content copied
content
Start::
CreateRestorePoint:
CloseProcesses:
Folder: C:\Users\ahmed\AppData\Local\Ride
Folder: C:\Users\ahmed\AppData\Roaming\decontev
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
S3 ALSysIO; \??\C:\Users\ahmed\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{03B29243-35DA-4858-920E-B70A007DF5AA}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.217.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{22D49062-B8D3-4DD5-B9C2-A044EA04D5CD}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.223.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{2B49DB21-41C5-44C0-8358-CA4C76205AE1}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.209.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{448DD314-7FBB-429C-9DAA-C05A00D235A8}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.215.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{5247F326-2FF0-4920-998E-12AA35F0883C}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.213.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{6A49690B-7DB6-424B-81CE-F51078F2A58D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{9C391760-8CB8-4F1E-AB7D-0C9915EFB004}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.211.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{A78355B5-2A4D-486B-B97A-43448FC8C34D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.207.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{BB04C6F8-598E-4733-ABB4-07489C863436}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.205.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{BCF99248-58CE-4562-B227-14D1E171B49D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.221.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> "C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe" -toastactivated => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1706869955-3799997442-2609519498-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7856]
HKU\S-1-5-21-1706869955-3799997442-2609519498-1001\...\Run: [electron.app.CurseForge] => C:\Users\ahmed\AppData\Local\Programs\CurseForge Windows\CurseForge.exe --minimized (No File)
HKU\S-1-5-18\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-18\...\RunOnce: [StartRSX] => "C:\Program Files\AMD\CNext\CNext\LauncherRSXRuntime.exe" (No File)
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\146.0.7680.165\elevation_service.exe" [X]
FirewallRules: [TCP Query User{9FF3F47A-7F9B-48FD-AE56-D6F980FD395E}C:\users\ahmed\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\ahmed\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FD00BCBD-8800-4571-9D43-E38ED17DAC8D}C:\users\ahmed\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\ahmed\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FCF375B1-2A3E-4780-8118-0FE6CA0207C3}C:\users\ahmed\appdata\local\programs\curseforge windows\curseforge.exe] => (Block) C:\users\ahmed\appdata\local\programs\curseforge windows\curseforge.exe => No File
FirewallRules: [UDP Query User{53D00325-E863-48E9-8B7D-21DF8B1D3A2D}C:\users\ahmed\appdata\local\programs\curseforge windows\curseforge.exe] => (Block) C:\users\ahmed\appdata\local\programs\curseforge windows\curseforge.exe => No File
FirewallRules: [{1AE592D1-CCA5-4623-9D22-38026C4A7256}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{092D432A-B468-4AC1-8370-9C9B17DF82B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{67A74737-BADA-4A71-88D1-8CE2A9D24EF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{E49BD719-F1FB-4A3C-B446-41C2A1A6CD7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{4D159546-F3F6-4BED-932E-77E1C96139D0}] => (Allow) C:\Program Files (x86)\EaseUS\VoiceWave\bin\easeus.voicewave.exe => No File
FirewallRules: [{CFED95CE-4BD8-48ED-9B40-492B7E622435}] => (Allow) C:\Program Files (x86)\EaseUS\VoiceWave\bin\easeus.evw.vchanger.exe => No File
FirewallRules: [TCP Query User{4FAF59D5-905D-46AC-A56D-25639652FCD0}C:\program files\miru\miru.exe] => (Allow) C:\program files\miru\miru.exe => No File
FirewallRules: [UDP Query User{88CEBEE3-8004-4A32-8172-03196D0858AB}C:\program files\miru\miru.exe] => (Allow) C:\program files\miru\miru.exe => No File
FirewallRules: [TCP Query User{30EE6741-ECE5-4A41-B2B4-BECD5940DC49}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe => No File
FirewallRules: [UDP Query User{AB26F733-1E2D-4B0C-923B-94F2708DB66D}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe => No File
FirewallRules: [TCP Query User{1F63D9BB-15F0-42E8-9DD3-352D21C99F68}C:\users\ahmed\downloads\wallpaper-engine-new_a2e12d4fd8_vsthemes-org\bin\ui32.exe] => (Allow) C:\users\ahmed\downloads\wallpaper-engine-new_a2e12d4fd8_vsthemes-org\bin\ui32.exe => No File
FirewallRules: [UDP Query User{9DA6C6A3-9EFB-4250-B97E-EA36B600A49B}C:\users\ahmed\downloads\wallpaper-engine-new_a2e12d4fd8_vsthemes-org\bin\ui32.exe] => (Allow) C:\users\ahmed\downloads\wallpaper-engine-new_a2e12d4fd8_vsthemes-org\bin\ui32.exe => No File
FirewallRules: [{51192FF5-C9BF-4609-8569-F6309F1DC7FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallpaper Alive\wallpaper_service\WallpaperAlive.exe => No File
FirewallRules: [{F502E0DC-5D6F-495B-887A-D07F78506C19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallpaper Alive\wallpaper_service\WallpaperAlive.exe => No File
FirewallRules: [{8EEC3B78-EEF4-4F04-B12B-7F9735CA33D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallpaper Alive\config_service\WallpaperAliveMenu.exe => No File
FirewallRules: [{D7E68631-1D32-449A-BC3B-058A2FF99CC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wallpaper Alive\config_service\WallpaperAliveMenu.exe => No File
FirewallRules: [{0F1EAC16-B178-4422-BCB7-D9D7AA45A201}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{2376BDE4-51BC-43A7-9329-31665CB6C86E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{5ADD3659-A027-4EEC-AEC4-021C41DF0770}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe => No File
FirewallRules: [{F91E20EC-DE29-4D95-86E9-A85A57EB785D}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe => No File
FirewallRules: [{C49FCB15-A8E7-47E6-850E-1D7907B17141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe => No File
FirewallRules: [{CD856CE3-050E-4A82-A080-34E567EAA1FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe => No File
FirewallRules: [TCP Query User{9E928A43-2B04-430F-A95E-EC75F225BA16}E:\ea sports fc 25\fc25.exe] => (Allow) E:\ea sports fc 25\fc25.exe => No File
FirewallRules: [UDP Query User{F61BB475-0236-4CD7-A9CB-643D49F95FE9}E:\ea sports fc 25\fc25.exe] => (Allow) E:\ea sports fc 25\fc25.exe => No File
FirewallRules: [TCP Query User{9C5E71E3-4B74-4931-A06F-061F9FBB46F9}C:\users\ahmed\downloads\ikemen_go-v0.99.0-windows\ikemen_go.exe] => (Allow) C:\users\ahmed\downloads\ikemen_go-v0.99.0-windows\ikemen_go.exe => No File
FirewallRules: [UDP Query User{B57AA432-85B3-43C9-969C-D15AE53943AD}C:\users\ahmed\downloads\ikemen_go-v0.99.0-windows\ikemen_go.exe] => (Allow) C:\users\ahmed\downloads\ikemen_go-v0.99.0-windows\ikemen_go.exe => No File
FirewallRules: [TCP Query User{57BA96DE-BBF9-44DF-B25D-580615C3EDBA}C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe => No File
FirewallRules: [UDP Query User{A4DA4A6A-C08D-4F27-BC62-B8241E03F8D7}C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe => No File
FirewallRules: [{B3700B4F-A05E-4E71-B5FC-20F7A06E36E7}] => (Block) C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe => No File
FirewallRules: [{09BD3B4C-7CA7-4E48-902A-394219DD8883}] => (Block) C:\program files (x86)\steam\steamapps\common\tmodloader\dotnet\dotnet.exe => No File
FirewallRules: [{18811140-1E82-4CFD-8EAE-746C378199DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe => No File
FirewallRules: [{2FBF8AB8-1120-4E56-815A-D0D3C2CD4ABF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{B82B079A-6890-42A4-8640-1026CAB5119D}C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [UDP Query User{A71B0D65-2BF3-4117-814F-F2E97353FC15}C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [{061F46BE-143B-4BD1-9F49-968A4ACF946D}] => (Block) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [{51C2C318-C6A1-4B5F-A246-31C87FEAF99F}] => (Block) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c731001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [TCP Query User{53F8C5E5-A226-4693-BFA6-FA5B4129371B}C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [UDP Query User{D9FE8E81-6BF3-4799-9B1B-834407984229}C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe] => (Allow) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [{E8806611-C871-421C-A385-0B81A4D61AF7}] => (Block) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [{F751B8FD-3C0A-4748-8448-E9C6BF054307}] => (Block) C:\users\ahmed\appdata\local\logmein rescue applet\lmir0c836001.tmp\lmi_rescue_srv.exe => No File
FirewallRules: [{AEF812B3-22FE-4538-A0BB-9CFE229943F6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe => No File
FirewallRules: [{CAB6633C-01EE-4FD5-AD9E-A9C9B8AE1E19}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{007116F2-ABC2-4243-8269-7D4A639A618A}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{D5DD08D0-E2A0-4257-84F9-6A1C8541912B}] => (Block) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{80393891-327B-4FEE-8F15-7B46B1069BFC}] => (Block) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe => No File
FirewallRules: [TCP Query User{CABC5B37-6A1E-4669-9332-2ECAFBAB1B8C}D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe] => (Allow) D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe => No File
FirewallRules: [UDP Query User{492CCBE2-055F-466F-A595-D9177CE9025C}D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe] => (Allow) D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe => No File
FirewallRules: [{199CD769-9FA7-4912-82D3-C264E25DFB54}] => (Block) D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe => No File
FirewallRules: [{676D1331-36BC-4875-8A86-730E6562F909}] => (Block) D:\flashcards\mimesis.v0.2.6-ofme\mimesis\mimesis.exe => No File
EmptyTemp:
End::
Warning
Executing a Fixlist on the wrong system may permanently damage it. Continue only if this link was meant for you.
To view the content, acknowledge this warning.