New
#21
@Hazma8978, do you see option 5 ?? If not just run it as normal !!
Addition.txt
- - - Updated - - -
FRST.txt
BTW I UNCHECKED ALL THE WHITELIST BOXES
@hamza8978, ok let's do some clean up !
Highlight the entire content of the quote box below.
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3226493453-2203417612-1806068575-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3226493453-2203417612-1806068575-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "D:\Users\NOT_FUTMAN\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-3226493453-2203417612-1806068575-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-3226493453-2203417612-1806068575-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
SearchScopes: HKU\S-1-5-21-3226493453-2203417612-1806068575-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FirewallRules: [TCP Query User{002D34F8-E229-4FDC-875E-4332814A6F64}D:\users\not_futman\appdata\local\microsoft\teams\current\teams.exe] => (Block) D:\users\not_futman\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{C38260B0-411F-4A46-9CA0-8AC19A2C4323}D:\users\not_futman\appdata\local\microsoft\teams\current\teams.exe] => (Block) D:\users\not_futman\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{D08C561F-4809-4067-88D1-890708330226}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{4907B7E7-0E06-4F56-9749-B68E29CB9E54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{9F62B422-9486-403F-BCD7-5257D28746F1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{F9388B91-1C5C-4C12-8D87-49C00E278BB3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{46311681-8F27-4C94-B5AC-BD59B0B62A4F}] => (Allow) D:\SteamLibrary\steamapps\common\Transport Fever 2\TransportFever2.exe => No File
FirewallRules: [{D350CA56-542E-46CE-B072-D9E6EDACDC54}] => (Allow) D:\SteamLibrary\steamapps\common\Transport Fever 2\TransportFever2.exe => No File
FirewallRules: [{D3D6ACB3-7C30-4EA3-8109-1D6C0D7A665D}] => (Allow) E:\SteamLibrary\steamapps\common\Transport Fever 2\TransportFever2.exe => No File
FirewallRules: [{F9F558A0-BE0D-4B90-AE1D-E45970713880}] => (Allow) E:\SteamLibrary\steamapps\common\Transport Fever 2\TransportFever2.exe => No File
FirewallRules: [{28453BD4-4E96-4533-87FA-3703230C0F27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{F8B8D499-7406-4459-9C6C-9C9B99E605D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{FBE91A09-BB2D-416E-8E20-3CA27B97EDB4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{92608B9A-49AE-4EC3-8AC6-21C4F19B98B9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{948EFA87-D6D5-49EF-A260-632E9B3316A5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{B2CA3C0A-F409-46EE-8D32-97F4A627FF79}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{1F7572DA-BA97-41C8-A1E7-CA58A1144AAF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{1B14CF18-3D1C-4809-B3E8-E17C80A1F4AE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{11BC9912-F4D6-41A1-978C-DC753EC089C4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{57A31B01-ACB6-4A7A-B710-E56CC422D5BC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{FDEA08C3-9928-4A31-9C7C-A5801E4A0A80}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{7AD03A81-ADBF-4D10-9B32-482D57473B54}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{123FA287-3630-4533-801C-385480794104}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{90232E13-AE11-48A7-9DF3-BB6E1F37A838}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{BB66C14A-1A08-43DB-A332-4F5EF6893C57}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{48FB39FA-DB3A-46E5-B44B-CB092C00F16F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{7F243D60-C13D-46D8-8E0E-653F2CD9F5D8}D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E4B54A70-4C9F-4449-9B1B-3EB15DA034C4}D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8EA5BE74-7B71-4B67-91DE-F407BA2C43BF}D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{5F05DD54-3A54-40BC-B213-DDAE138930EC}D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) D:\users\dummy\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{1BEE718B-E8A5-4298-93C9-2B51C9EE599D}] => (Allow) D:\Users\NOT_FUTMAN\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8879097D-A5EF-4479-8475-D382AB0CBCD5}] => (Allow) D:\Users\NOT_FUTMAN\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A3A7E2DE-F87E-4206-A514-0349D703F389}] => (Allow) E:\SteamLibrary\steamapps\common\Landlord's Super\LandlordsSuper.exe => No File
FirewallRules: [{36BE3828-A51D-4200-99E8-9495B7674796}] => (Allow) E:\SteamLibrary\steamapps\common\Landlord's Super\LandlordsSuper.exe => No File
FirewallRules: [TCP Query User{0D91F26F-412B-4F3F-947B-AE1D1664F83B}E:\steamlibrary\steamapps\common\fallguys\fallguys_client_game.exe] => (Block) E:\steamlibrary\steamapps\common\fallguys\fallguys_client_game.exe => No File
FirewallRules: [UDP Query User{8D296C2D-C183-460A-A11C-2E97C840CF84}E:\steamlibrary\steamapps\common\fallguys\fallguys_client_game.exe] => (Block) E:\steamlibrary\steamapps\common\fallguys\fallguys_client_game.exe => No File
FirewallRules: [{7D735E7E-8053-4484-97DA-C1069C6EBB45}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [TCP Query User{BF599092-4257-4EE2-B5FE-D20F82E2D72C}E:\steamlibrary\steamapps\common\wheelsofaurelia\wheelsofaurelia.exe] => (Allow) E:\steamlibrary\steamapps\common\wheelsofaurelia\wheelsofaurelia.exe => No File
FirewallRules: [UDP Query User{1C79123F-7377-4FBE-841E-7E633A8B8016}E:\steamlibrary\steamapps\common\wheelsofaurelia\wheelsofaurelia.exe] => (Allow) E:\steamlibrary\steamapps\common\wheelsofaurelia\wheelsofaurelia.exe => No File
FirewallRules: [{2625F87C-C656-4147-A84C-E658CB8E75FC}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{73980CEF-B26C-41A0-B7ED-9D2380FEA566}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{FA1C20A1-C2A1-4E43-80F2-A9E87674BBC1}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{C00CDEC5-66A9-486A-8EC2-1E01E75C828D}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{7232A93A-7144-405D-82E0-FA1EEA3F4AE5}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{7CA1F86B-571C-4EE3-841E-A30F51C70F47}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{9666CACF-9FEF-42CC-9000-4AAE3142C5E5}E:\riot games\riot client\riotclientservices.exe] => (Allow) E:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{4C28DDE3-2B45-4012-998D-056A363A934F}E:\riot games\riot client\riotclientservices.exe] => (Allow) E:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{AD2F75C7-EAE9-4F33-8500-4AFD268767C8}] => (Block) E:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{DF278C99-440C-477E-9FDC-09E0E75508B2}] => (Block) E:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{03A3CD52-F2BF-4505-8C52-1C4F7ED9BD4E}] => (Allow) E:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{437B72F9-4017-467D-8979-B4C1D0467156}] => (Allow) E:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
EMPTYTEMP:
End::
Right click on the highlighted text and select Copy.
Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.
- - - Updated - - -
I will check in about an hour, i am working on 3 more peoples computer also !
Fixlog.txt
I had to make a file called fixlist.txt and copied your text into it for the program to fix. I also did not copy the "Start::" and "End::"
The PC restarted after the process was done in normal mode (safe mode is off now) too.
Its ok
hamza8978, that cleaned up good ! Just some clean up on our/your end and 1 final check !
This will remove the programs & their logs !
Please download KpRm by Kernel-panik and save to your Desktop. >>> Downloads - KpRm - ToolsLib
* Click on KpRm.exe to run the tool.
* Vista/Windows 7/8/10 users right-click and select Run As Administrator.
* Put a check mark next to these items:
- Delete tools
- Delete now
* Click the "Run" button.
When the tool has finished, it will create and open a log report and delete itself.
==========
Also run this last program to see if there are any thing left over !
Note: You can expect this process to take a couple of hours or more.
Download ESET Free Online Scanner and save it to your Desktop >>> https://redirect.viglink.com/?format...line%20Scanner
* Right click on esetonlinescanner_enu.exe and select Run as administrator
* Click Computer Scan
* Click Full scan
* Select Enable ESET to detect and quarantine potentially unwanted applications
* Click Start scan
* Once completed click Save scan log and save it to your Desktop as ESETScan.txt
* Click Continue then finally click Close
* Copy and paste the ESETScan.txt file contents in your reply
Thanks !