Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Seriously Need Help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Seriously Need Help

Unread postby JohnJohn409 » January 1st, 2023, 11:58 am

So im a going to be very transparent into what happen and how I am where I am now. I was on a website I saw an ad about getting minecraft hacks and I clicked on an ad that claimed to give me all kinds of mods. It took me to a page where I had to fill out a survey and it downloaded an exe file onto my laptop. Its called a buffer. After it downloaded I thought about it and decided not to click on the install button becauese I know how these things scam you. I ment to delete it but my fat fingers accidentally clicked on it twice because my track pad is so sensitive. A whoile bunch of stuff started installing and I noticed it started placing these hashtags on everything. The first one I noticed was on my downloads folder it looked like [#] Downloads [#] and now almost all my files have those hash tags. It completely hid my C: drive and many important folders I had. I tried to boot it into an earlier state but the system was not letting me. I tried to install a registry tool to fix the issues as well as Avast . Something on my laptop was not allowing me to install it it kept rejecting halfway through. I ran a test with Malwarebytes that turned up nothing. Any help would be appreciated. I need to get this fixed asap. This is my work laptop and I need it to conduct business.

Image
JohnJohn409
Active Member
 
Posts: 3
Joined: January 1st, 2023, 11:51 am
Advertisement
Register to Remove

Re: Seriously Need Help

Unread postby JohnJohn409 » January 1st, 2023, 12:07 pm

I could not find where to edit my original post. After running the FRST scan this what was shown.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by JohnJohn (administrator) on JOHNJOHN-PC (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X512JAU_F512JA) (01-01-2023 10:02:10)
Running from C:\Users\JohnJohn\Desktop
Loaded Profiles: JohnJohn
Platform: Microsoft Windows 11 Home Version 22H2 22621.963 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\Sandboxie-Plus\SbieSvc.exe ->) (Tonalio GmbH -> sandboxie-plus.com) C:\Program Files\Sandboxie-Plus\SandMan.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe <12>
(Canva -> Canva Pty Ltd) C:\Users\JohnJohn\AppData\Local\Programs\Canva\Canva.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEMN.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2210.5.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0a2eb8dac923ec42\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_e72614dff5a8a910\Intel_PIE_Service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CExecSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) C:\Program Files\Sandboxie-Plus\SbieSvc.exe <2>
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.31120.6008.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.31120.6008.0_x64__8wekyb3d8bbwe\PhotosApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Failed to access process -> vmmemCmZygote

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\Run: [MicrosoftEdgeAutoLaunch_812E9459F37D2D7E7CDE26649AA00709] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\JohnJohn\AppData\Local\Programs\Canva\Canva.exe [152269456 2022-12-13] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\Run: [SandboxiePlus_AutoRun] => C:\Program Files\Sandboxie-Plus\sandman.exe [2178512 2022-12-22] (Tonalio GmbH -> sandboxie-plus.com)
HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\Installer\chrmstp.exe [2022-12-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0237882B-E4A2-40B2-9276-E55CA4AFDBAF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {134502D6-D150-4EE4-B172-14D51C338266} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {14D024C4-6777-44EC-A825-28F27A66BEE1} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {217E3217-36A4-47FE-BDAD-C1BD154BAFDA} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [11194104 2022-12-09] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {4862D378-CE2B-4E00-B984-167845EFADE0} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4A6F3331-4462-43E8-8D04-91185218679B} - System32\Tasks\McAfee\StartOOBEFix => C:\Program Files\Common Files\McAfee\OOBE\McOOBEFix.exe (No File)
Task: {564C3075-DE23-463A-9E2E-2DDC3897A6B8} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {58EFBF04-A5BB-4592-8509-05FA88812596} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2250576 2022-12-31] (Avast Software s.r.o. -> Avast Software)
Task: {68C3DE81-6BEB-4E72-BE17-7E3D17093F25} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {81A11C8E-73ED-44EE-8441-2D420A513ED8} - System32\Tasks\Opera scheduled Autoupdate 1670292295 => C:\Users\JohnJohn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {81DA3C53-46E0-4FA2-AC88-B64852DD5D3E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9105FA23-7FB7-4A1F-9597-60D749310BB8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A03C7108-91A0-4FDD-B1BD-925B2552D3D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {BAD1CF5D-3767-4BEF-9898-57FA4E7B1AB5} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-12-12] (Microsoft Windows -> )
Task: {BD8A24D4-9742-40E0-8821-C96C48956225} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C55DD56F-1EF5-4472-8186-00F9624EA253} - System32\Tasks\ViGEmBus_Updater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe [1117096 2022-09-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {CB483A79-C42B-4B2A-90DF-8751A97AEF3C} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusHotkey.exe [263816 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {F51E10D0-ED9E-4525-B405-2FBACEA85D37} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {F643C3AA-B1C4-46D5-BBF7-A3344CAA7E1C} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSoftwareManager\AsusUpdateChecker.exe [788112 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {F8DB488E-A197-4F9E-BF06-A7E5CEB5210C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {FC11DBA6-F493-4870-B694-AB94935DC906} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606672 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.254.251 192.168.68.1
Tcpip\..\Interfaces\{21221f73-44fe-4f44-87aa-19dc0bcaed12}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{21221f73-44fe-4f44-87aa-19dc0bcaed12}: [DhcpNameServer] 192.168.254.251 192.168.68.1
Tcpip\..\Interfaces\{59d82bfe-6d4c-467a-b809-56cf47194e65}: [DhcpNameServer] 192.168.104.79
Tcpip\..\Interfaces\{77181952-09e8-40a1-bb55-083cce4916aa}: [DhcpNameServer] 10.66.96.1

Edge:
=======
Edge Profile: C:\Users\JohnJohn\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-01]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: q0xdlpd2.default
FF ProfilePath: C:\Users\JohnJohn\AppData\Roaming\Mozilla\Firefox\Profiles\q0xdlpd2.default [2022-11-15]
FF ProfilePath: C:\Users\JohnJohn\AppData\Roaming\Mozilla\Firefox\Profiles\ej0cgua1.default-release [2022-12-31]
FF Extension: (Ant Video downloader) - C:\Users\JohnJohn\AppData\Roaming\Mozilla\Firefox\Profiles\ej0cgua1.default-release\Extensions\anttoolbar@ant.com.xpi [2022-11-24]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default [2022-12-30]
CHR Extension: (SEOquake) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2022-12-25]
CHR Extension: (Turbo Ad Finder 2.0) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apacadmkljmohmjgefhficgiijnnmelk [2022-12-20]
CHR Extension: (AdWords & Google Ads API Web Navi) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhcleoapmpajopgfbbjbokgfmmjpihkj [2022-11-16]
CHR Extension: (SEO META in 1 CLICK) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjogjfinolnhfhkbipphpdlldadpnmhc [2022-11-16]
CHR Extension: (WhatRuns) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkdbmfndkfgebldhnkbfhlneefdaaip [2022-11-16]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2022-12-20]
CHR Extension: (MozBar) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2022-11-16]
CHR Extension: (Email Finder by Snov.io) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnffiilpmgldkapbikhkeicohlaapj [2022-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-16]
CHR Extension: (SEO Minion) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\giihipjfimkajhlcilipnjeohabimjhi [2022-12-12]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2022-12-06]
CHR Extension: (Hunter - Email Finder Extension) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2022-12-28]
CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2022-12-16]
CHR Extension: (Copysmith for eCommerce) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpcihboblgdmignbebgekmnkhijcpil [2022-12-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-28]
CHR Extension: (WhatFont) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2022-11-18]
CHR Extension: (MY AD FINDER) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdelodjlpgkjenhcongcfdcocmjgjbci [2022-11-16]
CHR Extension: (Email Extractor) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdianbbpnakhcmfkcckaboohfgnngfcc [2022-12-28]
CHR Extension: (Find anyone's email - Contact Out) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjdemeiffadmmjhkbbpglgnlgeafomjo [2022-12-28]
CHR Extension: (AliDropship) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnhdnbbikjkdejminhdpmejldiapdgn [2022-12-16]
CHR Extension: (Web Scraper - Free Web Scraping) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2022-12-28]
CHR Extension: (Speechify Text to Speech Voice Reader) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljflmlehinmoeknoonhibbjpldiijjmm [2022-12-25]
CHR Extension: (CJDropshipping) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbndljkgaoailfnpeodnlejigmkdpokb [2022-12-27]
CHR Extension: (Eboost Ad Spy) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\micnjbbjjfbffcjicglpgofplijaapfb [2022-11-16]
CHR Extension: (CopyAI) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkhnillkemeiadipdbbeiagoajcel [2022-11-16]
CHR Extension: (Similar Sites - Discover Related Websites) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2022-11-16]
CHR Extension: (PowerAdSpy - Ad Intelligence) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkecaphdplhfmmbkcfnknejeonfnifbn [2022-12-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-16]
CHR Extension: (Instant Data Scraper) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2022-12-28]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-12-29]
CHR Extension: (Detailed SEO Extension) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfjdepjjfjjahkjfpkcgfmfhmnakjfba [2022-11-16]
CHR Extension: (Majestic Backlink Analyzer) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmjaflneibolacpepklokkjnakmikmg [2022-11-16]
CHR Extension: (SEO SERP | INSTANT RANK CHECKER) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppodjebdnlnpkopbegapnmlpajdphgea [2022-11-16]
CHR Profile: C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-30]
CHR Profile: C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-12-25]
CHR Extension: (Google Docs Offline) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-17]
CHR Profile: C:\Users\JohnJohn\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-30]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Brave:
=======
BRA Profile: C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-01]
BRA Extension: (Safe Torrent Scanner) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-12-29]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-12-29]
BRA Extension: (Brave NTP background images) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-12-29]
BRA Extension: (Wallet Data Files Updater) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-12-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2023-01-01]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2022-12-29]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-01]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2022-12-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\JohnJohn\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-12-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-12-31] () [File not signed]
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\AsusAppService\AsusAppService.exe [902232 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkNear\AsusLinkNear.exe [1181288 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkRemote\AsusLinkRemote.exe [764552 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusOptimization.exe [386152 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSoftwareManager\AsusSoftwareManager.exe [1087080 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSwitch\AsusSwitch.exe [634504 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3606672 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [790128 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 cexecsvc; C:\WINDOWS\system32\cexecsvc.exe [275816 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-27] (Malwarebytes Inc. -> Malwarebytes)
R2 SbieSvc; C:\Program Files\Sandboxie-Plus\SbieSvc.exe [371152 2022-12-22] (Tonalio GmbH -> Sandboxie-Plus.com)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-15] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSystemAnalysis\AsusSAIO.sys [46736 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSOptimization\AsusWmiAcpi.sys [45280 2022-10-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218496 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_b535659b9405201a\iaLPSS2_UART2_ICL.sys [312600 2020-04-28] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197088 2023-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-01-01] (Malwarebytes Inc. -> Malwarebytes)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R3 SbieDrv; C:\Program Files\Sandboxie-Plus\SbieDrv.sys [250888 2022-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Sandboxie-Plus.com)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-08] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-15] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-01 10:02 - 2023-01-01 10:02 - 000034976 _____ C:\Users\JohnJohn\Desktop\FRST.txt
2023-01-01 10:01 - 2023-01-01 10:02 - 000000000 ____D C:\FRST
2023-01-01 10:01 - 2023-01-01 10:01 - 002376192 _____ (Farbar) C:\Users\JohnJohn\Desktop\FRST64.exe
2023-01-01 09:17 - 2023-01-01 09:17 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-12-31 13:14 - 2022-12-31 13:14 - 000001383 _____ C:\Users\JohnJohn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-31 13:14 - 2022-12-31 13:14 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\ESET
2022-12-31 07:54 - 2022-12-31 10:24 - 000000000 ____D C:\Users\JohnJohn\Desktop\New folder
2022-12-31 07:48 - 2022-12-31 07:48 - 000000000 ____D C:\Users\JohnJohn\Desktop\ScreenRecorderFiles
2022-12-31 05:38 - 2022-12-31 05:39 - 367596798 _____ C:\Users\JohnJohn\Documents\rgbkp2022.reg
2022-12-31 05:29 - 2022-12-31 05:31 - 000001276 _____ C:\Users\JohnJohn\Desktop\cmd.exe.lnk
2022-12-31 05:06 - 2022-12-31 05:06 - 000000000 ___HD C:\$WinREAgent
2022-12-31 04:43 - 2022-12-31 04:43 - 099594240 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk
2022-12-31 04:43 - 2022-12-31 04:43 - 007602176 _____ C:\Users\JohnJohn\NTUSER.rhk
2022-12-31 04:43 - 2022-12-31 04:43 - 000692224 _____ C:\WINDOWS\system32\config\DEFAULT.rhk
2022-12-31 04:43 - 2022-12-31 04:43 - 000065536 _____ C:\WINDOWS\system32\config\SAM.rhk
2022-12-31 04:43 - 2022-12-31 04:43 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2022-12-31 04:19 - 2022-12-31 04:59 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-12-31 04:19 - 2022-12-31 04:19 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO0a8f.tmp
2022-12-31 04:19 - 2022-12-31 04:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-12-31 04:19 - 2022-12-31 04:19 - 000000000 ____D C:\Program Files\Common Files\avast software
2022-12-31 03:40 - 2023-01-01 09:17 - 000000000 ____D C:\ProgramData\AVAST Software
2022-12-31 03:39 - 2017-02-08 12:04 - 000000000 ____D C:\Users\JohnJohn\Desktop\Avast! 2017 Premier 17.1.3394.0 + Keys [TechTools.ME]
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\Retro UI Market Analysis Instagram Carousel Post
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\Mauve Social Media Marketing Instagram Carousel Post
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\Hidori Rose Coconut
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\dropbox123
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\dropbox
2022-12-31 03:27 - 2022-12-31 03:27 - 000000000 ____D C:\Users\JohnJohn\Downloads\Download
2022-12-31 03:19 - 2022-12-31 04:44 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Wise Registry Cleaner
2022-12-31 03:18 - 2022-12-31 03:18 - 000001302 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2022-12-31 03:18 - 2022-12-31 03:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2022-12-31 03:18 - 2022-12-31 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2022-12-31 03:18 - 2022-12-31 03:18 - 000000000 ____D C:\Program Files (x86)\Wise
2022-12-31 03:15 - 2022-12-31 03:15 - 000000219 _____ C:\Users\JohnJohn\Desktop\ghghjghjgj.txt
2022-12-31 03:14 - 2022-12-30 23:38 - 291113832 _____ C:\Users\JohnJohn\Desktop\Avast! 2017 Premier 17.1.3394.0 + Keys [TechTools.ME].rar
2022-12-31 02:25 - 2022-12-31 02:25 - 083277080 _____ (Discord Inc.) C:\Users\JohnJohn\Downloads\DiscordSetup.exe
2022-12-30 21:42 - 2022-12-30 21:45 - 015274968 _____ (ESET) C:\Users\JohnJohn\Downloads\esetonlinescanner.exe
2022-12-30 20:39 - 2022-12-30 20:39 - 000268488 _____ (AVAST Software) C:\Users\JohnJohn\Downloads\avast_free_antivirus_setup_online.exe
2022-12-30 15:16 - 2022-12-30 15:24 - 000296384 _____ C:\WINDOWS\ntbtlog.txt
2022-12-30 15:16 - 2022-12-30 15:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-12-30 12:01 - 2022-12-30 12:02 - 006590517 _____ C:\Users\JohnJohn\Downloads\Full-Captured Hits (3).txt
2022-12-30 12:01 - 2022-12-30 12:02 - 006590517 _____ C:\Users\JohnJohn\Downloads\Full-Captured Hits (2).txt
2022-12-30 12:00 - 2022-12-30 12:01 - 006590517 _____ C:\Users\JohnJohn\Downloads\Full-Captured Hits (1).txt
2022-12-30 11:28 - 2022-12-30 11:28 - 006590517 _____ C:\Users\JohnJohn\Downloads\Full-Captured Hits.txt
2022-12-30 10:19 - 2022-12-30 10:32 - 078713984 _____ (Wireshark development team) C:\Users\JohnJohn\Downloads\Wireshark-win64-4.0.2.exe
2022-12-30 10:04 - 2022-12-30 10:04 - 000160504 _____ C:\Users\JohnJohn\Downloads\image (1).avif
2022-12-30 10:03 - 2022-12-30 10:03 - 000160504 _____ C:\Users\JohnJohn\Downloads\image.avif
2022-12-30 09:41 - 2022-12-30 18:39 - 000000000 ___RD C:\Users\JohnJohn\Desktop\BLACKHATTOOLS
2022-12-30 09:27 - 2022-12-30 18:39 - 000000000 ____D C:\Users\JohnJohn\Desktop\TEMP
2022-12-30 09:25 - 2022-12-30 18:39 - 000000000 ____D C:\Users\JohnJohn\Downloads\Scrapebox 1.16.3
2022-12-30 09:11 - 2022-12-30 18:39 - 000000000 ___SD C:\WINDOWS\system32\Containers
2022-12-30 09:11 - 2022-12-30 18:39 - 000000000 ____D C:\WINDOWS\system32\HvsiSettingsProviders
2022-12-30 09:07 - 2022-12-30 09:07 - 000001152 _____ C:\Users\JohnJohn\Documents\SB.bat
2022-12-30 08:57 - 2022-12-30 09:02 - 000000000 ____D C:\Users\JohnJohn\Downloads\TEEN NUDES
2022-12-30 08:47 - 2023-01-01 09:17 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-12-30 07:38 - 2022-12-30 07:38 - 000000000 ___RD C:\Sandbox
2022-12-30 06:30 - 2022-12-30 06:30 - 000001027 _____ C:\Users\JohnJohn\Desktop\Sandboxed Web Browser.lnk
2022-12-30 06:28 - 2023-01-01 09:24 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Sandboxie-Plus
2022-12-30 06:28 - 2022-12-31 13:08 - 000003172 _____ C:\WINDOWS\Sandboxie.ini
2022-12-30 06:28 - 2022-12-30 06:30 - 000000000 ____D C:\Program Files\Sandboxie-Plus
2022-12-30 06:28 - 2022-12-30 06:28 - 000000890 _____ C:\Users\JohnJohn\Desktop\Sandboxie-Plus.lnk
2022-12-30 01:47 - 2022-12-30 01:48 - 014442368 _____ C:\Users\JohnJohn\Downloads\Butterfly Marketing v3-8ee6b9e17f916ede314b3f8005da2d26.pdf
2022-12-29 20:31 - 2022-12-29 20:31 - 000041472 _____ C:\Users\JohnJohn\Downloads\file-499131210-xls (1).xls
2022-12-29 20:25 - 2022-12-29 20:25 - 000041472 _____ C:\Users\JohnJohn\Downloads\file-499131210-xls.xls
2022-12-29 12:34 - 2022-12-29 12:34 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-29 12:34 - 2022-12-29 12:34 - 000002397 _____ C:\Users\JohnJohn\Desktop\Brave.lnk
2022-12-29 12:34 - 2022-12-29 12:34 - 000000000 ____D C:\Program Files\BraveSoftware
2022-12-29 12:29 - 2022-12-29 12:34 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\BraveSoftware
2022-12-29 12:29 - 2022-12-29 12:29 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-12-29 08:54 - 2022-12-30 15:22 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\ElevatedDiagnostics
2022-12-29 08:30 - 2023-01-01 09:26 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{EB0F9FDA-D642-4F34-AE44-56D86DCB6930}
2022-12-29 06:56 - 2022-12-29 06:56 - 000001891 _____ C:\Users\JohnJohn\Desktop\x64dbg.lnk
2022-12-29 06:56 - 2022-12-29 06:56 - 000001891 _____ C:\Users\JohnJohn\Desktop\x32dbg.lnk
2022-12-28 16:08 - 2022-12-30 03:36 - 000000000 ____D C:\Users\JohnJohn\.ScreamingFrogSEOSpider
2022-12-28 16:08 - 2022-12-28 16:08 - 000001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Frog SEO Spider.lnk
2022-12-28 16:08 - 2022-12-28 16:08 - 000001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Screaming Frog SEO Spider.lnk
2022-12-28 16:08 - 2022-12-28 16:08 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\uk.co.screamingfrog.seospider.ui.b
2022-12-28 16:08 - 2022-12-28 16:08 - 000000000 ____D C:\Users\JohnJohn\.openjfx
2022-12-28 16:08 - 2022-12-28 16:08 - 000000000 ____D C:\Program Files (x86)\Screaming Frog SEO Spider
2022-12-28 11:55 - 2022-12-28 11:55 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\com.adobe.dunamis
2022-12-28 11:55 - 2022-12-28 11:55 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\SolidDocuments
2022-12-28 11:55 - 2022-12-28 11:55 - 000000000 ____D C:\Users\JohnJohn\.ms-ad
2022-12-28 11:50 - 2022-12-28 11:50 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-12-28 11:04 - 2022-12-28 11:04 - 000026881 _____ C:\Users\JohnJohn\Downloads\Logo Samples.pdf
2022-12-27 22:14 - 2022-12-31 04:03 - 000000000 ____D C:\Users\JohnJohn\Desktop\Blackhat
2022-12-27 22:05 - 2022-12-27 22:05 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\mbam
2022-12-27 21:35 - 2022-12-28 00:52 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-27 21:35 - 2022-12-28 00:52 - 000002023 _____ C:\Users\JohnJohn\Desktop\Malwarebytes.lnk
2022-12-27 21:30 - 2022-12-28 00:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-12-27 21:30 - 2022-12-28 00:50 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-26 18:40 - 2022-12-26 18:40 - 000000008 _____ C:\Users\JohnJohn\Downloads\df0ae4a7-820b-4413-9277-2443091644b1_responses.csv
2022-12-26 10:43 - 2022-12-26 10:44 - 008063893 _____ C:\Users\JohnJohn\Downloads\Main_Render.mp4
2022-12-24 03:38 - 2022-12-24 03:38 - 021844720 _____ C:\Users\JohnJohn\Downloads\pexels-roman-odintsov-5668613.mp4
2022-12-24 00:31 - 2022-12-24 00:31 - 000167473 _____ C:\Users\JohnJohn\Downloads\0722_AE-Hotjar-Logo_folder.zip
2022-12-24 00:13 - 2022-12-24 00:13 - 000060073 _____ C:\Users\JohnJohn\Downloads\➰ Trace line - Component - Trace line - Property 1=Line 1, Size=Large.zip
2022-12-23 11:54 - 2022-12-23 11:54 - 000302727 _____ C:\Users\JohnJohn\Downloads\Business Talk Show Facebook Cover Video-1671818090.mp4
2022-12-23 03:12 - 2022-12-23 03:12 - 000000137 _____ C:\Users\JohnJohn\Downloads\Hotjar - Heatmap - 3295598 - click on desktop - 2022-12-23 03_12_05.csv
2022-12-23 02:30 - 2022-12-23 02:30 - 000000000 ____D C:\Users\JohnJohn\Documents\Nicepage Templates
2022-12-23 02:23 - 2022-12-24 08:03 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Nicepage
2022-12-23 02:23 - 2022-12-24 08:02 - 000000000 ____D C:\Users\JohnJohn\Documents\Nicepage
2022-12-23 02:23 - 2022-12-23 02:23 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nicepage
2022-12-23 02:23 - 2022-12-23 02:23 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\nicepage-updater
2022-12-23 02:22 - 2022-12-23 02:22 - 000657344 _____ (Artisteer Limited) C:\Users\JohnJohn\Downloads\Nicepage-5.2.0.exe
2022-12-23 01:53 - 2022-12-23 01:53 - 012055143 _____ C:\Users\JohnJohn\Downloads\15186215_5581937.psd
2022-12-23 01:46 - 2022-12-23 01:46 - 000673136 _____ C:\Users\JohnJohn\Downloads\how to convert a website to html - Google Search.html
2022-12-23 01:46 - 2022-12-23 01:46 - 000000000 ____D C:\Users\JohnJohn\Downloads\how to convert a website to html - Google Search_files
2022-12-23 01:10 - 2022-12-23 03:19 - 000000000 ____D C:\My Web Sites
2022-12-23 01:08 - 2022-12-23 01:08 - 000000879 _____ C:\Users\JohnJohn\Desktop\HTTrack Website Copier.lnk
2022-12-23 01:08 - 2022-12-23 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2022-12-23 01:08 - 2022-12-23 01:08 - 000000000 ____D C:\Program Files\WinHTTrack
2022-12-22 09:06 - 2022-12-22 09:06 - 001053250 _____ C:\Users\JohnJohn\Downloads\2022-12-22T08-19 Transaction #5655151617929216-11217213.pdf
2022-12-22 07:12 - 2022-12-22 07:12 - 000037458 _____ C:\Users\JohnJohn\Downloads\Moz Keyword Explorer 'hotjar' suggestions 2022-12-22.csv
2022-12-21 19:00 - 2022-12-21 19:00 - 000000386 _____ C:\Users\JohnJohn\Downloads\Backup-codes-johnatkinson713.txt
2022-12-21 16:33 - 2022-12-21 16:33 - 001052535 _____ C:\Users\JohnJohn\Downloads\2022-12-21T06-30 Transaction #5652129064898138-11209391.pdf
2022-12-21 16:27 - 2022-12-21 16:27 - 000001561 _____ C:\Users\JohnJohn\Downloads\leads_.csv
2022-12-21 16:27 - 2022-12-21 16:27 - 000000311 _____ C:\Users\JohnJohn\Downloads\leads_ (1).txt
2022-12-21 10:31 - 2022-12-21 10:31 - 000000311 _____ C:\Users\JohnJohn\Downloads\leads_.txt
2022-12-21 02:38 - 2022-12-21 02:38 - 000046514 _____ C:\Users\JohnJohn\Downloads\keyword-tools-org_keywordresearch_home security_en_2054 (1).csv
2022-12-20 23:54 - 2022-12-20 23:54 - 000000000 ____D C:\Users\JohnJohn\AppData\LocalLow\Temp
2022-12-20 23:29 - 2022-12-20 23:29 - 000046514 _____ C:\Users\JohnJohn\Downloads\keyword-tools-org_keywordresearch_home security_en_2054.csv
2022-12-20 23:06 - 2022-12-20 23:06 - 000006631 _____ C:\Users\JohnJohn\Downloads\q217b3f71b8d21d8ddb99fa9c6af5ce47.csv
2022-12-20 06:11 - 2022-12-20 06:11 - 000020108 _____ C:\Users\JohnJohn\Downloads\smallbusinessowners_1671536219.csv
2022-12-20 05:44 - 2022-12-20 05:49 - 081548048 _____ (Octopus Data Inc.) C:\Users\JohnJohn\Downloads\Octoparse Setup 8.5.8.exe
2022-12-18 13:27 - 2022-12-18 13:27 - 004202015 _____ C:\Users\JohnJohn\Downloads\UNSCRIPTED_ Life, Liberty, and the Pursuit of Entrepreneurship ( PDFDrive ).pdf
2022-12-18 13:26 - 2022-12-18 13:26 - 003619759 _____ C:\Users\JohnJohn\Downloads\The Millionaire Fastlane_ Crack the Code to Wealth and Live Rich for a Lifetime. ( PDFDrive ).pdf
2022-12-18 02:09 - 2022-12-18 02:09 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\HD-Player
2022-12-17 16:54 - 2022-12-17 16:54 - 000003806 _____ C:\WINDOWS\system32\Tasks\ViGEmBus_Updater
2022-12-17 16:54 - 2022-12-17 16:54 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2022-12-16 13:06 - 2022-12-17 16:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-16 02:14 - 2022-12-16 02:14 - 027610035 _____ C:\Users\JohnJohn\Downloads\30% Off All Logo Creations 50% Off All Website Development.mp4
2022-12-16 01:38 - 2022-12-16 01:38 - 000000000 ____D C:\Users\JohnJohn\Downloads\SnapchatMarketing101
2022-12-16 01:05 - 2022-12-16 01:05 - 003958861 _____ C:\Users\JohnJohn\Downloads\BuyerKeywordsProfitFormula.zip
2022-12-16 01:05 - 2022-12-16 01:05 - 001415266 _____ C:\Users\JohnJohn\Downloads\StartanOnlineCoachingBusiness.zip
2022-12-16 01:04 - 2022-12-16 01:04 - 001797483 _____ C:\Users\JohnJohn\Downloads\ShopifyDropshipingMastery.zip
2022-12-16 01:04 - 2022-12-16 01:04 - 001732316 _____ C:\Users\JohnJohn\Downloads\SnapchatMarketing101.zip
2022-12-16 01:02 - 2022-12-16 01:02 - 003041841 _____ C:\Users\JohnJohn\Downloads\TheEEntrepreneurSuccessMindset.zip
2022-12-16 01:01 - 2022-12-16 01:01 - 003503481 _____ C:\Users\JohnJohn\Downloads\ThePPCMarketingGuide.zip
2022-12-16 01:01 - 2022-12-16 01:01 - 002593919 _____ C:\Users\JohnJohn\Downloads\10WaystoWriteMoreEffectiveAds.zip
2022-12-16 00:52 - 2022-12-16 00:54 - 000000000 ____D C:\Users\JohnJohn\Downloads\Google Ads PPC Kit 2021
2022-12-15 20:05 - 2021-08-31 05:12 - 000959232 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-12-15 20:05 - 2021-08-31 05:12 - 000717968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-12-15 20:05 - 2021-08-31 05:12 - 000494880 _____ C:\WINDOWS\system32\libvpl.dll
2022-12-15 20:05 - 2021-08-31 05:12 - 000429648 _____ C:\WINDOWS\SysWOW64\libvpl.dll
2022-12-15 20:05 - 2021-08-31 05:12 - 000048136 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-12-15 20:05 - 2021-08-31 05:12 - 000045480 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-12-15 20:05 - 2021-08-31 05:11 - 001886920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-15 20:05 - 2021-08-31 05:11 - 001886920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-15 20:05 - 2021-08-31 05:11 - 001462856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-15 20:05 - 2021-08-31 05:11 - 001462856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-15 20:05 - 2021-08-31 05:11 - 001115704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-15 20:05 - 2021-08-31 05:11 - 001115704 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-15 20:05 - 2021-08-31 05:11 - 000969232 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-15 20:05 - 2021-08-31 05:11 - 000969232 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-15 20:05 - 2021-08-31 05:10 - 000410568 _____ C:\WINDOWS\system32\ControlLib.dll
2022-12-15 07:15 - 2022-12-30 18:39 - 000000000 ____D C:\Users\JohnJohn\Downloads\[FTUApps.com] - NextUp TextAloud v4.0.66 (Text To Speech) Portable
2022-12-15 02:41 - 2022-12-15 02:42 - 047997508 _____ C:\Users\JohnJohn\Downloads\Glass-Effects-Logo-Mockup (1).zip
2022-12-15 02:31 - 2022-12-15 02:32 - 031114343 _____ C:\Users\JohnJohn\Downloads\Glass-3D-Logo-Mockup-on-Black-Wall (1).zip
2022-12-15 02:26 - 2022-12-15 02:26 - 012550775 _____ C:\Users\JohnJohn\Downloads\Beautiful-3d-Glass-wall-mockup-free.zip
2022-12-14 21:21 - 2022-12-14 21:21 - 000000000 ____D C:\Users\JohnJohn\Downloads\Group-of-Industries-Logo-Design
2022-12-14 20:07 - 2022-12-14 20:10 - 016023552 _____ C:\Users\JohnJohn\Downloads\20038792_3D_glowing_social_media_logos.psd
2022-12-13 09:15 - 2022-12-13 09:15 - 002774753 _____ C:\Users\JohnJohn\Downloads\Y2Mate.is - Be Like Dan-PFBnzyOUDng-720p-1654630501929.mp4
2022-12-13 08:29 - 2022-12-13 08:31 - 000000000 ____D C:\Users\JohnJohn\Documents\Wondershare Filmora
2022-12-13 08:16 - 2022-12-13 08:28 - 000000000 ____D C:\Users\JohnJohn\Downloads\Wondershare Filmora 8.7.4.0 + Crack [www.Tech-Tools.Me]
2022-12-13 07:32 - 2022-12-13 07:32 - 012761792 _____ C:\Users\JohnJohn\Downloads\pexels-matteo-pennisi-7420083.mp4
2022-12-13 07:29 - 2022-12-13 07:29 - 000616078 _____ C:\Users\JohnJohn\Downloads\Arrow - 60709.mp4
2022-12-13 07:27 - 2022-12-13 07:30 - 034439328 _____ C:\Users\JohnJohn\Downloads\production ID_4629649.mp4
2022-12-13 07:19 - 2022-12-13 07:19 - 000000016 _____ C:\ProgramData\mntemp
2022-12-13 06:43 - 2022-12-13 07:19 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Wondershare
2022-12-13 06:42 - 2022-12-30 11:07 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Wondershare
2022-12-13 06:42 - 2022-12-13 07:20 - 000000000 ____D C:\ProgramData\Wondershare
2022-12-13 06:42 - 2022-12-13 06:42 - 000000000 ____D C:\Users\JohnJohn\Documents\Wondershare
2022-12-13 06:40 - 2022-12-13 06:45 - 000000000 ____D C:\Users\JohnJohn\Downloads\TVPaint Animation 10 Pro 10.0.16 (32 Bit) [ChingLiu]
2022-12-13 04:55 - 2022-12-13 04:55 - 005294618 _____ C:\Users\JohnJohn\Downloads\AdobeStock_545748891_Video_HD_Preview_hitpaw.com.mp4
2022-12-13 04:06 - 2022-12-13 04:06 - 000000000 ____D C:\Users\JohnJohn\Documents\iMyFone MarkGo
2022-12-13 04:06 - 2022-12-13 04:06 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\MarkGo
2022-12-13 03:48 - 2022-12-13 03:48 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2022-12-12 18:38 - 2022-12-12 18:38 - 000409853 _____ C:\Users\JohnJohn\Downloads\HoursOnline.xlsx
2022-12-12 18:38 - 2022-12-12 18:38 - 000182996 _____ C:\Users\JohnJohn\Downloads\CompanyInfographic2.xlsx
2022-12-12 18:06 - 2022-12-12 18:19 - 059218027 _____ C:\Users\JohnJohn\Downloads\AdobeStock_287388012.mov
2022-12-12 18:04 - 2022-12-12 18:05 - 006059908 _____ C:\Users\JohnJohn\Downloads\AdobeStock_184254472.mov
2022-12-12 17:32 - 2022-12-12 17:57 - 012766149 _____ C:\Users\JohnJohn\Downloads\AdobeStock_551036368_Video_HD_Preview.mov
2022-12-12 17:31 - 2022-12-12 17:57 - 012670630 _____ C:\Users\JohnJohn\Downloads\AdobeStock_545748891_Video_HD_Preview.mov
2022-12-12 16:36 - 2022-12-12 16:54 - 086324870 _____ C:\Users\JohnJohn\Downloads\AdobeStock_426677050.mov
2022-12-12 16:36 - 2022-12-12 16:38 - 005967577 _____ C:\Users\JohnJohn\Downloads\AdobeStock_205993428.mov
2022-12-12 16:35 - 2022-12-12 17:25 - 095686133 _____ C:\Users\JohnJohn\Downloads\AdobeStock_474414514.mov
2022-12-12 16:35 - 2022-12-12 16:42 - 051309703 _____ C:\Users\JohnJohn\Downloads\AdobeStock_356835132.mov
2022-12-12 16:34 - 2022-12-12 16:34 - 005256241 _____ C:\Users\JohnJohn\Downloads\AdobeStock_510293610.mov
2022-12-12 16:17 - 2022-12-12 16:17 - 000806824 _____ (BlueStack Systems Inc.) C:\Users\JohnJohn\Downloads\BlueStacksInstaller_5.9.610.1005_native_bc69a03c87148c24638fd36cd0734290_MzsxNQ==.exe
2022-12-12 15:32 - 2022-12-12 15:32 - 002989632 _____ C:\Users\JohnJohn\Downloads\pexels-esmanur-ekşi-5614724.mp4
2022-12-12 15:30 - 2022-12-12 15:31 - 030075542 _____ C:\Users\JohnJohn\Downloads\pexels-dario-fernandez-ruz-9130073.mp4
2022-12-12 15:29 - 2022-12-12 15:30 - 027841911 _____ C:\Users\JohnJohn\Downloads\pexels-mart-production-8078755.mp4
2022-12-12 13:21 - 2022-12-12 13:22 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-12 13:21 - 2022-12-12 13:21 - 1723095505 _____ C:\WINDOWS\MEMORY.DMP
2022-12-12 13:21 - 2022-12-12 13:21 - 006459780 _____ C:\WINDOWS\Minidump\121222-4328-01.dmp
2022-12-12 09:21 - 2022-12-12 10:04 - 000000000 ____D C:\Users\JohnJohn\Downloads\Adobe After Effects 2022 v22.6.0.64 (x64) Pre-Cracked
2022-12-12 03:04 - 2022-12-12 03:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-12-12 03:02 - 2022-12-12 03:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-12-12 03:02 - 2022-12-12 03:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-12-12 02:57 - 2022-12-12 02:57 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-12-12 02:57 - 2022-12-12 02:57 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-12-12 02:57 - 2022-12-12 02:57 - 000000000 ____D C:\WINDOWS\addins
2022-12-12 01:12 - 2022-12-31 04:18 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-12 01:12 - 2022-12-12 01:12 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-12-12 01:10 - 2023-01-01 09:24 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-12-12 01:10 - 2023-01-01 09:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-12 01:10 - 2022-12-23 23:37 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1670292295
2022-12-12 01:10 - 2022-12-17 03:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-12 01:10 - 2022-12-12 01:10 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-12-12 01:10 - 2022-12-12 01:10 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-12-12 01:10 - 2022-12-12 01:10 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-12 01:10 - 2022-12-12 01:10 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-12 01:10 - 2022-12-12 01:10 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2022-12-12 01:10 - 2022-12-12 01:10 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-769860609-2974002706-4290262148-1001
2022-12-12 01:10 - 2022-12-12 01:10 - 000003034 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2022-12-12 01:10 - 2022-12-12 01:10 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-769860609-2974002706-4290262148-1001
2022-12-12 01:10 - 2022-12-12 01:10 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-815561375-3883791716-228991680-500
2022-12-12 01:10 - 2022-12-12 01:10 - 000002314 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-12-12 01:10 - 2022-12-12 01:10 - 000000020 ___SH C:\Users\JohnJohn\ntuser.ini
2022-12-12 01:10 - 2022-12-12 01:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-12-12 01:10 - 2022-12-12 01:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-12-12 01:06 - 2022-12-31 04:43 - 000000000 ____D C:\Users\JohnJohn
2022-12-12 01:06 - 2022-12-12 01:06 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-12-12 01:05 - 2023-01-01 08:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-12 01:05 - 2022-12-17 03:42 - 000473960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-09 06:14 - 2022-12-24 12:30 - 000000000 ____D C:\Users\JohnJohn\Creative Cloud Files
2022-12-09 04:42 - 2022-12-20 18:05 - 000051029 _____ C:\Users\JohnJohn\Downloads\Construction Company Keyword Suggestions.csv
2022-12-09 03:07 - 2022-12-09 03:08 - 022964995 _____ C:\Users\JohnJohn\Downloads\Y2Mate.is - HOUSTON TEXAS SKYLINE-opb_Zunwe3U-1080p-1654262496552 (1).mp4
2022-12-09 03:03 - 2022-12-09 03:03 - 006740400 _____ C:\Users\JohnJohn\Downloads\720p.mp4
2022-12-09 02:56 - 2022-12-09 03:00 - 040115014 _____ C:\Users\JohnJohn\Downloads\Y2Mate.is - Downtown Houston Skyline Hyper Lapse & Landmarks Video-mUabVbXNJx8-1080p-1656536763083.mp4
2022-12-09 01:58 - 2022-12-09 02:01 - 156825385 _____ C:\Users\JohnJohn\Downloads\Y2Mate.is - Houston Skyline Night Drone Video - 4K UHD-YnnLLcZvRcw-1080p-1654258870189.mp4
2022-12-08 22:17 - 2022-12-08 22:17 - 000504842 _____ C:\Users\JohnJohn\Downloads\AdwordsAnnhihilationPDF (1).pdf
2022-12-08 08:37 - 2022-12-08 08:37 - 000000245 _____ C:\Users\JohnJohn\Downloads\gprsea-home_security_systems_in_houston_tx (1).csv
2022-12-08 08:36 - 2022-12-08 08:36 - 000179743 _____ C:\Users\JohnJohn\Downloads\google-keywords-lead-generation--2022-12-08.pdf
2022-12-08 05:36 - 2022-12-08 05:36 - 002746763 _____ C:\Users\JohnJohn\Downloads\Father-Daughter Incest With a New Afterword ( PDFDrive ).pdf
2022-12-08 05:36 - 2022-12-08 05:36 - 000614734 _____ C:\Users\JohnJohn\Downloads\The Ultimate Betrayal The Enabling Mother, Incest and Sexual Abuse ( PDFDrive ).pdf
2022-12-08 05:35 - 2022-12-08 05:35 - 000536569 _____ C:\Users\JohnJohn\Downloads\Incestiable incest stories ( PDFDrive ).pdf
2022-12-08 00:35 - 2022-12-08 00:36 - 012084982 _____ C:\Users\JohnJohn\Downloads\Predators Pedophiles, Rapists, And Other Sex Offenders ( PDFDrive ).pdf
2022-12-08 00:35 - 2022-12-08 00:35 - 010712108 _____ C:\Users\JohnJohn\Downloads\Inside the Mind of Sexual Offenders Predatory Rapists, Pedophiles, and Criminal Profiles ( PDFDrive ).pdf
2022-12-08 00:33 - 2022-12-08 00:34 - 002293998 _____ C:\Users\JohnJohn\Downloads\The Evil That Men Do FBI Profiler Roy Hazelwood's Journey into the Minds of Sexual Predators ( PDFDrive ).pdf
2022-12-08 00:28 - 2022-12-08 00:30 - 034682239 _____ C:\Users\JohnJohn\Downloads\Epic content marketing how to tell a different story, break through the clutter, & win more customers by marketing less ( PDFDrive ).pdf
2022-12-08 00:28 - 2022-12-08 00:28 - 003895718 _____ C:\Users\JohnJohn\Downloads\The Story Engine An entrepreneur’s guide to content strategy and brand storytelling without spending all day writing ( PDFDrive ).pdf
2022-12-08 00:27 - 2022-12-08 00:27 - 003720239 _____ C:\Users\JohnJohn\Downloads\This Is Marketing You Can’t Be Seen Until You Learn to See ( PDFDrive ).pdf
2022-12-08 00:24 - 2022-12-08 00:24 - 002919532 _____ C:\Users\JohnJohn\Downloads\Professional Services Marketing How the Best Firms Build Premier Brands, Thriving Lead Generation Engines, and Cultures of Business Development Success ( PDFDrive ).pdf
2022-12-08 00:13 - 2022-12-08 00:13 - 000060315 _____ C:\Users\JohnJohn\Downloads\The Claude Hopkins Rare Ad Collection ( PDFDrive ).pdf
2022-12-08 00:12 - 2022-12-08 00:13 - 016007995 _____ C:\Users\JohnJohn\Downloads\The Ultimate Sales Letter Attract New Customers. Boost Your Sales ( PDFDrive ).pdf
2022-12-08 00:12 - 2022-12-08 00:12 - 000000000 _____ C:\Users\JohnJohn\Downloads\The Sales Bible The Ultimate Sales Resource, Revised Edition ( PDFDrive ).pdf
2022-12-08 00:09 - 2022-12-08 00:09 - 000942820 _____ C:\Users\JohnJohn\Downloads\The ultimate book of sales techniques 75 ways to master cold calling, sharpen your unique selling proposition, and close the sale ( PDFDrive ).pdf
2022-12-08 00:07 - 2022-12-08 00:08 - 006801594 _____ C:\Users\JohnJohn\Downloads\The Lead Generation Handbook How to Generate All the Sales You'll Ever Need -- Quickly, Easily, and Inexpensively ( PDFDrive ).pdf
2022-12-07 11:08 - 2022-12-07 12:59 - 010288598 _____ C:\Users\JohnJohn\Downloads\pdfstandard-pdf.psd
2022-12-07 00:35 - 2022-12-07 00:35 - 000001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2023.lnk
2022-12-06 14:26 - 2022-12-06 14:46 - 000000000 ____D C:\Users\JohnJohn\Downloads\Adobe Photoshop 2023 v24.0.1.112 (x64) Multilingual (Pre-Activated) [FileCR]
2022-12-06 10:00 - 2022-12-06 10:00 - 000000000 ____D C:\ProgramData\Nefarius Software Solutions e.U
2022-12-06 08:59 - 2022-12-06 08:59 - 000018631 _____ C:\Users\JohnJohn\Downloads\04e9da16461ef351166ced9f8c0c8b14-Inventory-Management-Template.xlsx
2022-12-06 08:49 - 2022-12-06 11:32 - 000035811 _____ C:\Users\JohnJohn\Downloads\f0f14f7507c1726f364fdfc3807b5f71-Basic-Inventory-List-Template.xlsx
2022-12-06 04:19 - 2022-12-06 04:19 - 000000000 ____D C:\Program Files\dotnet
2022-12-05 21:07 - 2022-12-30 11:07 - 000000000 ____D C:\XboxGames
2022-12-05 21:07 - 2022-12-05 21:07 - 000000028 ____H C:\.GamingRoot
2022-12-05 21:07 - 2022-12-05 21:07 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-12-05 21:07 - 2022-12-05 21:07 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-12-05 21:07 - 2022-12-05 21:06 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-12-05 20:32 - 2022-12-05 20:32 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\MinecraftInstaller
2022-12-05 20:05 - 2022-12-30 11:03 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Opera Software
2022-12-05 18:10 - 2022-12-30 11:03 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Opera Software
2022-12-05 18:10 - 2022-12-12 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2022-12-05 18:10 - 2022-12-06 04:31 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\.minecraft
2022-12-05 18:10 - 2022-12-05 19:31 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\.tlauncher
2022-12-05 00:42 - 2022-12-05 00:42 - 002213036 _____ C:\Users\JohnJohn\Downloads\PPCCampaignCalculator_plr.11770.zip
2022-12-04 11:40 - 2022-12-04 11:40 - 000040550 _____ C:\Users\JohnJohn\Downloads\DropshippingPLRArticlesPack.zip
2022-12-04 11:39 - 2022-12-04 11:39 - 000049248 _____ C:\Users\JohnJohn\Downloads\ClickBankPLRArticlesPack.zip
2022-12-04 11:30 - 2022-12-04 11:32 - 004578575 _____ C:\Users\JohnJohn\Downloads\NicheSponder.zip
2022-12-02 08:02 - 2022-12-02 08:02 - 012489914 _____ C:\Users\JohnJohn\Downloads\Waves During Sunset.mp4
2022-12-02 08:02 - 2022-12-02 08:02 - 007009040 _____ C:\Users\JohnJohn\Downloads\Beach Waves And Sunset.mp4
2022-12-02 07:48 - 2022-12-02 07:48 - 008071856 _____ C:\Users\JohnJohn\Downloads\newsletter.pptx
2022-12-02 07:48 - 2022-12-02 07:48 - 005054984 _____ C:\Users\JohnJohn\Downloads\presentation.pptx
2022-12-02 07:48 - 2022-12-02 07:48 - 004968706 _____ C:\Users\JohnJohn\Downloads\brochure.pptx
2022-12-02 06:45 - 2022-12-12 18:46 - 000000000 ____D C:\Users\JohnJohn\Documents\Adobe
2022-12-02 05:20 - 2022-12-02 05:20 - 000504842 _____ C:\Users\JohnJohn\Downloads\AdwordsAnnhihilationPDF.pdf
2022-12-02 04:10 - 2022-12-02 04:10 - 000000000 ____D C:\Users\JohnJohn\Documents\ScreenRecorder
2022-12-02 02:18 - 2023-01-01 09:21 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\CrashDumps

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-01 09:57 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-01 09:44 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-01 09:21 - 2022-11-15 13:08 - 000000000 ____D C:\Users\JohnJohn\AppData\LocalLow\Mozilla
2023-01-01 09:18 - 2022-11-15 14:37 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Canva
2023-01-01 09:18 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-01-01 09:17 - 2022-11-15 13:42 - 000000000 __SHD C:\Users\JohnJohn\IntelGraphicsProfiles
2023-01-01 09:17 - 2022-09-24 14:50 - 000000000 ___HD C:\Intel
2023-01-01 09:17 - 2022-09-24 14:49 - 000012288 ___SH C:\DumpStack.log.tmp
2023-01-01 09:17 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-01 09:17 - 2022-05-06 23:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-31 15:00 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-12-31 15:00 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-31 14:04 - 2022-11-15 13:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-31 05:09 - 2022-11-15 13:44 - 000000000 ___RD C:\Users\JohnJohn\OneDrive
2022-12-31 04:17 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-31 04:03 - 2022-11-15 18:07 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\uTorrent
2022-12-31 04:00 - 2022-11-18 11:32 - 000000000 ____D C:\Program Files\WinRAR
2022-12-31 03:22 - 2022-11-16 11:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-30 21:52 - 2022-11-15 18:10 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\BitTorrentHelper
2022-12-30 18:39 - 2022-05-06 23:25 - 000000000 ____D C:\WINDOWS\system32\Pbr
2022-12-30 18:39 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-12-30 18:39 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-12-30 18:39 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-30 18:20 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-30 18:19 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\registration
2022-12-30 16:58 - 2022-11-15 14:55 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\D3DSCache
2022-12-30 11:07 - 2022-11-15 13:42 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Packages
2022-12-30 11:07 - 2022-11-15 13:42 - 000000000 ____D C:\ProgramData\Packages
2022-12-30 10:58 - 2022-11-17 01:36 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Bluestacks
2022-12-30 10:28 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-30 08:26 - 2022-11-18 11:34 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\Adobe
2022-12-29 09:56 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-28 12:48 - 2022-11-18 11:34 - 000000000 ____D C:\ProgramData\Adobe
2022-12-28 12:47 - 2022-11-18 11:36 - 000000000 ____D C:\Users\JohnJohn\AppData\LocalLow\Adobe
2022-12-28 11:55 - 2022-11-15 13:42 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Adobe
2022-12-28 11:50 - 2022-11-18 11:35 - 000000000 ____D C:\Program Files\Adobe
2022-12-28 11:49 - 2022-11-18 11:35 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-12-27 21:35 - 2022-05-06 23:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-26 13:52 - 2022-11-15 12:16 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\vlc
2022-12-23 06:01 - 2022-11-21 00:49 - 000000000 ___DC C:\WINDOWS\Panther
2022-12-21 02:51 - 2022-11-23 14:51 - 000047219 _____ C:\Users\JohnJohn\Downloads\Moz Keyword Explorer 'home security' suggestions 2022-11-23.csv
2022-12-20 21:41 - 2022-11-24 00:50 - 000038148 _____ C:\Users\JohnJohn\Downloads\keyword-tools-org_keywordresearch_home security_en_2057.csv
2022-12-18 02:59 - 2020-05-07 07:16 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-18 02:52 - 2022-11-17 01:48 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-12-17 16:51 - 2022-11-15 13:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-17 13:15 - 2022-09-24 14:50 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-17 03:44 - 2022-11-15 13:08 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-17 03:42 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-15 21:04 - 2022-11-16 11:36 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-15 20:10 - 2022-11-17 12:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-15 20:08 - 2022-11-17 12:14 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-14 20:25 - 2022-11-15 14:43 - 000000000 ____D C:\Users\JohnJohn\Documents\Tor Browser
2022-12-14 06:18 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-12 22:41 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2022-12-12 17:01 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-12-12 16:18 - 2022-11-17 01:36 - 000000000 ____D C:\Users\Public\BlueStacks
2022-12-12 13:00 - 2022-11-16 11:36 - 000000000 ____D C:\Program Files\Google
2022-12-12 12:51 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-12 03:05 - 2022-11-18 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-12-12 03:05 - 2022-11-18 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-12-12 03:05 - 2022-11-16 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScissors
2022-12-12 03:05 - 2022-11-15 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-12-12 03:05 - 2022-09-24 15:44 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-12-12 03:05 - 2022-09-24 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-12-12 03:05 - 2022-09-24 15:41 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-12-12 03:05 - 2022-09-24 15:41 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-12-12 03:05 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-12-12 03:05 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-12-12 03:05 - 2022-05-06 23:28 - 000000000 ____D C:\WINDOWS\Setup
2022-12-12 03:05 - 2022-05-06 23:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\IME
2022-12-12 03:05 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-12 03:05 - 2020-09-22 09:37 - 000000000 ____D C:\WINDOWS\OEM
2022-12-12 03:05 - 2020-05-07 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-12-12 03:05 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-12-12 03:04 - 2022-09-24 15:45 - 000000000 ____D C:\WINDOWS\Firmware
2022-12-12 03:04 - 2022-05-07 00:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-12-12 03:04 - 2022-05-07 00:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-12-12 03:04 - 2022-05-07 00:01 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-12-12 03:04 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\OCR
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-12-12 03:02 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-12-12 03:01 - 2022-05-06 23:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-12-12 03:01 - 2022-05-06 23:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-12-12 03:01 - 2022-05-06 23:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-12-12 03:01 - 2022-05-06 23:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2022-12-12 01:27 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-12-12 01:26 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\servicing
2022-12-12 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-12-12 01:10 - 2020-09-22 09:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-12 01:08 - 2022-05-06 23:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-12-12 01:07 - 2022-11-18 11:32 - 000000000 ____D C:\Users\JohnJohn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-12-12 01:07 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-12 01:06 - 2022-09-24 15:44 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-12-09 12:00 - 2022-11-15 13:40 - 000002390 _____ C:\Users\JohnJohn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-08 20:49 - 2022-09-24 14:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-07 00:35 - 2022-11-18 11:35 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-12-07 00:30 - 2022-11-18 11:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-06 03:42 - 2022-11-15 12:26 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\PlaceholderTileLogoFolder
2022-12-06 00:19 - 2022-11-15 13:42 - 000000000 ____D C:\Users\JohnJohn\AppData\Local\ConnectedDevicesPlatform

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
JohnJohn409
Active Member
 
Posts: 3
Joined: January 1st, 2023, 11:51 am

Re: Seriously Need Help

Unread postby JohnJohn409 » January 1st, 2023, 12:08 pm

For the addition scan

dditional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by JohnJohn (01-01-2023 10:03:38)
Running from C:\Users\JohnJohn\Desktop
Microsoft Windows 11 Home Version 22H2 22621.963 (X64) (2022-12-12 07:10:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-769860609-2974002706-4290262148-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-769860609-2974002706-4290262148-503 - Limited - Disabled)
Guest (S-1-5-21-769860609-2974002706-4290262148-501 - Limited - Disabled)
JohnJohn (S-1-5-21-769860609-2974002706-4290262148-1001 - Administrator - Enabled) => C:\Users\JohnJohn
WDAGUtilityAccount (S-1-5-21-769860609-2974002706-4290262148-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Brave Software Inc)
Canva (HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.57.0 - Canva Pty Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Malwarebytes version 4.5.19.229 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.19.229 - Malwarebytes)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.1 (x64 en-US)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 107.0 - Mozilla)
Nicepage 5.2.0 (HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\c9e6a573-2a17-5f23-a9b7-1d442c8e5de0) (Version: 5.2.0 - Artisteer Limited)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20482 - Microsoft Corporation) Hidden
PhotoScissors 9.0 (HKLM\...\{1BB49C60-8D5D-439C-BEC1-BDCCF003AB40}_is1) (Version: - PhotoScissors)
Sandboxie-Plus v1.6.3 (HKLM\...\Sandboxie-Plus_is1) (Version: 1.6.3 - hxxp://xanasoft.com/)
Screaming Frog SEO Spider (HKLM\...\Screaming Frog SEO Spider) (Version: 18.1 - Screaming Frog Ltd)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{9C581C76-2D68-40F8-AA6F-94D3C5215C05}) (Version: 1.21.442 - Nefarius Software Solutions e.U.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wise Registry Cleaner 10.8.5 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.8.5 - WiseCleaner.com, Inc.)

Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-30] (Microsoft Corp.)
GlideX -> C:\Program Files\WindowsApps\B9ECED6F.Glidex_1.1.10.0_x64__qmba6cd70vzyy [2022-12-30] (ASUSTeK COMPUTER INC.)
Lunacy -> C:\Program Files\WindowsApps\Icons8LLC.Lunacy_8.7.2.0_x64__7g68zyg4rddyp [2022-12-30] (Icons8 LLC)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.37.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corp.)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5101.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Studios)
ms-resource:/Resources/AppName -> C:\Program Files\WindowsApps\0D9A1B2D.AnimationDeskCloud_1.22.5.0_x64__jhretta7p24aw [2022-12-30] (Kdan Mobile Software Ltd.)
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-12-12] (Microsoft Corporation)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-30] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-12-30] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-12-30] (Realtek Semiconductor Corp)
Reddit -> C:\Program Files\WindowsApps\redditTV.Reddit_1.0.1.0_neutral__99kbdge22ed1a [2022-12-30] (Reddit Inc.)
SandboxieShell -> C:\Program Files\Sandboxie-Plus [2022-12-30] (0)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-17] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2022-12-31] (0)
WordPress.com -> C:\Program Files\WindowsApps\22490Automattic.WordPress.comDesktop_7.2.0.0_x64__9h07f78gwnchp [2022-12-30] (Automattic, Inc.)
录屏软件 -> C:\Program Files\WindowsApps\WuhanNetPowerTechnologyCo.59298FDEA773D_6.1.5.0_x64__63m8b6nby1dvp [2022-12-31] (Wuhan Net Power Technology Co., Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-11-15 13:05 - 2022-12-13 18:07 - 002787840 _____ () [File not signed] C:\Users\JohnJohn\AppData\Local\Programs\Canva\ffmpeg.dll
2020-05-07 07:16 - 2020-05-07 07:16 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-05-07 07:16 - 2020-05-07 07:16 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-05-07 07:16 - 2020-05-07 07:16 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2020-05-07 07:16 - 2020-05-07 07:16 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-769860609-2974002706-4290262148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-769860609-2974002706-4290262148-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-769860609-2974002706-4290262148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JohnJohn\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\pexels-adrian-newell-14177239.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-769860609-2974002706-4290262148-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_812E9459F37D2D7E7CDE26649AA00709"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AB376C42-6C2D-4C23-B1E3-49AD04F13FF6}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{1163D37C-A753-4A8D-958B-6AFF8F9F48B8}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{87944B4F-6AB1-4D60-A32E-F3B0C02E73FA}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{B4E6F8D2-3E1C-48BE-AB8F-0D2F6C906307}] => (Allow) %USERPROFILE%\OneDrive\Buff Achievement Tracker - Installer.exe => No File
FirewallRules: [{9C82AFE9-F171-433A-AD53-668E2D0685D6}] => (Block) c:\ () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [TCP Query User{B2BD8C92-8571-43C6-AD83-68002F0E3C4A}C:\program files (x86)\microsoft\edgewebview\application\108.0.1462.54\msedgewebview2.exe] => (Block) C:\program files (x86)\microsoft\edgewebview\application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{94640397-FEB4-4D1C-8967-6376C4B86A40}C:\program files (x86)\microsoft\edgewebview\application\108.0.1462.54\msedgewebview2.exe] => (Block) C:\program files (x86)\microsoft\edgewebview\application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0B4B9E7-86BC-41F6-9AC0-0F9DB84E66B3}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{842C613A-AD72-463C-8B34-0D2E33DA02C8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8BB6771A-F442-488E-8E9B-016299E27EBB}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{76AA8863-E755-4F3F-BCA6-0DBC5EE8F814}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{2B9BE7B8-62D2-450B-BA40-7ECD5CA4C4EC}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_aeff025f0108fb44\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/01/2023 09:21:35 AM) (Source: Application Error) (EventID: 1000) (User: JOHNJOHN-PC)
Description: Faulting application name: PhoneExperienceHost.exe, version: 1.22102.229.0, time stamp: 0x6377dc84
Faulting module name: KERNELBASE.dll, version: 10.0.22621.963, time stamp: 0x766ca8ae
Exception code: 0xe0434352
Fault offset: 0x00000000000906bc
Faulting process id: 0x0x3440
Faulting application start time: 0x0x1d91df4bbf19751
Faulting application path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 287dbd6f-40ed-4e21-8399-eb311c6a850b
Faulting package full name: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (01/01/2023 09:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 6.0.1222.56807
.NET Version: 6.0.12
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException: Could not load file or assembly 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
File name: 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
at YourPhone.Files.FilesRegistrar.UnregisterAll()
at YourPhone.Files.FilesModule.RegisterFiles(IServiceCollection serviceCollection)
at YourPhone.Bootstrapper.RegisterModules(IServiceCollection services)
at YourPhone.Bootstrapper..ctor(IYourPhoneApplication app)
at YourPhone.App.<.ctor>b__15_0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at System.Lazy`1.get_Value()
at YourPhone.App.OnLaunchedAsync(LaunchActivatedEventArgs args)
at YourPhone.Utilities.TaskExtensions.<>c.<ThrowAsync>b__6_1(Object state)
at System.Threading.QueueUserWorkItemCallbackDefaultContext.Execute()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart()
at System.Threading.Thread.StartCallback()

Error: (12/31/2022 04:21:34 AM) (Source: Application Error) (EventID: 1000) (User: JOHNJOHN-PC)
Description: Faulting application name: PhoneExperienceHost.exe, version: 1.22102.229.0, time stamp: 0x6377dc84
Faulting module name: KERNELBASE.dll, version: 10.0.22621.963, time stamp: 0x766ca8ae
Exception code: 0xe0434352
Fault offset: 0x00000000000906bc
Faulting process id: 0x0x11d8
Faulting application start time: 0x0x1d91d01a671a490
Faulting application path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: adf6e1a5-7bed-418a-8307-de534c6200dc
Faulting package full name: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (12/31/2022 04:21:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 6.0.1222.56807
.NET Version: 6.0.12
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException: Could not load file or assembly 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
File name: 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
at YourPhone.Files.FilesRegistrar.UnregisterAll()
at YourPhone.Files.FilesModule.RegisterFiles(IServiceCollection serviceCollection)
at YourPhone.Bootstrapper.RegisterModules(IServiceCollection services)
at YourPhone.Bootstrapper..ctor(IYourPhoneApplication app)
at YourPhone.App.<.ctor>b__15_0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at System.Lazy`1.get_Value()
at YourPhone.App.OnLaunchedAsync(LaunchActivatedEventArgs args)
at YourPhone.Utilities.TaskExtensions.<>c.<ThrowAsync>b__6_1(Object state)
at System.Threading.QueueUserWorkItemCallbackDefaultContext.Execute()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart()
at System.Threading.Thread.StartCallback()

Error: (12/31/2022 04:14:34 AM) (Source: Application Error) (EventID: 1000) (User: JOHNJOHN-PC)
Description: Faulting application name: PhoneExperienceHost.exe, version: 1.22102.229.0, time stamp: 0x6377dc84
Faulting module name: KERNELBASE.dll, version: 10.0.22621.963, time stamp: 0x766ca8ae
Exception code: 0xe0434352
Fault offset: 0x00000000000906bc
Faulting process id: 0x0x2218
Faulting application start time: 0x0x1d91d00ad9c1db6
Faulting application path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 1cfd626b-357d-4614-a6f1-c7a881e9ad7d
Faulting package full name: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (12/31/2022 04:14:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 6.0.1222.56807
.NET Version: 6.0.12
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException: Could not load file or assembly 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
File name: 'System.Security.Claims, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
at YourPhone.Files.FilesRegistrar.UnregisterAll()
at YourPhone.Files.FilesModule.RegisterFiles(IServiceCollection serviceCollection)
at YourPhone.Bootstrapper.RegisterModules(IServiceCollection services)
at YourPhone.Bootstrapper..ctor(IYourPhoneApplication app)
at YourPhone.App.<.ctor>b__15_0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at System.Lazy`1.get_Value()
at YourPhone.App.OnLaunchedAsync(LaunchActivatedEventArgs args)
at YourPhone.Utilities.TaskExtensions.<>c.<ThrowAsync>b__6_1(Object state)
at System.Threading.QueueUserWorkItemCallbackDefaultContext.Execute()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart()
at System.Threading.Thread.StartCallback()

Error: (12/31/2022 03:43:12 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (12/31/2022 03:43:12 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (01/01/2023 09:31:55 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/01/2023 09:22:08 AM) (Source: DCOM) (EventID: 10010) (User: JOHNJOHN-PC)
Description: The server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} did not register with DCOM within the required timeout.

Error: (01/01/2023 09:22:03 AM) (Source: DCOM) (EventID: 10010) (User: JOHNJOHN-PC)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (01/01/2023 09:21:30 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/01/2023 09:17:32 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (12/31/2022 06:19:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/01/2023 09:17:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:40:44 AM on ‎12/‎31/‎2022 was unexpected.

Error: (12/31/2022 05:28:06 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.


Windows Defender:
================
Date: 2022-12-30 19:16:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-29 10:15:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUADlManager:Win32/OfferCore
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\JohnJohn\Downloads\utorrent_installer.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\JohnJohn\Documents\Tor Browser\Browser\firefox.exe
Security intelligence Version: AV: 1.381.1318.0, AS: 1.381.1318.0, NIS: 1.381.1318.0
Engine Version: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2022-12-29 06:54:14
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Vigorf.A
Severity: Severe
Category: Trojan
Path: file:_C:\Users\JohnJohn\Downloads\5ab77f5633c5d40ad448c2f2\lafarge-crackme2.zip
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.381.1318.0, AS: 1.381.1318.0, NIS: 1.381.1318.0
Engine Version: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2022-12-29 06:53:59
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Vigorf.A
Severity: Severe
Category: Trojan
Path: file:_C:\Users\JohnJohn\Downloads\5ab77f5633c5d40ad448c2f2\lafarge-crackme2.zip
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.381.1318.0, AS: 1.381.1318.0, NIS: 1.381.1318.0
Engine Version: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2022-12-29 06:53:49
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Vigorf.A
Severity: Severe
Category: Trojan
Path: file:_C:\Users\JohnJohn\Downloads\5ab77f5633c5d40ad448c2f2\lafarge-crackme2.zip
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.381.1318.0, AS: 1.381.1318.0, NIS: 1.381.1318.0
Engine Version: AM: 1.1.19900.2, NIS: 1.1.19900.2
Event[0]

Date: 2023-01-01 09:19:03
Description:
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Antivirus (offline scan).
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available.

Date: 2023-01-01 09:18:40
Description:
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Antivirus (offline scan).
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available.

Date: 2022-12-30 15:16:13
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===============
Date: 2023-01-01 09:17:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0a2eb8dac923ec42\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-31 05:27:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x64\aswAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X512JAU.303 02/26/2021
Motherboard: ASUSTeK COMPUTER INC. X512JAU
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 76%
Total physical RAM: 7932.77 MB
Available physical RAM: 1847.09 MB
Total Virtual: 13820.77 MB
Available Virtual: 6594.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:236.98 GB) (Free:105.76 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-256G-1002) NTFS

\\?\Volume{741bca08-6751-47a1-b331-3d4de2d77e41}\ (RECOVERY) (Fixed) (Total:1.22 GB) (Free:0.11 GB) NTFS
\\?\Volume{70d1691d-9c8e-4087-88a1-7e01a262c5e4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 38BC31B8)

Partition: GPT.

==================== End of Addition.txt =======================
JohnJohn409
Active Member
 
Posts: 3
Joined: January 1st, 2023, 11:51 am

Re: Seriously Need Help

Unread postby pgmigg » January 1st, 2023, 1:01 pm

JhonJhon409 wrote:This is my work laptop and I need it to conduct business.

Business Use
It appears you are using your computer for business purposes.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers.
Furthermore, as you have replayed to your own topic, the topic must be closed as it would likely go unnoticed by helpers who are looking for topics that have only a single post.

Thank you for your understanding.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5389
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware