary\steamapps\common\uplink\uplink.exe (Introversion Software) [File not signed]
FirewallRules: [{A15D3964-A1AE-41DE-892D-D93D1CC80669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sunless Skies\Sunless Skies.exe () [File not signed]
FirewallRules: [{2CBFEE8C-397A-41C5-9F22-6675F9A302EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sunless Skies\Sunless Skies.exe () [File not signed]
FirewallRules: [UDP Query User{7AF3A452-5245-4374-8834-BCB8A5171A8B}D:\gog games\magrunner - dark pulse\binaries\win32\magrunner.exe] => (Allow) D:\gog games\magrunner - dark pulse\binaries\win32\magrunner.exe => No File
FirewallRules: [TCP Query User{EC111632-551D-414F-9009-531B94FF6532}D:\gog games\magrunner - dark pulse\binaries\win32\magrunner.exe] => (Allow) D:\gog games\magrunner - dark pulse\binaries\win32\magrunner.exe => No File
FirewallRules: [{A338D10C-C87D-4023-8B20-A3541441693B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{EA555202-CBB4-4BBE-B18D-160F7BFE8CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [UDP Query User{227ABAB7-17C8-460D-869D-F48542E59072}D:\gog galaxy\games\submarine titans\st.exe] => (Allow) D:\gog galaxy\games\submarine titans\st.exe => No File
FirewallRules: [TCP Query User{4EE4442D-C59B-4A49-8125-5382BFCA3759}D:\gog galaxy\games\submarine titans\st.exe] => (Allow) D:\gog galaxy\games\submarine titans\st.exe => No File
FirewallRules: [{B64B1B40-BB14-4E45-A671-BDB73D12E215}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{976FBA55-E6D9-4775-8E2F-7197D730DB00}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{0A8DE3BE-E34C-4A7C-9590-98867E9C6859}] => (Allow) D:\GOG Galaxy\Games\Diablo\Diablo.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{8A3F3E5D-3E8F-45C2-A323-7ED1372C56C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{8D05CC11-27F5-48E1-AEAC-4041DCA51C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [UDP Query User{27AB4F7E-586E-40AC-A3DA-CB25C1FCEC13}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0B5DE607-7138-40BD-A961-1B19D56101D0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B0FA3C33-BA13-4D0C-9DE4-90D74ED93528}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{DBC42117-2301-4E72-ADCA-59017E237EF9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{A10C1AAC-98E4-4BEB-B7A5-51F97881CE10}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{87ACF2A3-8D23-4E1B-B839-43676C3F12C8}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A30B650E-E243-4336-930C-B6E2DD639C0E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2CFC39DE-A707-41E6-B5CE-6E79558F62FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{B0197946-C72C-48A6-9832-82319BA7EF64}C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe => No File
FirewallRules: [UDP Query User{140A812E-476B-48F2-88E2-85271605B1F3}C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base84643\sc2_x64.exe => No File
FirewallRules: [{436FDA85-93D3-4E43-8B77-5E5B16BFF1BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{B7AE61B6-02E1-4BE6-9F1C-DF6291D7246B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cultist Simulator\cultistsimulator.exe () [File not signed]
FirewallRules: [{F34A3923-5AE7-4646-B8AF-3C4A92E8E6F1}] => (Allow) D:\SteamLibrary\steamapps\common\DemonsTilt\DEMON'S TILT.exe () [File not signed]
FirewallRules: [{47EEE334-03FC-474F-98BC-A43B846B7242}] => (Allow) D:\SteamLibrary\steamapps\common\DemonsTilt\DEMON'S TILT.exe () [File not signed]
FirewallRules: [{E6A889D1-01DC-4B17-91D0-0454D82B06DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{CD0626A1-9293-41DA-9DFA-29224C7FE115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{1DBE3AD1-6E39-4272-8ED0-ECD7BF55BDFB}] => (Allow) D:\SteamLibrary\steamapps\common\SNKRX\SNKRX.exe () [File not signed]
FirewallRules: [{EEDE1E63-E112-4116-9B65-338EEEC5C06C}] => (Allow) D:\SteamLibrary\steamapps\common\SNKRX\SNKRX.exe () [File not signed]
FirewallRules: [{068316E9-C467-4C07-96C7-C8E9D484E7F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{6FB8269A-D9BE-4979-ACC9-899E042CBDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{C01F5F3D-1517-47E2-9E53-FCFCEB17CD93}] => (Allow) D:\GOG Galaxy\Games\Diablo\Diablo.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{539DCA71-ACBE-4AEE-A0BC-8DF298EC7308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Realms\cr.exe () [File not signed]
FirewallRules: [{D8C81458-E7FC-44E5-AB99-9B57B21CCB09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Realms\cr.exe () [File not signed]
FirewallRules: [{0097ADCC-1B7D-40FC-B738-F5F88F54327D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [{2AF9EB32-4849-4C91-8348-5EC7A9241450}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [TCP Query User{7F74E82E-60E4-4DC8-B3B8-D54EDBD398D4}D:\gog galaxy\games\populous 2\dosbox\dosbox.exe] => (Allow) D:\gog galaxy\games\populous 2\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{25E49CAE-12EB-4E9C-B612-8D49D0D482B0}D:\gog galaxy\games\populous 2\dosbox\dosbox.exe] => (Allow) D:\gog galaxy\games\populous 2\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{1755A5D8-DA9D-40E5-AD63-30E8A3A4EF4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe (Axiom Verge) [File not signed]
FirewallRules: [{EA4E1D30-9783-439B-8419-D81AD89DF2AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe (Axiom Verge) [File not signed]
FirewallRules: [{C908AD1A-18D9-4574-B06D-6ECC050B7F0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe (Supergiant Games, LLC) [File not signed]
FirewallRules: [{B040A13B-5B4A-48DA-9C7D-7A99DCC7D712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe (Supergiant Games, LLC) [File not signed]
FirewallRules: [{689EC300-E76F-429D-855E-2F7C73B6CEC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F6D3E191-9DDA-4395-BD7D-310EE101F8D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C9C48A83-E600-499E-8CC4-1CC4C0196F7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inscryption\Inscryption.exe () [File not signed]
FirewallRules: [{8F1850D4-7049-489E-9127-F3FFA05E478B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inscryption\Inscryption.exe () [File not signed]
FirewallRules: [{FB73B386-A546-44CF-8E23-4E94ACB44630}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{4C688305-6527-4B49-A793-74172C2B9788}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{D2EA6B96-55C8-445E-B505-9DFFA1BE1C88}] => (Allow) D:\SteamLibrary\steamapps\common\Prey\prey.exe (Human Head Studios) [File not signed]
FirewallRules: [{00081C85-9DB0-4A39-8F06-0CF5A9B4707B}] => (Allow) D:\SteamLibrary\steamapps\common\Prey\prey.exe (Human Head Studios) [File not signed]
FirewallRules: [{94E561E0-7936-4D94-87A3-90D29FF91999}] => (Allow) D:\SteamLibrary\steamapps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{09A7993C-6902-43B0-B672-8EB5B235CC47}] => (Allow) D:\SteamLibrary\steamapps\common\Cave Story+\CaveStory+.exe () [File not signed]
FirewallRules: [{777DF693-FE4F-476E-B4FB-95C4D9FB352A}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe () [File not signed]
FirewallRules: [{09F5C520-A66F-4E39-886B-53480D3B9119}] => (Allow) D:\SteamLibrary\steamapps\common\Momodora RUtM\MomodoraRUtM.exe () [File not signed]
FirewallRules: [{0E9345F6-D4DC-47B8-A226-6B434AFA1BEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Door CE\The Last Door CE.exe () [File not signed]
FirewallRules: [{3498A01E-02C5-412E-A7F2-879691FA8D30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Door CE\The Last Door CE.exe () [File not signed]
FirewallRules: [{0C38EB37-9802-4132-94C5-C2EC123F79D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [File not signed]
FirewallRules: [{32CAB813-9663-4CB5-BEA3-164BA32150E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [File not signed]
FirewallRules: [{A877C9B7-F344-437F-852B-902A01479890}] => (Allow) D:\SteamLibrary\steamapps\common\The Hex\TheHex.exe () [File not signed]
FirewallRules: [{8BD27A71-5284-48B3-9CA3-717B075DF735}] => (Allow) D:\SteamLibrary\steamapps\common\The Hex\TheHex.exe () [File not signed]
FirewallRules: [{F21D4456-B22C-424B-BE23-666A06B9E40D}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\Gemini Rue.exe (TheJBurger) [File not signed]
FirewallRules: [{5DF48075-411F-4938-8DD0-AC9B1FA4E764}] => (Allow) D:\SteamLibrary\steamapps\common\Gemini Rue\Gemini Rue.exe (TheJBurger) [File not signed]
FirewallRules: [{382624E4-E3D5-4E81-97B4-933A59EB029D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake\glquake.exe () [File not signed]
FirewallRules: [{95113982-CF73-488C-B284-D726497461E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake\glquake.exe () [File not signed]
FirewallRules: [{D49A4E54-A13D-40F4-8856-66FF9275F526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Silver Case\TheSilverCase.exe () [File not signed]
FirewallRules: [{061C4CC8-58E0-4C10-B04E-4FCD1CD25844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Silver Case\TheSilverCase.exe () [File not signed]
FirewallRules: [{F4654CA7-8897-4CC2-8B81-42F5D13A3C95}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{BBB5000A-F736-4F44-A2AA-A4CD700FADBE}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{FD8C89F0-7F51-442B-998D-62528721B888}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{6BA37AA3-9414-4584-B1C5-7D54A1AA0273}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [TCP Query User{147A4523-F836-4CDC-8427-6B948B7078E0}D:\steamlibrary\steamapps\common\return to castle wolfenstein\realrtcw.x64.exe] => (Allow) D:\steamlibrary\steamapps\common\return to castle wolfenstein\realrtcw.x64.exe () [File not signed]
FirewallRules: [UDP Query User{EBEA4935-C888-465E-B860-6FB44520C897}D:\steamlibrary\steamapps\common\return to castle wolfenstein\realrtcw.x64.exe] => (Allow) D:\steamlibrary\steamapps\common\return to castle wolfenstein\realrtcw.x64.exe () [File not signed]
FirewallRules: [TCP Query User{4494C292-F68A-44F3-8AE2-6C3A2B3A26EE}D:\aleph one\marathon\marathon.exe] => (Allow) D:\aleph one\marathon\marathon.exe () [File not signed]
FirewallRules: [UDP Query User{A79CA098-22E1-495F-B646-FA3E7931BA07}D:\aleph one\marathon\marathon.exe] => (Allow) D:\aleph one\marathon\marathon.exe () [File not signed]
FirewallRules: [{7B9FB266-A4A0-42E8-8A64-90859C487721}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\West of Loathing\West of Loathing.exe () [File not signed]
FirewallRules: [{FFC07205-8CAC-43F0-91E3-D71C03A44E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\West of Loathing\West of Loathing.exe () [File not signed]
FirewallRules: [{6098F1B0-929F-4226-869A-09AB5CCE0FBF}] => (Allow) D:\SteamLibrary\steamapps\common\Uplink\Uplink.exe (Introversion Software) [File not signed]
FirewallRules: [{0D9C069A-6EBC-4201-99A7-6A2DC5FCA209}] => (Allow) D:\SteamLibrary\steamapps\common\Uplink\Uplink.exe (Introversion Software) [File not signed]
FirewallRules: [{38CC93DE-B272-4D0D-911F-85F32880F298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SRW30\srw30.exe () [File not signed]
FirewallRules: [{A49FA4BF-84F2-4F61-9612-F911357D5317}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SRW30\srw30.exe () [File not signed]
FirewallRules: [{B1B36346-C89A-44DE-BA12-72F319441498}] => (Allow) D:\SteamLibrary\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{1786CFE0-2F33-4837-9F7E-2F810935029C}] => (Allow) D:\SteamLibrary\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [TCP Query User{287955FE-44FA-408C-BBFA-95EE6AFE84F8}D:\storage\opennox-v1.8.9\opennox-hd.exe] => (Allow) D:\storage\opennox-v1.8.9\opennox-hd.exe => No File
FirewallRules: [UDP Query User{67A3DDBB-1165-4AE6-8BC3-00BC1E25BA3D}D:\storage\opennox-v1.8.9\opennox-hd.exe] => (Allow) D:\storage\opennox-v1.8.9\opennox-hd.exe => No File
FirewallRules: [{7AB87719-67AC-4DFD-9D47-F3095EA41BB4}] => (Allow) D:\SteamLibrary\steamapps\common\Door in the Woods\Door in the Woods.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [{5E6BCA74-D164-4A21-A58C-95D861CFCB4E}] => (Allow) D:\SteamLibrary\steamapps\common\Door in the Woods\Door in the Woods.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [{73CEE90D-D2F3-4223-A845-B3169BBFD1AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\20MinuteTillDawn\MinutesTillDawn.exe () [File not signed]
FirewallRules: [{B22CAA08-419A-4FB2-BC21-770A7A8F35EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\20MinuteTillDawn\MinutesTillDawn.exe () [File not signed]
FirewallRules: [{0C0E00D1-A571-443A-AB9C-3C7F704B2B29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake\rerelease\Quake_x64_steam.exe () [File not signed]
FirewallRules: [{E6E901AD-1AC9-4AA3-9B12-BCF439A5F473}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake\rerelease\Quake_x64_steam.exe () [File not signed]
FirewallRules: [{33FB2DBF-A97E-4179-BD77-97A57D852D60}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{946C24BF-75C2-4B28-9A4D-12CAEC040435}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{67E21A61-2B5C-4C20-8D80-F0A3C51A6D30}] => (Allow) D:\SteamLibrary\steamapps\common\Salt and Sanctuary\salt.exe (Microsoft) [File not signed]
FirewallRules: [{BA85CB6B-D2DB-4C34-AAFF-29002609E0BA}] => (Allow) D:\SteamLibrary\steamapps\common\Salt and Sanctuary\salt.exe (Microsoft) [File not signed]
FirewallRules: [{8DDEA629-5210-4A58-A9B4-BEF92810B030}] => (Allow) D:\SteamLibrary\steamapps\common\ChromaSquad\chromasquad.exe () [File not signed]
FirewallRules: [{3D606237-5703-44CA-9A35-5C0FF6D04594}] => (Allow) D:\SteamLibrary\steamapps\common\ChromaSquad\chromasquad.exe () [File not signed]
FirewallRules: [{B9380EB4-49EC-4FAC-90E1-2942144E4398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{E6C546E3-3B18-4158-8053-0196B5218CF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{1A2036C0-4B84-481A-8451-782410821F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge 2\AxiomVerge2.exe (Thomas Happ Games LLC) [File not signed]
FirewallRules: [{A50C7783-3589-46C8-B9E4-8CAFCEEEAEFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge 2\AxiomVerge2.exe (Thomas Happ Games LLC) [File not signed]
FirewallRules: [{C7E69B33-50E1-44F3-9DFF-EDA4343ECF07}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75917D0B-7E08-4B08-98C0-7F4179728EC5}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{ABD933AA-AE3D-49A1-BD47-DC5615DB9143}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe => No File
FirewallRules: [UDP Query User{8C00FD71-36C4-4853-B757-8B60DF49C8A8}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe => No File
FirewallRules: [TCP Query User{134C16D2-5AD9-4E69-B43C-E6D1A72C9714}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe => No File
FirewallRules: [UDP Query User{930EE3DA-79B5-4D36-854F-34475F4B95B4}C:\program files (x86)\electronic arts\dead space\dead space.exe] => (Allow) C:\program files (x86)\electronic arts\dead space\dead space.exe => No File
FirewallRules: [{36866E7B-902A-4845-9916-13A0E639BEDE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [TCP Query User{5AF012C0-43FA-4CAD-B48E-FACFA34E18F8}D:\storage\downloads\unreal pt 1.0.7\unreal pt 1.0.7\pt_2\binaries\win64\pt_2.exe] => (Allow) D:\storage\downloads\unreal pt 1.0.7\unreal pt 1.0.7\pt_2\binaries\win64\pt_2.exe => No File
FirewallRules: [UDP Query User{0C8F06EF-EB22-4048-8C92-6B4832E38851}D:\storage\downloads\unreal pt 1.0.7\unreal pt 1.0.7\pt_2\binaries\win64\pt_2.exe] => (Allow) D:\storage\downloads\unreal pt 1.0.7\unreal pt 1.0.7\pt_2\binaries\win64\pt_2.exe => No File
FirewallRules: [{2EB9F59E-61B3-4292-A2E6-BDA171CD614A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Card Quest\Card Quest.exe () [File not signed]
FirewallRules: [{047984C2-A480-440C-BF86-4A252C02D4D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Card Quest\Card Quest.exe () [File not signed]
FirewallRules: [TCP Query User{933C21D0-07EA-4A50-83C6-ACF52B6C43D3}D:\ppsspp\ppssppwindows64.exe] => (Allow) D:\ppsspp\ppssppwindows64.exe (Henrik Rydgård) [File not signed]
FirewallRules: [UDP Query User{9073C41C-ADC8-498C-B0B7-E238F5977F83}D:\ppsspp\ppssppwindows64.exe] => (Allow) D:\ppsspp\ppssppwindows64.exe (Henrik Rydgård) [File not signed]
FirewallRules: [{EDA5DAE8-DF10-4ABD-A4F5-B58436F4A413}] => (Allow) D:\SteamLibrary\steamapps\common\Okami\okami.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{88480EBE-7A02-49A2-ADE7-5DF6D6B095E0}] => (Allow) D:\SteamLibrary\steamapps\common\Okami\okami.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8D73BA9C-7F39-45E1-9078-CE1F69C4CE9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe => No File
FirewallRules: [{778BA447-EC2D-40D1-BBC6-63928182120A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe => No File
FirewallRules: [{D4CAB8B4-2BE7-4A70-B697-3D62D0E91673}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blaster Master Zero 2\game.exe () [File not signed]
FirewallRules: [{01DF1ADA-F61A-4B35-ACEC-4C85AA286B60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blaster Master Zero 2\game.exe () [File not signed]
FirewallRules: [{A1D72B4D-3A81-4A70-AA28-F9F12CA7CF0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B9E0A26F-977E-4A6B-B459-C3D5DEEF174C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F0508582-6B76-4497-A200-CF902E73C064}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B0BADBCB-2E9A-476A-A4B5-258108C6CBF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{40CE16D2-08D3-472E-841B-3D89864C57FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM 3 BFG Edition\Doom3BFG.exe (id Software LLC, a ZeniMax Media company) [File not signed]
FirewallRules: [{C6D1CD9B-8E15-4170-96D9-E006C0F0332F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM 3 BFG Edition\Doom3BFG.exe (id Software LLC, a ZeniMax Media company) [File not signed]
FirewallRules: [{9E367EE4-CA92-466D-8CB9-4C4BB0468C2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{67E596F4-70EA-47ED-ABD7-50A93D4AB22C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DREDGE\DREDGE.exe () [File not signed]
FirewallRules: [{CAC24129-EB64-4C7D-AF85-D0764D30FEFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Actraiser Renaissance\ActraiserR.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX)
FirewallRules: [{E84C3FF7-9AFB-41A9-899A-F6632C58976F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Actraiser Renaissance\ActraiserR.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX)
FirewallRules: [{6074A307-CE27-4DF0-89D4-395D099AB6E1}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{28879ABF-7CBA-466A-8000-DD108361FA39}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{D735566E-D68E-4461-8E4F-18A22B2ACE22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadows Over Loathing\Shadows Over Loathing\Shadows Over Loathing.exe () [File not signed]
FirewallRules: [{F93F10F1-3F2E-4363-B427-511B83CD32C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadows Over Loathing\Shadows Over Loathing\Shadows Over Loathing.exe () [File not signed]
FirewallRules: [{05B6554B-429F-4673-8650-797C928B9B52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soulstone Survivors\Soulstone Survivors.exe () [File not signed]
FirewallRules: [{2CA73B8E-0B91-4222-A65D-4EA8BDFCA08E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soulstone Survivors\Soulstone Survivors.exe () [File not signed]
FirewallRules: [{C8380A42-DDF4-4C2C-8802-FF19607BE12B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2B590FEA-2203-4B6B-94DD-3E516F961B1C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
11-09-2023 17:01:07 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/17/2023 12:02:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/17/2023 12:02:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS_Install (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/15/2023 04:39:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/15/2023 04:39:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/15/2023 04:39:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/15/2023 04:39:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/10/2023 08:49:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/10/2023 08:48:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS_Install (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
System errors:
=============
Error: (09/17/2023 01:31:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the xTendSoftAPService service to connect.
Error: (09/17/2023 01:31:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the xTendUtilityService service to connect.
Error: (09/17/2023 01:30:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/16/2023 09:49:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (09/16/2023 09:43:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (09/15/2023 04:50:27 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (09/15/2023 04:46:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/15/2023 04:46:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Windows Defender:
================
Date: 2023-09-15 11:21:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-14 11:21:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-13 21:03:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-12 11:21:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-09-11 16:59:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2021-06-09 01:24:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.918.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-06-09 01:24:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.918.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-06-09 01:24:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.918.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-06-09 01:24:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.918.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2021-06-09 01:24:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.918.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-09-17 16:57:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-09-17 16:51:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E1795IMS.10C 12/10/2015
Motherboard: Micro-Star International Co., Ltd. MS-1795
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 16291.82 MB
Available physical RAM: 8667.73 MB
Total Virtual: 32291.82 MB
Available Virtual: 22899.05 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:563.38 GB) (Free:199.55 GB) (Model: HGST HTS721010A9E630) NTFS
Drive d: (Data) (Fixed) (Total:346.43 GB) (Free:144.49 GB) (Model: HGST HTS721010A9E630) NTFS
\\?\Volume{bd5d555f-6a06-46af-a093-6b5e50cd088c}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.29 GB) NTFS
\\?\Volume{b9ff8af7-8db0-4100-8c45-c93e99a62471}\ (BIOS_RVY) (Fixed) (Total:20.4 GB) (Free:1.53 GB) NTFS
\\?\Volume{4d90501b-7838-4984-b4f5-3589f77d6b18}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A0849373)
Partition: GPT.
==================== End of Addition.txt =======================
Attached Files
-
FRST.txt 51.81KB
2 downloads
-
Addition.txt 90.41KB
2 downloads
Edited by Oh My!, 17 September 2023 - 04:39 PM.
Back to top
to 
