2022-08-24 16:24 - 2022-08-24 16:24 - 000000000 ____D C:\Users\Tyson\AppData\Local\Battlestate Games Rent your own prepaid DayZ server for PC, PS4 or Xbox today at Nitrado. FirewallRules: [{E9229B9B-EE8C-484B-A543-153E4D740CA5}] => (Allow) D:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed] NVIDIA PhysX System Software 9.21.0713 (HKLM\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) The file will not be moved unless listed separately.) 2022-09-01 05:48 - 2022-05-14 13:48 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk FirewallRules: [{8138C9F8-52B0-4B43-BF6D-4D36DF0DF15D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] If you didn't place, don't worry! 2022-06-27 00:22 - 2022-06-27 00:22 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Data\Definitions\IPSDefs\20220916.081\IDSvia64.sys [1515512 2022-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3314] 2022-09-21 08:32 - 2022-08-02 16:26 - 000882856 _____ C:\windows\system32\wpbbin.exe Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 InWin809.local. IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll Just type --deathbattle @username to start a battle with someone, and Yggdrasil will do the rest! 2022-08-24 16:24 - 2022-08-24 16:24 - 000000000 ____D C:\ProgramData\Battlestate Games 2022-08-31 20:02 - 2022-09-01 05:48 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk ==================== Registry (Whitelisted) =================== FirewallRules: [{8E62AC1C-BFEB-4F70-8327-F4A439C0BE52}] => (Allow) D:\Steam\SteamApps\common\Lunch Lady\ProjectCoop.exe (Epic Games, Inc.) [File not signed] 2022-09-13 06:48 - 2022-09-13 06:48 - 000057344 _____ C:\windows\system32\uwfservicingapi.dll HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7291800 2022-03-18] (Voicemod Sociedad Limitada -> Voicemod) Mozilla Firefox (x64 en-US) (HKLM\\Mozilla Firefox 104.0.2 (x64 en-US)) (Version: 104.0.2 - Mozilla) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION R1 SYMNETS; C:\windows\System32\Drivers\SEP\0E031CE1\0FA0.105\x64\symnets.sys [480192 2022-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\Dism 2022-06-27 00:22 - 2022-06-27 00:22 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll ============= Thanks again for reading, and wishing you the best with this super fun game! ACDSee Photo Studio Ultimate 2022 (HKLM\\{AA1FA917-93AD-42D5-B171-D7237AC47CBE}) (Version: 15.1.0.2910 - ACD Systems International Inc.) IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll Best Games Like Sons Of The Forest (2023), Best N64 Games To Play On Nintendo Switch, Bantam Melon Location In God Of War Ragnarok (Across, 5 Most Difficult Boss Fights In God Of War Ragnarok, God Of War Ragnarok: Tree Of Woe Favor Quest (Guide), How To Get To Burning Cliffs In God Of War Ragnarok, Togu In Roblox Anime Adventure: How To Get &, How To Get & Use Treasure Charts In Arcane Odyssey, How To Get Gems In Anime Adventures Roblox, How To Evolve Pucci Into Puchi (New Moon) In Anime. 2022-09-03 23:31 - 2022-09-04 01:01 - 000000000 ____D C:\ProgramData\obs-studio-hook AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2022.lnk:E84E23EE24 [3442] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios) [MS Ad] 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\WinMetadata HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\ R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) Tcpip\..\Interfaces\{219cb33e-0f8a-4084-a685-e83afae8e96c}: [NameServer] 8.8.8.8,8.8.4.4 ===================== Drivers (Whitelisted) =================== 2022-09-01 05:48 - 2022-05-13 20:35 - 000000000 ____D C:\ProgramData\Riot Games 2022-09-21 08:33 - 2022-05-13 20:36 - 000000000 ____D C:\Users\Tyson\AppData\Roaming\LGHUB Description: The iCUE device plugin host service service terminated unexpectedly. HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tyson\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-11] (Mega Limited -> ) Description: Resetting Site Prefix, OK! Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) AlternateDataStreams: C:\ProgramData\Application Data:err [1670] By Posted jordan schnitzer house In strengths and weaknesses of a volleyball player And that's pretty much it. UXP WebView Support (HKLM-x32\\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) This is intended for server use only! FirewallRules: [TCP Query User{2F29BC3A-D5D6-447D-BDFC-4B124ACDD023}C:\users\tyson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tyson\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\Policies\Explorer: [HideSCAMeetNow] 1 S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-06-27] (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E1EB7CDD-847E-4728-907A-6C4498176403}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Bin64\snac64.exe (Symantec Corporation -> Broadcom) FirewallRules: [{982A5E69-D8D1-465D-B11D-C533A2256E02}] => (Allow) D:\Steam\SteamApps\common\Aim Lab\AimLab_tb.exe () [File not signed] iTunes (HKLM\\{0AED1CCB-84DA-42B6-B70C-2C4A11BA0666}) (Version: 12.12.4.1 - Apple Inc.) (explorer.exe ->) (Brio) [File not signed] C:\Program Files\FolderSize\FolderSize.exe (If an entry is included in the fixlist, it will be removed from the registry. ============================================== MEGAsync (HKLM-x32\\MEGAsync) (Version: - Mega Limited) Adobe Acrobat DC (64-bit) (HKLM\\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.002.20212 - Adobe) FirewallRules: [{B6E257CC-AF55-45B4-AD9D-7193915F34CB}] => (Block) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10450928 2022-08-18] (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{E73436CE-7963-4E98-A7AE-B620A32AEA57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) ==================== MBR & Partition Table ==================== S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6215960 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation) 2 . Addr 192.168.0.238 Task: {1AEAE201-6F48-4C77-82CB-E97D4A8E5F80} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-05] (Microsoft Corporation -> Microsoft Corporation) Faulting package-relative application ID: Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) ACDSee Photo Studio Ultimate 2022 (HKLM\\{AA1FA917-93AD-42D5-B171-D7237AC47CBE}) (Version: 15.1.0.2910 - ACD Systems International Inc.) HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [146943096 2022-06-09] (Logitech Inc -> Logitech, Inc.) FirewallRules: [{BF7B5D38-83F1-406F-A470-CEEDC8D793B2}] => (Allow) D:\Steam\SteamApps\common\FPSAimTrainer\FPSAimTrainer.exe (Int3 Software AB -> Int3 Software AB) Intel Software Installer (HKLM-x32\\{741cd892-0384-4ac9-929f-e3a263d9dc07}) (Version: 22.80.1.1 - Intel Corporation) Hidden Resetting Prefix Policy, OK! CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\Tyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-09-13] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-12] (NVIDIA Corp.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) 2022-09-13 06:48 - 2022-09-13 06:48 - 000167936 _____ C:\windows\system32\DeviceUpdateCenterCsp.dll Simply click any of the arrow keys to begin. Processes closed successfully. Then, open the app and log in with your account information. 2022-09-18 10:29 - 2022-05-25 01:10 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk IFEO\SihClient.exe: [Debugger] / The following corrective action will be taken in 60000 milliseconds: Restart the service. FiveM (HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\CitizenFX_FiveM) (Version: - Cfx.re) 2022-09-12 09:31 - 2022-09-12 09:31 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2022.lnk 2022-08-27 00:56 - 2022-06-24 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design Know Your Snake. What Is The Highest Score On Google Snake? FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) Rockstar Games Launcher (HKLM-x32\\Rockstar Games Launcher) (Version: 1.0.58.822.0 - Rockstar Games) HKLM-x32\\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2022-06-13] (Realtek Semiconductor Corp) 2022-09-19 00:36 - 2022-09-19 00:36 - 000000000 ____D C:\Users\Tyson\AppData\LocalLow\Oculus (If an entry is included in the fixlist, it will be removed from the registry. Error: (09/18/2022 11:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: ) FirewallRules: [{BAB0BF1E-919D-4339-8127-3E03675AEE16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\id-ID R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Bin\ccSvcHst.exe [156584 2022-02-25] (Symantec Corporation -> Broadcom) FirewallRules: [{EF488EFC-6792-4BC0-811E-535FD1B638AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{6B116DC0-725A-4FDE-B4F6-FE91C6F3E9FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} CHR Extension: (Dark Reader) - C:\Users\Tyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-08-24] S3 logi_generic_hid_filter; C:\windows\system32\drivers\logi_generic_hid_filter.sys [51544 2022-05-13] (WDKTestCert builder,132743893872553407 -> Logitech) FirewallRules: [{B8C9D01F-F60F-4FAE-AB6F-04F962EF71DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 InWin809.local. Microsoft Edge WebView2 Runtime (HKLM-x32\\Microsoft EdgeWebView) (Version: 105.0.1343.42 - Microsoft Corporation) 2022-09-01 04:02 - 2022-05-13 20:38 - 000000000 ____D C:\Program Files\Riot Vanguard 2022-09-07 20:08 - 2022-09-07 20:08 - 000000000 ____D C:\Users\Tyson\AppData\Roaming\Insomniac Games FF ProfilePath: C:\Users\Tyson\AppData\Roaming\Mozilla\Firefox\Profiles\xnc3cpuf.default-release [2022-09-18] AV: Symantec Endpoint Protection (Enabled - Up to date) {FC90FA28-5CE6-9068-FC99-1C67339C0047} Steam (HKLM-x32\\Steam) (Version: 2.10.91.91 - Valve Corporation) (If an entry is included in the fixlist, it will be removed.) but other than that great bot. FirewallRules: [{6B4A9254-9984-4271-8C97-00D129ED9915}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden 2022-08-24 16:24 - 2022-08-24 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games FirewallRules: [{9247ADCF-CA33-46B6-B82A-1EDC110B4814}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) (If an entry is included in the fixlist, it will be removed from the registry. 2022-09-13 06:48 - 2022-01-04 13:46 - 003103744 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll FirewallRules: [{BA49AD7D-9BA0-447E-B5CF-78D7EA91231D}] => (Allow) D:\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games) Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout. FirewallRules: [{21080E56-A2B6-4554-9FF2-AEA1CE04EDEF}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CFBB8357-8F2F-4B75-BA39-D2D9465A4522}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) 2021-06-05 22:08 - 2021-06-05 22:08 - 000000824 _____ C:\windows\system32\drivers\etc\hosts Google Snake. 2022-09-07 20:43 - 2022-09-07 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID All Rights Reserved. Coolmath's snake game is different from most. 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\SecureBootUpdates (If an entry is included in the fixlist, the process will be closed. ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tyson\AppData\Local\MEGAsync\ShellExtX64.dll [2022-06-11] (Mega Limited -> ) ==================== Loaded Modules (Whitelisted) ============= ========= End of CMD: ========= HKLM\\StartupApproved\Run32: => "Adobe Creative Cloud" R3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [456752 2022-08-05] (Corsair Memory, Inc. -> Corsair) Error: (09/20/2022 03:10:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) HKLM\\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6712488 2022-09-08] (Adobe Inc. -> Adobe Systems Inc.) FirewallRules: [UDP Query User{DB96153B-F152-4C00-927D-9BBEDAD466F0}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Wall Mode is a game mode in which walls spawn randomly on the board, blocking off some tiles. 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\vi-VN The FRST report is missing the header information. Make sure that your device volume is turned on. 2022-09-18 23:35 - 2022-01-03 19:51 - 000848788 _____ C:\windows\system32\PerfStringBackup.INI FirewallRules: [{8E62AC1C-BFEB-4F70-8327-F4A439C0BE52}] => (Allow) D:\Steam\SteamApps\common\Lunch Lady\ProjectCoop.exe (Epic Games, Inc.) [File not signed] Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. It's a super fun game overall, and if you're hoping to discover how to play it, you've come to the right place! 2022-09-13 07:02 - 2022-09-13 07:02 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk 2022-09-19 00:31 - 2022-09-19 01:57 - 000000000 ____D C:\Users\Tyson\AppData\Roaming\OculusClient Addr 192.168.0.238 Google has the iconic dinosaur game that you can play when theres no internet connection, but did you know that theres a secret Discord snake game too? 2022-09-18 23:31 - 2022-05-13 18:02 - 000000000 ____D C:\Users\Tyson\AppData\LocalLow\Mozilla (If an entry is included in the fixlist, it will be removed from the registry. 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\DDFs FirewallRules: [{442B4837-E2A8-4ED1-99A9-45C330A45F3C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe OK, please do this. 2022-09-13 06:48 - 2022-09-13 06:48 - 000470528 _____ (curl, hxxps://curl.se/) C:\windows\SysWOW64\curl.exe Error: (09/21/2022 08:34:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-22] (Code Sector -> Code Sector) ==================== Services (Whitelisted) =================== To activate the snake game, simply click on the board containing the green snake illustration, as shown in the screenshot below. Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden WDAGUtilityAccount (S-1-5-21-479614032-2295716511-2174497491-504 - Limited - Disabled) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION Task: {8B5D0AB1-09DB-4A6C-B739-540592774668} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Bin\SymErr.exe [91048 2022-02-25] (Symantec Corporation -> Broadcom) 2022-08-27 00:56 - 2022-06-24 16:22 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{5760B17F-8A79-49E6-9CE2-783CEB6417EC}C:\users\tyson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tyson\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\setup HKLM\\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\MountPoints2: {92a2dbf0-b485-11ec-8593-709cd154a389} - "G:\Office Tool Plus.exe" Battlestate Games Launcher 12.12.2.1944 (HKLM-x32\\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.12.2.1944 - Battlestate Games) HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7201448 2022-09-08] (Adobe Inc. -> Adobe Systems Incorporated) 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\setup Application errors: (If an entry is included in the fixlist, the file/folder will be moved.) HKLM\\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [203936 2022-08-03] (Adobe Inc. -> Adobe Systems Inc) HKLM\\Run: [] => [X] VLC media player (HKLM\\VLC media player) (Version: 3.0.16 - VideoLAN) 2022-09-13 06:56 - 2021-06-05 22:10 - 000000000 ____D C:\windows\system32\setup Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 16 InWin809.local. (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe HKLM-x32\\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1067528 2022-08-02] (Adobe Inc. -> Adobe Inc.) (If an entry is included in the fixlist, only the ADS will be removed.) (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe 2022-09-21 08:06 - 2022-05-13 20:49 - 000000000 ____D C:\Steam FirewallRules: [UDP Query User{DB96153B-F152-4C00-927D-9BBEDAD466F0}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) Task: {8B5D0AB1-09DB-4A6C-B739-540592774668} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.7393.4000.105\Bin\SymErr.exe [91048 2022-02-25] (Symantec Corporation -> Broadcom) Resetting Wakeup Pattern, OK! 2022-09-13 06:48 - 2022-09-13 06:48 - 000530944 _____ (curl, hxxps://curl.se/) C:\windows\system32\curl.exe 2022-09-13 06:35 - 2022-08-18 23:47 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk Resetting Compartment, OK! AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3314] FirewallRules: [TCP Query User{B5E65EFE-5A2C-4ED9-B286-57FEF2B6E48B}C:\users\tyson\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tyson\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) Fault offset: 0x000000000001d7d1 Commands snake/start starts a new game snake/exit exits the current game snake/leaderboard displays the top scores snake/vote gives the link to vote for Snakebot. Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iFi (by AMR) HD USB Audio Control Panel.lnk [2022-05-13] If you're not familiar with the game, make sure to take a look at the instructions which will appear after the welcome screen. Tcpip\..\Interfaces\{203ebb61-a8f5-49d4-9bc1-32351b715ebe}: [NameServer] 8.8.8.8,8.8.4.4 FirewallRules: [{6963AFB9-CE2B-4575-A5B8-D30EF635698F}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) R3 CorsairVBusDriver; C:\windows\System32\drivers\CorsairVBusDriver.sys [47032 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) FirewallRules: [{4CE0FA1C-A1B9-430A-BCAF-73F1A08961F7}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{E127DB1C-CBBE-4C4B-AF6D-B12C426FFCE7}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) Chrome: Adobe Media Encoder 2022 (HKLM-x32\\AME_22_6) (Version: 22.6 - Adobe Inc.) Windows Firewall is enabled. 2022-09-01 04:02 - 2022-05-13 20:38 - 000000000 ____D C:\Program Files\Riot Vanguard R3 VOICEMOD_Driver; C:\windows\system32\drivers\vmdrv.sys [48136 2022-03-08] (Voicemod Sociedad Limitada -> Windows Win 7 DDK provider) 2022-09-21 08:33 - 2022-05-13 18:22 - 000000000 ____D C:\ProgramData\NVIDIA R2 DtsApo4Service; C:\windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [213432 2021-02-22] (DTS, Inc. -> DTS Inc.) HKU\S-1-5-21-479614032-2295716511-2174497491-1002\\RunOnce: [Uninstall 22.065.0412.0004_1] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tyson\AppData\Local\Microsoft\OneDrive\22.065.0412.0004_1" (No File) DiagTrack => service removed successfully R3 rt25cx21; C:\windows\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_447a9570dbb12464\rt25cx21x64.sys [620456 2022-03-25] (Realtek Semiconductor Corp. -> Realtek) Task: {490C8863-947E-474E-AF1E-F90A6843FD98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-03-30] (Microsoft Corporation -> Microsoft Corporation) 2022-09-04 21:33 - 2022-07-31 17:56 - 000000000 ____D C:\Users\Tyson\AppData\Local\ElevatedDiagnostics R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) Rockstar Games Social Club (HKLM-x32\\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games) In order to move the snake, you can either use the arrow keys or else the W, A, S, and D keys instead. CHR Extension: (Google Docs Offline) - C:\Users\Tyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-04] 2022-01-10 20:28 - 2022-04-07 19:15 - 000693888 _____ (Stanislav Zinukhov -> www.startisback.com) [File not signed] C:\Program Files\StartAllBack\StartAllBackX64.dll FirewallRules: [{7A9D3212-CA2F-4A72-82C5-B2429B2857CD}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed] Manufacturer: Intel Corporation R3 logi_joy_bus_enum; C:\windows\system32\drivers\logi_joy_bus_enum.sys [33528 2022-05-13] (WDKTestCert builder,132743893872553407 -> Logitech) FirewallRules: [UDP Query User{3F71C761-DD03-4569-BF52-8F36FD7E0076}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => No File ================== FF HKLM-x32\\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi ==================== FirewallRules (Whitelisted) ================ 2022-09-13 06:48 - 2022-09-13 06:48 - 000614400 _____ C:\windows\system32\TextInputMethodFormatter.dll Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)