I had this puter put together from one of mine and one of the guy's at the local computer shop. I then gave it to my teenage grandson who promptly messed it up. It should have plenty of power but I can't even watch Amazon on it. BTW, when I do check the task manager, if the the disk says it's using 100% but looking down through what's running, there's is nothing!!! Certainly not 100%! Thanks so much for taking a peek.
FRST LOG:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by Dee Skelley (administrator) on ORIGINALWIN10 (01-10-2024 15:32:11)
Running from C:\Users\Dee Skelley\Desktop\FRST64.exe
Loaded Profiles: Dee Skelley
Platform: Microsoft Windows 10 Home Version 22H2 19045.4957 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\mip.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RZSurroundHelper] => C:\Windows\system32\RZSurroundHelper.exe (No File)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427304 2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\Run: [MicrosoftEdgeAutoLaunch_9E06BE8F7D505564A0EB94364EDC4BA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-09-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\Razer\RzAppEngine\rzappengine.exe --application-host=apps.razer.com --start-hidden --no-sandbox --disable-gpu --disable-background-timer-throttling --disable-extensions --new-window (the data entry has 232 more characters). (No File)
HKU\S-1-5-21-2958740073-524152327-740456925-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.60\Installer\chrmstp.exe [2024-09-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {33B7B7C9-3CD0-458A-B401-727EB5B130EF} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EE42A4BD-E4D8-4276-B7D3-C57B9A7DBAA5} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5200168 2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {F6C67B18-2418-4725-9E16-3B743611C78C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {F6C67B18-2418-4725-9E16-3B743611C78C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {F6C67B18-2418-4725-9E16-3B743611C78C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {F6C67B18-2418-4725-9E16-3B743611C78C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {F6C67B18-2418-4725-9E16-3B743611C78C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {3755A0CC-2C46-4B7F-93DA-B51230CA8EDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-12] (Avast Software s.r.o. -> Avast Software)
Task: {ACE7DFD1-1D33-4F06-89BE-1455C4292002} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{46B762EC-BEF6-47D3-B083-AEE0479F82C7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {13B69687-8991-4675-9DC6-2416B3C47FA5} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\Windows\system32\clipesu.exe [221680 2024-09-28] (Microsoft Windows -> Microsoft Corporation)
Task: {9984DECB-2584-403A-8353-405534E2F6DB} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D6994431-9110-4FFC-8C13-68CA9EFAD27D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675744 2024-10-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {B48B1455-2B29-4B56-A7E0-85FD4976B0D3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2958740073-524152327-740456925-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675744 2024-10-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {D4649494-23BB-4578-834B-B4160D3B6D43} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-10-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {41683C65-1928-4C50-A838-7AB05494EFA0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DBFED809-9F40-4A00-9E4D-CDDB77C93933} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a067245a-213d-47fd-9be3-53a8d9a6aa68}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a067245a-213d-47fd-9be3-53a8d9a6aa68}: [DhcpDomain] hsd1.pa.comcast.net
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-01]
Edge Extension: (Google Docs Offline) - C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Dee Skelley\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-28]
FireFox:
========
FF DefaultProfile: spq8mt6f.default
FF ProfilePath: C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\spq8mt6f.default [2021-11-22]
FF ProfilePath: C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release [2024-10-01]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\[email protected] [2023-08-12]
FF Extension: (Kaspersky Protection) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\[email protected] [2023-07-11]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-15]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Dee Skelley\AppData\Roaming\Mozilla\Firefox\Profiles\vq9r01k8.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2022-05-23]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default [2024-10-01]
CHR Extension: (Dark Mode) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-01-06]
CHR Extension: (Return YouTube Dislike) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dee Skelley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7252264 2024-09-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [774440 2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2315048 2024-09-28] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1220904 2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-11-23] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2022-10-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20528 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229944 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [381520 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [293968 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84424 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27744 2024-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28752 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274000 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [549968 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97848 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950328 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1200696 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203832 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [53904 2021-10-31] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [306744 2024-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [287744 2022-04-17] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-17] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-11-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435424 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-01 15:32 - 2024-10-01 15:33 - 000017242 _____ C:\Users\Dee Skelley\Desktop\FRST.txt
2024-10-01 15:31 - 2024-10-01 15:32 - 000000000 ____D C:\FRST
2024-10-01 15:29 - 2024-10-01 15:29 - 002397696 _____ (Farbar) C:\Users\Dee Skelley\Desktop\FRST64.exe
2024-10-01 15:12 - 2024-10-01 15:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-28 17:48 - 2024-09-28 17:48 - 000000000 ___HD C:\$WinREAgent
2024-09-28 17:10 - 2024-09-28 17:11 - 000000000 ____D C:\Windows\system32\compatrel
2024-09-28 17:10 - 2024-09-28 17:10 - 000000000 ____D C:\Windows\InboxApps
2024-09-28 15:33 - 2024-09-28 15:33 - 000021724 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-09-28 15:29 - 2024-09-28 15:29 - 000021724 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-09-27 12:48 - 2024-09-27 12:48 - 000000000 ____D C:\Windows\system32\o2
2024-09-26 15:18 - 2024-09-26 15:18 - 000315688 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-09-26 15:15 - 2024-09-26 15:15 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-01 15:36 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-01 15:22 - 2021-07-08 14:49 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\ConnectedDevicesPlatform
2024-10-01 15:14 - 2021-11-22 18:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-01 15:14 - 2021-11-22 18:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-10-01 15:14 - 2021-11-22 18:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-10-01 15:13 - 2022-03-05 15:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-01 15:10 - 2021-07-08 14:49 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Packages
2024-10-01 15:10 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-01 15:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-01 15:08 - 2021-07-22 18:32 - 000000000 ____D C:\Program Files (x86)\Steam
2024-10-01 15:07 - 2022-07-31 21:58 - 000000000 ____D C:\Riot Games
2024-10-01 15:07 - 2022-07-31 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-10-01 15:06 - 2022-07-31 23:21 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2024-10-01 15:03 - 2021-07-22 19:50 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\D3DSCache
2024-09-30 16:55 - 2021-07-08 14:38 - 000840954 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-30 16:55 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2024-09-30 16:51 - 2021-10-31 20:40 - 000000000 ____D C:\ProgramData\Avast Software
2024-09-30 16:51 - 2021-07-08 17:31 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-30 16:51 - 2021-07-08 17:31 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-30 16:50 - 2021-07-08 15:00 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-09-30 16:50 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-09-30 16:49 - 2021-07-08 14:49 - 000000000 ____D C:\Users\Dee Skelley
2024-09-30 16:49 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-30 16:42 - 2022-06-26 14:32 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Oculus
2024-09-30 16:36 - 2021-07-22 18:34 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\Steam
2024-09-30 16:35 - 2021-07-08 17:31 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-30 16:18 - 2022-05-01 14:51 - 000001898 _____ C:\Users\Dee Skelley\Desktop\Steam.lnk
2024-09-30 16:12 - 2021-07-08 14:58 - 000000000 ____D C:\Users\Dee Skelley\AppData\Roaming\Microsoft\MMC
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\lv-LV
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\lt-LT
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\et-EE
2024-09-30 16:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\es-MX
2024-09-30 15:59 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-30 15:59 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-09-30 13:05 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-09-30 12:53 - 2021-07-25 03:19 - 000000000 ____D C:\Windows\Minidump
2024-09-30 11:59 - 2021-07-08 17:31 - 000259496 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Dism
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-09-30 11:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-29 06:01 - 2021-11-23 20:23 - 000000000 ____D C:\Users\Dee Skelley\AppData\Local\AVAST Software
2024-09-29 04:15 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\appcompat
2024-09-28 17:27 - 2021-07-08 14:49 - 000000000 ____D C:\ProgramData\Packages
2024-09-28 17:15 - 2021-12-30 17:32 - 000000000 ____D C:\Windows\SystemTemp
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\system32\F12
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Sysprep
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\DDFs
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Com
2024-09-28 17:11 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-09-28 17:10 - 2019-12-07 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellComponents
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\schemas
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\Provisioning
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\IME
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-09-28 17:10 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-09-28 17:10 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2024-09-28 15:47 - 2019-12-07 05:52 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-09-28 15:47 - 2019-12-07 05:52 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-09-28 15:47 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2024-09-28 15:47 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2024-09-28 15:28 - 2021-07-08 17:33 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-28 07:56 - 2021-07-08 15:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-28 07:56 - 2021-07-08 15:36 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-09-27 13:14 - 2021-07-08 15:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-09-27 13:14 - 2021-07-08 15:03 - 000000000 ____D C:\Windows\system32\MRT
2024-09-27 13:11 - 2021-07-08 15:03 - 199688632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-09-27 12:29 - 2023-10-19 13:02 - 000000000 ____D C:\Program Files\RUXIM
2024-09-26 15:21 - 2021-07-09 10:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-09-26 15:21 - 2021-07-09 10:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-09-26 15:18 - 2022-10-15 09:16 - 000027744 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswElam.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 001200696 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000950328 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000549968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000381520 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000306744 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000293968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000274000 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000229944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000084424 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000028752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000020528 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArDisk.sys
2024-09-26 15:18 - 2021-11-23 20:20 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-09-26 15:18 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-09-26 15:16 - 2021-07-08 15:36 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-26 15:16 - 2021-07-08 15:36 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-26 15:15 - 2021-07-09 10:30 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories ========
2022-05-22 22:23 - 2022-05-22 22:23 - 000007601 _____ () C:\Users\Dee Skelley\AppData\Local\Resmon.ResmonCfg
2023-07-11 15:50 - 2023-07-11 15:50 - 000000000 _____ () C:\Users\Dee Skelley\AppData\Local\{8DBA7834-C4DF-4289-A385-9CA2351BCCD5}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION LOG:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Dee Skelley (01-10-2024 15:37:48)
Running from C:\Users\Dee Skelley\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4957 (X64) (2021-07-08 18:34:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2958740073-524152327-740456925-500 - Administrator - Disabled)
Dee Skelley (S-1-5-21-2958740073-524152327-740456925-1001 - Administrator - Enabled) => C:\Users\Dee Skelley
DefaultAccount (S-1-5-21-2958740073-524152327-740456925-503 - Limited - Disabled)
dskel (S-1-5-21-2958740073-524152327-740456925-1002 - Administrator - Enabled)
Guest (S-1-5-21-2958740073-524152327-740456925-501 - Limited - Enabled)
ozzet (S-1-5-21-2958740073-524152327-740456925-1003 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-2958740073-524152327-740456925-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{0fd12917-eb35-466f-b411-02c45a8a505d}) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.9.6130 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.60 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 127.0 (x64 en-US)) (Version: 127.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
PowerPoint (HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Chrome apps:
============
YouTube (HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\3a5d7b257cb5d0c14f9769fecc433d33) (Version: 1.0 - Google\Chrome)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-09-26] (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dee Skelley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\ntuser.dat.LOG2:CCE2DBB696 [3442]
AlternateDataStreams: C:\ProgramData\ntuser.dat{ca52b842-3aa0-11ec-84df-3085a9b34157}.TM.blf:D0B775491F [3442]
AlternateDataStreams: C:\ProgramData\ntuser.dat{ca52b842-3aa0-11ec-84df-3085a9b34157}.TMContainer00000000000000000002.regtrans-ms:5915CEE35F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10018]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2958740073-524152327-740456925-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dee Skelley\Pictures\Furry_files\6686e0bc71f3a1b5a95e7ba3831e9f20.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RZSurroundHelper"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_C9176D295DD1B25034BE632CD236401C"
HKU\S-1-5-21-2958740073-524152327-740456925-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9E06BE8F7D505564A0EB94364EDC4BA2"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{789901D8-742B-4FBD-A62A-45586D322CAB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F6AD17CB-ED3C-4DAA-8D64-6D02196D0E66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F9E5993-9026-457F-AA51-69BFB0DBEB12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CC0463A2-1B1B-434A-9914-CF15B3B401DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF8D1765-0910-47BF-8FC6-205438EF846C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{061164CE-9DBA-434B-B413-84E77B62A6C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{0E233C12-FD45-4C9E-A652-776AC35A8846}] => (Allow) C:\Users\Dee Skelley\Downloads\radeon-software-adrenalin-2020-21.7.1-minimalsetup-210714_web.exe => No File
FirewallRules: [{E717B377-50FA-4C73-BA76-363FA1602785}] => (Allow) C:\Users\Dee Skelley\Downloads\radeon-software-adrenalin-2020-21.7.1-minimalsetup-210714_web.exe => No File
FirewallRules: [{EFB169AB-2D2D-45BD-9337-6990F6ACFC44}] => (Allow) C:\Users\Dee Skelley\Downloads\radeon-software-adrenalin-2020-21.7.1-minimalsetup-210714_web.exe => No File
FirewallRules: [{8D586DB2-183C-4899-89A3-607005E89F96}] => (Allow) C:\Users\Dee Skelley\Downloads\radeon-software-adrenalin-2020-21.7.1-minimalsetup-210714_web.exe => No File
FirewallRules: [{903E6A5C-DB4D-457B-AEC3-54A8437C33C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{952DEC82-E68E-4BE1-8478-39AAB770ABBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{36AD491E-79B6-4015-918A-AC1EFB2BCB7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{1826B53B-0DFD-40A3-AB6A-0C09EAD522CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{A8389675-CDEA-4324-8C03-F6183E60AFA6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3820EEAE-810D-405C-9E55-490010259459}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{C168B53A-D8B4-40C0-9B2F-CE78DBDF1441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Changed\Game.exe () [File not signed]
FirewallRules: [{BCF5374F-910B-4E85-AF31-20E391283B96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Changed\Game.exe () [File not signed]
FirewallRules: [{2677E04E-B105-4646-A511-1665334B5F62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{882AA130-7A26-4048-8CEF-0B916EFBE53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{6BB42385-388B-40AD-9210-A3FA50BADE42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8A582698-159E-4EF3-A1D7-709F57D7C646}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{6644D58A-5A42-4908-94B2-771FAE428F43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{50D1A42A-CD3D-4060-B7B4-3AFBC9EA5A2A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F55A02F2-2589-4D50-A796-403C264EAC29}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{4AD578D0-EB62-40F2-A988-40A32D1C2CF3}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{22582601-4648-4426-89C4-F97853631912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{C84A7E9C-21C4-4E7B-81ED-BE8846D8EC83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{DEB6B823-5EDC-42D3-9DB7-9E239EC08888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F12850D1-D835-4C06-8EE5-C2924B7109EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B073138F-F286-4867-8537-C2F69F34A56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{22A143AA-897A-43B2-8B0F-C3914DCB9743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{98913933-BDAD-4435-9734-99E9DF2F1A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Labrat\SCP Labrat.exe () [File not signed]
FirewallRules: [{C7711C7B-C29B-4232-9E34-C52D5B0A7FB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Labrat\SCP Labrat.exe () [File not signed]
FirewallRules: [{160B13C3-213A-42E2-8AD8-F8DF93175345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Containment Breach Multiplayer\game.exe () [File not signed]
FirewallRules: [{4B95A1E4-E6FF-4897-BEFC-A669C8C714C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Containment Breach Multiplayer\game.exe () [File not signed]
FirewallRules: [{1A9262DC-1D87-440F-80F0-C33322633BFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clue\Cluedo.exe () [File not signed]
FirewallRules: [{ED4CB6EE-6D04-435A-98B2-FF2270E5580F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clue\Cluedo.exe () [File not signed]
FirewallRules: [{26F4EA49-F7ED-4185-A45E-4D5BCCCC68AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{C54F173E-6842-45C3-B4AA-BB552627FCF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{46746F23-E5D2-413C-8510-D7B2EC657D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{5EEF3A91-A526-4E0F-A530-8170E4A139A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{B3E0436E-7391-488C-8CED-226FC8F3EDC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheEvilWithin2\TEW2.exe (Zenimax Asia K.K.) [File not signed]
FirewallRules: [{2FC96979-D6ED-4C5D-8843-7205FD09198F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheEvilWithin2\TEW2.exe (Zenimax Asia K.K.) [File not signed]
FirewallRules: [{A3AB422A-0DB8-4572-AFB1-677B89805DC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCPTheFoundation\SCPTheFoundation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{30BEFD05-3D3E-46DB-81BD-7BDB932686F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCPTheFoundation\SCPTheFoundation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{FC3A4517-E100-4060-9D5A-DA76CA4B863E}C:\program files (x86)\steam\steamapps\common\scpthefoundation\scpthefoundation\binaries\win64\scpthefoundation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scpthefoundation\scpthefoundation\binaries\win64\scpthefoundation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{62B6C5C7-34F0-41C5-94BE-FDB13ECE325A}C:\program files (x86)\steam\steamapps\common\scpthefoundation\scpthefoundation\binaries\win64\scpthefoundation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scpthefoundation\scpthefoundation\binaries\win64\scpthefoundation.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D169D7C4-5CEF-4EC8-94F6-3D99808285D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inside The Backrooms\Inside the Backrooms.exe () [File not signed]
FirewallRules: [{55E06CD5-7E21-441C-858F-DAA6834FDB5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inside The Backrooms\Inside the Backrooms.exe () [File not signed]
FirewallRules: [{84FEC5C7-4CDB-47AE-9E24-0316E92CF01E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{78522E69-306B-47E7-A701-1187B77E44D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{429D6F0F-055A-40F3-9CAC-455C6D7E892B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slender - The Arrival\Slender - The Arrival.exe () [File not signed]
FirewallRules: [{8B357991-D239-4CAA-942A-B7A6AD381074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slender - The Arrival\Slender - The Arrival.exe () [File not signed]
FirewallRules: [TCP Query User{86D26A35-1D61-47B0-AF40-4F7BD2BE59FE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{43E4E806-1DCD-4231-BA83-90E88D162360}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F5BD1E88-1198-4F13-B010-7E95A2B0CEA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{CE01C190-8981-4D12-A1D1-FA1F372818CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{6095B4B2-A276-4982-A67F-48BDEBC5921E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => No File
FirewallRules: [{B97F7C89-59DA-4459-88AA-51161113B351}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => No File
FirewallRules: [{B1CAB6A0-453D-4B66-9F0D-86F5C9D5BF9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intruders Hide and Seek\Intruders.exe () [File not signed]
FirewallRules: [{431853D6-7A3A-4763-BFFA-64DDE27C7A10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intruders Hide and Seek\Intruders.exe () [File not signed]
FirewallRules: [TCP Query User{AA8D2D43-1508-440B-8994-A83B2ACFE642}C:\program files (x86)\steam\steamapps\common\intruders hide and seek\intruders\binaries\win64\intruders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\intruders hide and seek\intruders\binaries\win64\intruders-win64-shipping.exe (Tessera Studios SL) [File not signed]
FirewallRules: [UDP Query User{74571DC5-E28D-4D95-9FC0-2DE755D949D2}C:\program files (x86)\steam\steamapps\common\intruders hide and seek\intruders\binaries\win64\intruders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\intruders hide and seek\intruders\binaries\win64\intruders-win64-shipping.exe (Tessera Studios SL) [File not signed]
FirewallRules: [{46BAF21F-3D33-4FF2-A708-2278076D88B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dark Pictures Anthology - Little Hope\LittleHope.exe (BANDAI NAMCO Entertainment) [File not signed]
FirewallRules: [{A494709E-ABC1-46BA-9BA4-0667B995D9CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dark Pictures Anthology - Little Hope\LittleHope.exe (BANDAI NAMCO Entertainment) [File not signed]
FirewallRules: [TCP Query User{6DB66AD7-DA47-45C8-9F95-37C940A3DD07}C:\program files (x86)\steam\steamapps\common\the dark pictures anthology - little hope\smg024\binaries\win64\littlehope-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the dark pictures anthology - little hope\smg024\binaries\win64\littlehope-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed]
FirewallRules: [UDP Query User{48903A87-7172-42B6-837E-FF1AD5BE4C6E}C:\program files (x86)\steam\steamapps\common\the dark pictures anthology - little hope\smg024\binaries\win64\littlehope-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the dark pictures anthology - little hope\smg024\binaries\win64\littlehope-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed]
FirewallRules: [TCP Query User{75DC90F3-CCBC-4DA9-A7B3-C053871F6BBF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{CDEF6C89-A83D-4D74-B708-ABDFC362E553}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{C549DE2C-5DD2-4ADA-BB83-4339FFB4AC90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{F2418A59-1235-4582-B71A-46CEFCFF5F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{8C6DCD9E-D932-421B-A983-8749456F56DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.)
FirewallRules: [{66851D45-6C9A-48B1-A22B-5807F978CD65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.)
FirewallRules: [{C54134E8-2DD9-4F93-A042-8D5B80C91FCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Changed-special\Game.exe () [File not signed]
FirewallRules: [{3B1E767B-418E-463E-A1D5-4B32748507C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Changed-special\Game.exe () [File not signed]
FirewallRules: [{FF2A61A3-53A3-413B-9CC4-57532D46E73C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5C5A1D32-077E-42D2-ACA3-B64111B63EB0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F5A58A8-2F34-4EF6-951D-41B83954B897}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26C09BB8-88AC-4A8E-B0D2-48170F4E8D1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C2E0EEF-135D-4251-ABE8-829B2276F82B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D5FEF95-79CA-4628-9A69-A5B09CAE3C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
26-09-2024 16:28:18 Scheduled Checkpoint
27-09-2024 12:25:04 Windows Modules Installer
27-09-2024 13:09:34 Windows Modules Installer
28-09-2024 15:08:47 Windows Modules Installer
28-09-2024 17:53:21 Windows Modules Installer
30-09-2024 16:48:43 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/30/2024 04:48:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IVssAsrWriterBackup::GetDiskComponents. hr = 0x8007085a, The Workstation service has not been started..
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {60cbe2cb-d100-4204-8d91-303229f05c93}
Error: (09/30/2024 04:38:12 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/30/2024 04:38:12 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5
Error: (09/30/2024 03:53:36 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/30/2024 03:53:36 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5
Error: (09/30/2024 11:59:40 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/28/2024 05:53:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IVssAsrWriterBackup::GetDiskComponents. hr = 0x8007085a, The Workstation service has not been started..
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {3b2b9f85-8005-492a-947c-54fdc5fb3b03}
Error: (09/28/2024 05:22:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (10/01/2024 03:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The vgc service terminated unexpectedly. It has done this 1 time(s).
Error: (09/30/2024 05:03:45 PM) (Source: DCOM) (EventID: 10010) (User: ORIGINALWIN10)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
Error: (09/30/2024 05:03:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
Error: (09/30/2024 05:03:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
Error: (09/30/2024 05:03:26 PM) (Source: DCOM) (EventID: 10010) (User: ORIGINALWIN10)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.
Error: (09/30/2024 04:51:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3.0 service failed to start due to the following error:
The system cannot find the path specified.
Error: (09/30/2024 03:54:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CredentialEnrollmentManagerUserSvc_103136 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/30/2024 11:59:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3.0 service failed to start due to the following error:
The system cannot find the path specified.
Windows Defender:
================
Date: 2021-11-23 19:08:26
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-07-22 19:24:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-07-22 19:07:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-07-22 18:50:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2023-02-23 15:17:31
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.
Date: 2022-05-26 20:37:21
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.
Date: 2022-04-29 19:36:19
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.
Date: 2022-04-29 19:28:39
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.
Date: 2022-04-29 17:36:01
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.
CodeIntegrity:
===============
Date: 2024-10-01 15:36:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 5103 09/19/2012
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A10-5800K APU with Radeon HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 12078.23 MB
Available physical RAM: 7533.51 MB
Total Virtual: 13934.23 MB
Available Virtual: 8950.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.9 GB) (Free:449.28 GB) (Model: WDC WD10EZEX-08WN4A0) NTFS
\\?\Volume{c7297c65-6034-45ca-8036-e15ad3fd9034}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{22800b9a-daa3-4194-a793-022140f7d324}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7B309A69)
Partition: GPT.
==================== End of Addition.txt =======================
Once again, thanks so much!!!