Solved Event ID 4625 issues

bayoubob

Posts: 17   +0
I'm concerned about these audit failures,my machine was recently effectively shutdown,my bios had changed to chinese type,had a os on usb I reinstalled with but I think the usb may have been corrupt,so I reinstalled but I'm still seeing these 4625 events.I have also bought a premium avast subscription but I feel like my system may not be my own.
 

bayoubob

Posts: 17   +0
Can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2022
Ran by parker (administrator) on BOBPC (Micro-Star International Co., Ltd MS-7C02) (04-07-2022 15:34:22)
Running from C:\Users\parker\Downloads
Loaded Profiles: parker
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: English (United States)
Default browser: "C:\Users\parker\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Users\parker\AppData\Local\Avast Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Users\parker\AppData\Local\Avast Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Users\parker\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastNM.exe
(DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atieclxx.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Users\parker\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe <16>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.2101.28.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\Run: [Avast Browser] => C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserUpdateCore.exe [498648 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {378C62AB-015A-4BA5-B551-0DCCF37F49AB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {42FACCD8-5304-401D-9D06-6AFF28819340} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4938496 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {4A34EF2C-F765-4254-83DF-7B52AEBE3C4F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-07-01] (Avast Software s.r.o. -> Avast Software)
Task: {4F195D13-687B-439E-8AB9-CD69718FDB72} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5CBA4D97-0963-44D8-BB35-8E31FB0D7618} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {67F36ADF-90E0-4E47-BC04-347C8B9C3141} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {682A4CB5-A51E-48C3-9FC8-870CD7BB7CEF} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [660016 2022-04-28] (Advanced Micro Devices Inc. -> AMD)
Task: {6945F547-5846-4051-8FC9-B358474273FA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {86E66D7C-4ABC-4EA7-BA63-40BA283EA520} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-04-28] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A3794F1D-D055-49F5-9E71-77B4C23DC94A} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-1619521988-1902768564-491423726-1001UA => C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {B0DB4D5C-42F6-4874-A45F-6E2B9BB2E01F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {BE326FA4-4A25-4EEC-9C70-1E302EB6B329} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-1619521988-1902768564-491423726-1001Core => C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
Task: {D5BC443D-D6B0-433A-A188-2EBFD5AD46F0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F6D04AAF-E109-4B3F-8D1E-7B95999D003F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-1619521988-1902768564-491423726-1001 => C:\Users\parker\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2778136 2022-06-14] (Avast Software s.r.o. -> AVAST Software)
Task: {FB12870B-83A1-497D-B2F2-44555CFBC0A7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65
Tcpip\..\Interfaces\{20dc8210-c9d0-40a5-9798-bb436e215de5}: [DhcpNameServer] 192.168.0.1 205.171.2.65

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\parker\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-01]

FireFox:
========
FF DefaultProfile: nbfwfldc.default
FF ProfilePath: C:\Users\parker\AppData\Roaming\Mozilla\Firefox\Profiles\nbfwfldc.default [2022-07-01]
FF ProfilePath: C:\Users\parker\AppData\Roaming\Mozilla\Firefox\Profiles\4r4e75ke.default-release [2022-07-01]
FF Plugin HKU\S-1-5-21-1619521988-1902768564-491423726-1001: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-1619521988-1902768564-491423726-1001: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8486968 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [506416 2022-04-28] (Advanced Micro Devices Inc. -> AMD)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [590080 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2009344 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-07] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [33728 2021-12-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2022-04-26] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\amdkmdag.sys [90165704 2022-05-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235584 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [385560 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258072 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [104976 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25048 2022-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [47976 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274536 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553928 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [113984 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [89056 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [860416 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [668208 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221528 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324864 2022-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-04 15:34 - 2022-07-04 15:34 - 000015674 _____ C:\Users\parker\Downloads\FRST.txt
2022-07-04 15:33 - 2022-07-04 15:34 - 000000000 ____D C:\FRST
2022-07-04 15:31 - 2022-07-04 15:31 - 002369024 _____ (Farbar) C:\Users\parker\Downloads\FRST64.exe
2022-07-04 10:07 - 2022-07-04 10:07 - 000000000 ____D C:\Users\parker\Documents\New folder
2022-07-04 02:28 - 2022-07-04 02:28 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-07-04 02:28 - 2022-07-04 02:28 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-07-04 02:26 - 2022-07-01 12:59 - 000270592 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-07-04 02:21 - 2022-07-04 02:21 - 000268536 _____ (AVAST Software) C:\Users\parker\Downloads\avast_premium_security_setup_online (1).exe
2022-07-02 10:18 - 2022-07-04 13:52 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1619521988-1902768564-491423726-1001
2022-07-01 20:31 - 2022-07-01 20:31 - 000000000 ____D C:\Users\parker\AppData\Roaming\AGS
2022-07-01 20:31 - 2022-07-01 20:31 - 000000000 ____D C:\Users\parker\AppData\Local\Persona
2022-07-01 20:31 - 2022-07-01 20:31 - 000000000 ____D C:\Users\parker\AppData\Local\AGS
2022-07-01 20:30 - 2022-07-01 20:31 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-07-01 20:30 - 2022-07-01 20:30 - 000000000 ____D C:\Users\parker\AppData\Roaming\EasyAntiCheat
2022-07-01 20:13 - 2022-07-01 20:13 - 000000000 ____D C:\Users\parker\Documents\My Games
2022-07-01 20:13 - 2022-07-01 20:13 - 000000000 ____D C:\ProgramData\Codemasters
2022-07-01 19:49 - 2022-07-01 19:49 - 002296488 _____ C:\Users\parker\Downloads\SteamSetup (1).exe
2022-07-01 19:38 - 2022-07-01 19:38 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2022-07-01 19:38 - 2022-07-01 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-01 19:36 - 2022-07-01 19:36 - 000002019 _____ C:\Users\parker\Desktop\NewWorld.lnk
2022-07-01 19:35 - 2022-07-01 19:35 - 000001961 _____ C:\Users\parker\Desktop\F1_2021.lnk
2022-07-01 19:08 - 2022-07-04 15:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-01 18:57 - 2022-07-01 18:57 - 000000000 ____D C:\Users\parker\AppData\Local\CrashDumps
2022-07-01 17:10 - 2022-07-01 17:10 - 000000000 ____D C:\Users\parker\AppData\Local\Steam
2022-07-01 17:06 - 2022-07-01 17:06 - 002296488 _____ C:\Users\parker\Downloads\SteamSetup.exe
2022-07-01 16:55 - 2022-07-01 16:55 - 000932808 _____ (Restoro) C:\Users\parker\Downloads\Restoro.exe
2022-07-01 15:31 - 2022-07-01 15:31 - 000000000 ____D C:\Windows\SystemTemp
2022-07-01 15:21 - 2022-07-01 15:21 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000093696 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-07-01 15:21 - 2022-07-01 15:21 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-07-01 15:21 - 2022-07-01 15:21 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-07-01 15:21 - 2022-07-01 15:21 - 000011787 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-01 15:17 - 2022-07-01 15:17 - 000000000 ___HD C:\$WinREAgent
2022-07-01 15:10 - 2022-07-01 15:10 - 000000000 ____D C:\Users\parker\AppData\Roaming\AMD
2022-07-01 15:10 - 2022-07-01 15:10 - 000000000 ____D C:\Users\parker\AppData\Local\setup
2022-07-01 15:10 - 2022-07-01 15:10 - 000000000 ____D C:\Program Files (x86)\AMD
2022-07-01 15:08 - 2022-07-01 15:08 - 054194016 _____ (Advanced Micro Devices, Inc.) C:\Users\parker\Downloads\amd_chipset_software_3.10.08.506.exe
2022-07-01 14:40 - 2022-07-01 14:40 - 000000000 ____D C:\Users\parker\AppData\LocalLow\AMD
2022-07-01 14:39 - 2022-07-04 13:52 - 000002402 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2022-07-01 14:39 - 2022-07-03 17:15 - 000000000 ____D C:\Users\parker\AppData\Local\D3DSCache
2022-07-01 14:39 - 2022-07-01 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-07-01 14:39 - 2022-07-01 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-07-01 14:38 - 2022-07-01 14:39 - 000000000 ____D C:\ProgramData\AMD
2022-07-01 14:38 - 2022-04-28 02:49 - 002940912 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2022-07-01 14:36 - 2022-07-01 15:10 - 000000000 ____D C:\AMD
2022-07-01 14:32 - 2022-07-01 14:34 - 000304590 _____ C:\Windows\ntbtlog.txt
2022-07-01 14:32 - 2022-07-01 14:34 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2022-07-01 14:30 - 2022-07-01 14:30 - 000002017 _____ C:\Users\parker\Desktop\Display Driver Uninstaller - Shortcut.lnk
2022-07-01 14:30 - 2022-07-01 14:30 - 000000000 ____D C:\Users\parker\Downloads\ddu
2022-07-01 14:28 - 2022-07-01 14:28 - 001373784 _____ (Igor Pavlov) C:\Users\parker\Downloads\DDU v18.0.5.1.exe
2022-07-01 14:15 - 2022-05-09 09:30 - 000110448 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2022-07-01 13:55 - 2022-07-01 13:55 - 000000000 ____D C:\Windows\system32\MRT
2022-07-01 13:51 - 2022-07-01 13:51 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-07-01 13:51 - 2022-07-01 13:51 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-07-01 13:51 - 2022-07-01 13:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-07-01 13:32 - 2022-07-04 13:52 - 000002672 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2022-07-01 13:32 - 2022-07-04 13:52 - 000002516 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2022-07-01 13:32 - 2022-07-04 13:52 - 000002508 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2022-07-01 13:32 - 2022-07-04 13:52 - 000002402 _____ C:\Windows\system32\Tasks\StartAUEP
2022-07-01 13:32 - 2022-07-04 13:52 - 000002374 _____ C:\Windows\system32\Tasks\StartCNBM
2022-07-01 13:32 - 2022-07-04 13:52 - 000002202 _____ C:\Windows\system32\Tasks\StartCN
2022-07-01 13:32 - 2022-07-04 13:52 - 000002122 _____ C:\Windows\system32\Tasks\StartDVR
2022-07-01 13:32 - 2022-07-03 08:46 - 000000000 ____D C:\Users\parker\AppData\Local\AMD_Common
2022-07-01 13:32 - 2022-07-01 15:10 - 000000000 ____D C:\Users\parker\AppData\Local\cache
2022-07-01 13:31 - 2022-07-01 20:30 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-01 13:31 - 2022-07-01 13:31 - 000000000 ____D C:\Users\parker\AppData\Local\AMDSoftwareInstaller
2022-07-01 13:21 - 2022-07-01 13:29 - 570303768 _____ (AMD Inc.) C:\Users\parker\Downloads\whql-amd-software-adrenalin-edition-22.5.1-win10-win11-may10.exe
2022-07-01 13:19 - 2022-07-02 17:25 - 000002700 _____ C:\Users\parker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-07-01 13:19 - 2022-07-02 17:25 - 000002669 _____ C:\Users\parker\Desktop\Avast Secure Browser.lnk
2022-07-01 13:19 - 2022-07-01 13:19 - 000004108 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-1619521988-1902768564-491423726-1001
2022-07-01 13:18 - 2022-07-01 13:18 - 000003718 _____ C:\Windows\system32\Tasks\AvastUpdateTaskUserS-1-5-21-1619521988-1902768564-491423726-1001UA
2022-07-01 13:18 - 2022-07-01 13:18 - 000003450 _____ C:\Windows\system32\Tasks\AvastUpdateTaskUserS-1-5-21-1619521988-1902768564-491423726-1001Core
2022-07-01 13:07 - 2022-07-01 13:07 - 000000020 _____ C:\Users\parker\Documents\New Text Document.txt
2022-07-01 13:06 - 2022-07-01 13:06 - 000268536 _____ (AVAST Software) C:\Users\parker\Downloads\avast_premium_security_setup_online.exe
2022-07-01 13:03 - 2022-07-03 16:56 - 000000000 ____D C:\Users\parker\AppData\Local\Avast Software
2022-07-01 13:02 - 2022-07-01 13:02 - 000000000 ____D C:\Users\parker\AppData\Roaming\Avast Software
2022-07-01 13:02 - 2022-07-01 13:02 - 000000000 ____D C:\Users\parker\AppData\Local\CEF
2022-07-01 13:00 - 2022-07-04 13:52 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-07-01 13:00 - 2022-07-01 13:00 - 000000000 ____D C:\Windows\system32\gf2engine
2022-07-01 12:59 - 2022-07-04 02:27 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-07-01 12:59 - 2022-07-04 02:26 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-07-01 12:59 - 2022-07-01 12:59 - 000860416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000668208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000553928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000385560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000324864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000274536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000258072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000221528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000113984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000104976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000089056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000047976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-07-01 12:59 - 2022-07-01 12:59 - 000025048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2022-07-01 12:58 - 2022-07-04 09:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-07-01 12:58 - 2022-07-04 02:27 - 000000000 ____D C:\Program Files\Avast Software
2022-07-01 12:57 - 2022-07-01 12:57 - 000268536 _____ (AVAST Software) C:\Users\parker\Downloads\avast_one_essential_setup_online.exe
2022-07-01 12:55 - 2022-07-04 10:55 - 000000000 ____D C:\Users\parker\AppData\LocalLow\Mozilla
2022-07-01 12:55 - 2022-07-01 13:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-01 12:55 - 2022-07-01 12:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-01 12:55 - 2022-07-01 12:55 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-07-01 12:55 - 2022-07-01 12:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-07-01 12:55 - 2022-07-01 12:55 - 000000000 ____D C:\Users\parker\AppData\Roaming\Mozilla
2022-07-01 12:55 - 2022-07-01 12:55 - 000000000 ____D C:\Users\parker\AppData\Local\Mozilla
2022-07-01 12:55 - 2022-07-01 12:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-01 12:55 - 2022-07-01 12:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-01 12:53 - 2022-07-01 20:13 - 000000000 ____D C:\Users\parker\AppData\Local\AMD
2022-07-01 12:53 - 2022-07-01 12:53 - 000350368 _____ (Mozilla) C:\Users\parker\Downloads\Firefox Installer.exe
2022-07-01 12:51 - 2022-07-01 14:39 - 000000000 ____D C:\Windows\system32\AMD
2022-07-01 12:51 - 2022-07-01 14:39 - 000000000 ____D C:\Program Files\AMD
2022-07-01 12:47 - 2022-07-03 13:53 - 000000000 ____D C:\Windows\Panther
2022-07-01 12:36 - 2022-07-04 10:47 - 000000000 ____D C:\Users\parker\AppData\Local\PlaceholderTileLogoFolder
2022-07-01 12:10 - 2022-07-01 12:10 - 000000000 ____D C:\Users\parker\AppData\Local\Comms
2022-07-01 11:55 - 2022-07-04 13:52 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1619521988-1902768564-491423726-1001
2022-07-01 11:55 - 2022-07-01 11:55 - 000000000 ___RD C:\Users\parker\OneDrive
2022-07-01 11:54 - 2022-07-01 11:54 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-07-01 11:53 - 2022-07-04 09:34 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-01 11:53 - 2022-07-02 06:54 - 000000000 ____D C:\ProgramData\Packages
2022-07-01 11:53 - 2022-07-02 06:51 - 000000000 ____D C:\Users\parker\AppData\Local\Packages
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 ___RD C:\Users\parker\3D Objects
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 ____D C:\Users\parker\AppData\Roaming\Adobe
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 ____D C:\Users\parker\AppData\Local\VirtualStore
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 ____D C:\Users\parker\AppData\Local\Publishers
2022-07-01 11:53 - 2022-07-01 11:53 - 000000000 ____D C:\Users\parker\AppData\Local\ConnectedDevicesPlatform
2022-07-01 11:52 - 2022-07-03 17:06 - 000002382 _____ C:\Users\parker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-01 11:52 - 2022-07-01 11:55 - 000000000 ____D C:\Users\parker
2022-07-01 11:52 - 2022-07-01 11:52 - 000000020 ___SH C:\Users\parker\ntuser.ini
2022-07-01 11:48 - 2022-07-01 11:48 - 000000000 _SHDL C:\Documents and Settings
2022-07-01 11:47 - 2022-07-04 13:52 - 000003464 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-01 11:47 - 2022-07-04 13:52 - 000003240 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-01 11:47 - 2022-07-04 12:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-01 11:47 - 2022-07-04 09:30 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-01 11:47 - 2022-07-04 09:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-01 11:47 - 2022-07-02 12:52 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-01 11:47 - 2022-07-02 12:52 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-01 11:47 - 2022-07-01 15:32 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-01 11:47 - 2022-07-01 11:47 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-07-01 11:47 - 2022-07-01 11:47 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-07-01 11:47 - 2022-07-01 11:47 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-04 14:07 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-04 09:34 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF
2022-07-04 09:29 - 2019-12-07 04:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-07-04 02:26 - 2019-12-07 04:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-07-03 16:18 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-03 16:18 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness
2022-07-02 06:30 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\appcompat
2022-07-01 19:01 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-07-01 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\Provisioning
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-01 15:31 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-07-01 15:31 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\servicing
2022-07-01 15:23 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-01 12:47 - 2019-12-07 04:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-07-01 12:03 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-01 12:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\ServiceState
2022-07-01 11:53 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-07-01 11:52 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-07-01 11:51 - 2019-12-07 04:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-07-01 11:51 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\spool
2022-07-01 11:47 - 2019-12-07 04:03 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

bayoubob

Posts: 17   +0
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2022
Ran by parker (04-07-2022 15:35:03)
Running from C:\Users\parker\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-07-01 16:49:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1619521988-1902768564-491423726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1619521988-1902768564-491423726-503 - Limited - Disabled)
Guest (S-1-5-21-1619521988-1902768564-491423726-501 - Limited - Disabled)
parker (S-1-5-21-1619521988-1902768564-491423726-1001 - Administrator - Enabled) => C:\Users\parker
WDAGUtilityAccount (S-1-5-21-1619521988-1902768564-491423726-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Avast Secure Browser (HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\Avast Secure Browser) (Version: 102.1.17190.115 - AVAST Software)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.44 - Microsoft Co
 

Broni

Posts: 55,991   +509
It's a false positive. Create an exception in your AV program or disable it momentarily.
 

bayoubob

Posts: 17   +0
ok,
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2022
Ran by parker (05-07-2022 18:15:17)
Running from C:\Users\parker\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2022-07-01 16:49:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1619521988-1902768564-491423726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1619521988-1902768564-491423726-503 - Limited - Disabled)
Guest (S-1-5-21-1619521988-1902768564-491423726-501 - Limited - Disabled)
parker (S-1-5-21-1619521988-1902768564-491423726-1001 - Administrator - Enabled) => C:\Users\parker
WDAGUtilityAccount (S-1-5-21-1619521988-1902768564-491423726-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Avast Secure Browser (HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\Avast Secure Browser) (Version: 102.1.17190.115 - AVAST Software)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.44 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29913 (HKLM\...\{620A7633-7A09-42A8-8580-076A4483C4B0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29913 (HKLM\...\{EECDD137-13DA-46ED-ADA0-BDF7F8BE65B8}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0 (x64 en-US)) (Version: 102.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.0 - Mozilla)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
RyzenMasterSDK (HKLM\...\{F1CE71C6-260C-464B-B1E6-9DEAE5F6A364}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.22.20002.0_x64__0a9344xs7nr4m [2022-07-01] (Advanced Micro Devices Inc.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.32.3.0_x64__6rarf9sa4v8jt [2022-07-01] (Disney)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-07-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-07-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1619521988-1902768564-491423726-1001_Classes\CLSID\{167FD956-39C3-374C-927A-1D3C47CB6663}\InprocServer32 -> C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\psuser_64.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-1619521988-1902768564-491423726-1001_Classes\CLSID\{77CB610F-0C15-4CA8-A839-79C3AD7A400E}\InprocServer32 -> C:\Users\parker\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\psuser_64.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-1619521988-1902768564-491423726-1001_Classes\CLSID\{CEA41856-DAAB-4EE7-9731-0DB1BCD5E0F4}\localserver32 -> C:\Users\parker\AppData\Local\AVAST Software\Browser\Application\102.1.17190.115\notification_helper.exe (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-05-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-01] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-07-01 19:41 - 2022-03-03 21:23 - 126965248 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2022-07-01 19:41 - 2021-11-17 06:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-07-01 19:41 - 2021-11-17 06:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-04-28 05:26 - 2022-04-28 05:26 - 018143744 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\avcodec-58.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-02-15 23:49 - 2022-02-15 23:49 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2022-02-15 23:49 - 2022-02-15 23:49 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2022-04-28 05:12 - 2022-04-28 05:12 - 000683520 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-04-28 05:12 - 2022-04-28 05:12 - 000065024 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2022-04-27 19:46 - 2022-04-27 19:46 - 000683520 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2022-04-27 19:46 - 2022-04-27 19:46 - 000065024 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2022-04-28 05:25 - 2022-04-28 05:25 - 001751552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-05 02:15 - 2017-09-05 02:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2022-07-01 19:41 - 2022-03-03 21:23 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 05:48 - 2021-04-21 05:48 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 04:14 - 2019-12-07 04:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1619521988-1902768564-491423726-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 205.171.2.65
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1619521988-1902768564-491423726-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E675CAF9-74F5-44F4-B00D-8FAB0738B293}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11760DC1-E88A-42B7-A138-D1ABDDEC5F0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1C6A8847-9C2B-40BD-8177-E1E6F41CAAB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E20B59F7-E2DC-470F-A167-D207A0DEDC15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16C48B7B-1D47-4F4D-83CE-792E6755B9D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D8DE656-DAE8-4D63-A385-4417F0AD9E15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FD3A3DC-12A4-4F33-B85F-6C104D6212EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{64CFA96A-7F36-490C-A782-BE52418BD9C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBC2964B-58BA-4924-A1EA-7783A872FB28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ACFCDBAB-A570-4679-BD48-1D950E79F7E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1553D018-217F-42BC-8D8E-1451C25105BD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3EAC3466-E452-4F63-845E-1CA0C067E0CE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{53CE2C01-DDDA-4158-8FC5-A9C6C7DB6101}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DBDE3E27-ECA5-49AC-B5F7-2ACD8A07E43F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{79A43B84-3D8C-46E6-8A2A-66F941FF5562}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1161437E-1F8C-4C1D-BB8E-42F6DA6EF2B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BDC89771-6D78-4F18-A305-21196995C001}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{64807C38-B83A-4163-8805-6CA909BE5096}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BC3CBED-1C43-4B3E-9F91-3DF8063B25B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1F9C7D1B-9418-4323-9C12-15E78D3FA144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{85093A74-7020-4C1C-AAA5-7B21A765B419}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{44276197-05B4-4750-A9C0-A156A3497BB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E78B8E78-AB0C-4CCA-B8DC-1A0936A3CB49}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A2877A9D-8C11-49EE-BC4D-CB37A08A36B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC282B79-FC56-44FB-B2E9-0D695D182BED}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61A7E044-7A20-43B1-B798-503E118CD8CA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{40F7B216-43D9-4F81-A1B3-829914326443}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B29DA3B9-F3CF-4271-8C66-50B008A67C6E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

04-07-2022 11:51:33 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/05/2022 03:48:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mmc.exe version 10.0.19041.1741 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 27a4

Start Time: 01d890b090423a30

Termination Time: 4294967295

Application Path: C:\Windows\System32\mmc.exe

Report Id: 59b2ccaa-52ee-4963-b3c5-f4aa1aa04af8

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (07/05/2022 12:05:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program steam.exe version 7.30.20.28 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: bb0

Start Time: 01d8907ad17677aa

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steam.exe

Report Id: 9c7103a9-2f9e-463e-ad43-75a8814bb59b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (07/05/2022 12:05:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program F1_2021_dx12.exe version 1.0.87.4931 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 940

Start Time: 01d890915a261627

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe

Report Id: c7355418-d895-46c0-baca-fcdf3d14e74d

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (07/05/2022 01:21:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program steam.exe version 7.30.20.28 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1178

Start Time: 01d89026c5e7d15d

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steam.exe

Report Id: db1d59b4-4a47-4a06-8e7d-c58477bf9346

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (07/05/2022 01:21:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program F1_2021_dx12.exe version 1.0.87.4931 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 8ec

Start Time: 01d890326ff9271b

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe

Report Id: 7914778e-4ed0-47e3-b248-63f49d976dcb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (07/04/2022 11:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Radeonsoftware.exe, version: 10.1.2.1916, time stamp: 0x626a43f7
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1741, time stamp: 0xe9b4a91b
Exception code: 0xc0000602
Fault offset: 0x000000000010fa32
Faulting process id: 0x16f4
Faulting application start time: 0x01d89023ca35b9cf
Faulting application path: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: f00ef742-02ff-4aa5-b33a-e33890a406eb
Faulting package full name:
Faulting package-relative application ID:

Error: (07/04/2022 11:00:22 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\BOBPC$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 05 Jul 2022 04:00:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0d888c35-2dfb-40eb-b1f7-4bfa0aaa6c26

Method: GET(406ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (07/04/2022 10:38:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program steam.exe version 7.30.20.28 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2820

Start Time: 01d890052ee42b45

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steam.exe

Report Id: 8006fdd0-1c1a-460c-a84f-345b37da0dbd

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle


System errors:
=============
Error: (07/04/2022 04:17:08 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/04/2022 04:17:07 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/04/2022 04:17:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/04/2022 04:09:19 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/02/2022 10:11:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:40:57 AM on ‎7/‎2/‎2022 was unexpected.

Error: (07/02/2022 10:11:09 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (07/01/2022 07:41:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/01/2022 07:41:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


CodeIntegrity:
===============
Date: 2022-07-05 17:00:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-07-05 16:06:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.H0 05/26/2022
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16309.58 MB
Available physical RAM: 11630.55 MB
Total Virtual: 22453.58 MB
Available Virtual: 14291.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:952.23 GB) (Free:764.46 GB) (Model: INTEL SSDPEKNW010T8) NTFS

\\?\Volume{ff404e67-e720-472e-90d3-9835dace154d}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{0525cfb0-7798-4ca8-8a2b-c1f99f4f41c1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
 

Broni

Posts: 55,991   +509
redtarget.gif

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.

redtarget.gif

Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

redtarget.gif

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.