Concerned about some performance on my computer

i’d like to know if there are some malwares right now on my computer since im getting some lag spike and internet disconnections randomly 
and i saw in the program files a propagation folder with enltrc.txt with “track = false” as a content which is kinda suspicious.i already scanned my pc with FRST and here are the results:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022

Ran by Admin (administrator) on ALFINA (BIOSTAR Group A320MH) (10-02-2022 11:51:14)

Running from C:UsersAdminDesktopJap lessons

Loaded Profiles: Admin

Platform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Language: English (United States)

Default browser: Opera

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0373652.inf_amd64_97d024528a122d1aB372726atieclxx.exe

(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0373652.inf_amd64_97d024528a122d1aB372726atiesrxx.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextAMDRSServ.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextAMDRSSrcExt.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextcncmd.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextRadeonSoftware.exe

(Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDCNextCNextcpumetricsserver.exe

(Discord Inc. -> Discord Inc.) C:UsersAdminAppDataLocalDiscordapp-1.0.9003Discord.exe <6>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.122GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.122GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <16>

(HP Inc. -> HP Inc.) C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembam.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16SDXHelper.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwegamingservices.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwegamingservicesnet.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbweMusic.UI.exe

(Microsoft Windows -> Microsoft Corporation) C:UsersAdminAppDataLocalTemp9B61ED20-8646-4FBF-89F0-476B381F5712DismHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cleanmgr.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe

(Opera Software AS -> Opera Software) C:UsersAdminAppDataLocalProgramsOpera GX83.0.4254.46opera_crashreporter.exe

(Opera Software AS -> Opera Software) C:UsersAdminAppDataLocalProgramsOpera GXopera.exe <22>

(Realtek Semiconductor Corp -> ) C:WindowsrunSW.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe

(Realtek Semiconductor Corp. -> Realtek) C:WindowsSwUSB.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARAVCpl64.exe [18391120 2019-09-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)

HKLM-x32…Run: [Genshin Impact_Launcher] => [X]

HKLM-x32…Run: [DesktopPortal] => [X]

HKLM-x32…Run: [Adobe CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe [129288 2021-09-04] (Adobe Inc. -> )

HKLM…PoliciesExplorer: [HideSCAMeetNow] 1

HKLMSOFTWAREPoliciesMicrosoftWindows Defender: Restriction <==== ATTENTION

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Run: [CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe [129288 2021-09-04] (Adobe Inc. -> )

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Run: [Discord] => C:UsersAdminAppDataLocalDiscordUpdate.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Run: [EpicGamesLauncher] => D:Program FilesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33637856 2022-02-05] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Run: [Opera GX Browser Assistant] => C:UsersAdminAppDataLocalProgramsOpera GXassistantbrowser_assistant.exe [3291288 2021-02-02] (Opera Software AS -> Opera Software)

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…PoliciesExplorer: [HideSCAMeetNow] 1

HKLM…PrintMonitorsHP c111 Status Monitor: C:windowssystem32hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication98.0.4758.82Installerchrmstp.exe [2022-02-09] (Google LLC -> Google LLC)

Startup: C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMonitor Ink Alerts – HP Deskjet 1510 series.lnk [2022-01-23]

ShortcutAndArgument: Monitor Ink Alerts – HP Deskjet 1510 series.lnk -> C:windowssystem32RunDll32.exe => “C:Program FilesHPHP Deskjet 1510 seriesbinHPStatusBL.dll”,RunDLLEntry SERIALNUMBER=CN39Q1HKVS05YR;CONNECTION=USB;MONITOR=1;

Startup: C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSend to OneNote.lnk [2020-10-26]

ShortcutTarget: Send to OneNote.lnk -> C:Program Files (x86)Microsoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesMicrosoftEdge: Restriction <==== ATTENTION

HKUS-1-5-21-4274810467-1182231613-2801170039-1001SOFTWAREPoliciesMicrosoftEdge: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {00D24A3D-80B2-49AB-B7A4-F0B5F4579B22} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22880112 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {10CAFF37-D65E-4FEC-BB23-1CFB8DE6A77B} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108904 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {128266DE-3F6F-41A1-8069-F561363BAA4F} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-09-27] (Google LLC -> Google LLC)

Task: {26661325-57C9-4197-8F37-0CF0FABC74DA} – System32TasksAMDInstallLauncher => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {28802A21-A2DE-4F6C-A5A6-AC678CD1ED16} – System32TasksAMDLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {2AC6D86C-66FF-414F-95DE-ACECE66F313A} – System32TasksOpera scheduled Autoupdate 1603254037 => C:UsersAdminAppDataLocalProgramsOperalauncher.exe –scheduledautoupdate $(Arg0) (No File)

Task: {2FC63493-A746-40F0-97A4-6183BE59ED5D} – System32TasksModifyLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {354360F4-86DA-4C34-A933-D5EA083DE268} – System32TasksStartCN => C:Program FilesAMDCNextCNextcncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {597349F8-69F7-4156-8850-51FB4AD19A8A} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108904 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {599F48E8-7450-4D1B-A2B4-70C23FFB78C0} – System32TasksStartDVR => C:Program FilesAMDCNextCNextRSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {642F1A7C-6CFC-4FF7-9B50-024986562EF1} – System32TasksOpera GX scheduled Autoupdate 1632736032 => C:UsersAdminAppDataLocalProgramsOpera GXlauncher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software)

Task: {68E50249-E153-49C2-B0E9-08C46040EE7E} – System32TasksAMDRyzenMasterSDKTask => C:Program FilesAMDCNextCNextcpumetricsserver.exe [47104 2021-05-11] (Advanced Micro Devices, Inc.) [File not signed]

Task: {79925C7F-AFB4-45F3-A303-5CA84547D3C9} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {85179028-180D-48DD-BB90-134B86579700} – System32TasksOpera GX scheduled assistant Autoupdate 1632986446 => C:UsersAdminAppDataLocalProgramsOpera GXlauncher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersAdminAppDataLocalProgramsOpera GXassistant” $(Arg0)

Task: {883646EA-2363-4DFB-AC9B-2B1C78866BBC} – System32Tasksclean => C:PSBoxclean.bat (No File)

Task: {AFC14C72-85BD-43F7-8AD3-17E12EAF4A25} – System32TasksMicrosoftVisualStudioUpdatesBackgroundDownload => C:Program Files (x86)Microsoft Visual StudioInstaller.2c74656bc0ad4371904b3a39968885dfresourcesappServiceHubServicesMicrosoft.VisualStudio.Setup.ServiceBackgroundDownload.exe (No File)

Task: {BDB26D38-029D-4DBD-8D60-EA0BC634832E} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {D205B3A6-D845-42CE-B7F5-294727D5390D} – System32TasksOpera scheduled assistant Autoupdate 1603254048 => C:UsersAdminAppDataLocalProgramsOperalauncher.exe -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersAdminAppDataLocalProgramsOperaassistant” $(Arg0)

Task: {EE44D547-EA9A-4A8B-A8F0-B904889CAB8C} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22880112 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Task: {EE97A83F-CEE1-4C08-8F8A-A24E440F51EA} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-09-27] (Google LLC -> Google LLC)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:windowsTasksCreateExplorerShellUnelevatedTask.job => C:windowsexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{3e710d74-9155-4bc7-ab1e-b3805afe44b7}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{80c686b7-8521-4485-b38d-e1e7f356dc3e}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{a296c302-f7f7-449f-8774-d1ae2f9e36e3}: [DhcpNameServer] 192.168.1.1

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersAdminAppDataLocalMicrosoftEdgeUser DataDefault [2022-01-29]

Edge Extension: (Outlook) – C:UsersAdminAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbjhmmnoficofgoiacjaajpkfndojknpb [2020-10-25]

Edge Extension: (Word) – C:UsersAdminAppDataLocalMicrosoftEdgeUser DataDefaultExtensionshikhggiobiflkdfdgdajcfklmcibbopi [2020-10-25]

Edge Extension: (Excel) – C:UsersAdminAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsleffmjdabcgaflkikcefahmlgpodjkdm [2020-10-25]

Edge Extension: (PowerPoint) – C:UsersAdminAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsopfacbhaojodjaojgocnibmklknchehf [2020-10-25]

Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:Program FilesJavajre1.8.0_51bindtpluginnpDeployJava1.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:Program FilesJavajre1.8.0_51binplugin2npjp2.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:Program FilesVideoLANVLCnpvlc.dll [2020-06-05] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersAdminAppDataLocalGoogleChromeUser DataDefault [2022-02-10]

CHR Notifications: Default -> hxxps://drrr.com; hxxps://mail.google.com

CHR NewTab: Default ->  Not-active:”chrome-extension://abnhonfioiokelhdappjknfaannlncac/newtab.html”

CHR Extension: (Google Translate) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsaapbdbdomjkkjkaonfhkkikfgjllcleb [2022-02-05]

CHR Extension: (Slides) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-10-16]

CHR Extension: (Volume Manager) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsabnhonfioiokelhdappjknfaannlncac [2021-05-05]

CHR Extension: (Docs) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-10-16]

CHR Extension: (Moonlit Reflection) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsapakhamomlpjegjclmgimiapigoeoglb [2020-10-17]

CHR Extension: (Google Drive) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-16]

CHR Extension: (deepl’s translation from context menu.) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsbegokompmfdepmbdbemfahbeapcabeaa [2021-05-05]

CHR Extension: (YouTube) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-16]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]

CHR Extension: (Floating Player) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsekajjllcmeckibblgckgoceinmmgnfop [2021-01-23]

CHR Extension: (Chat Selector for YouTube Live) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionselgbmlibcejchmmfkngbdpdmejbajkll [2020-11-04]

CHR Extension: (Sheets) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-10-16]

CHR Extension: (Google Docs Offline) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]

CHR Extension: (Floating for YouTube™) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsjjphmlaoffndcnecccgemfdaaoighkel [2021-01-20]

CHR Extension: (Grammarly for Chrome) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionskbfnbcaeplbcioakkpcpgfkobkghlhen [2022-02-02]

CHR Extension: (Floating Player for Youtube™ Videos) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsmcodbccegmndmnbpbgkpdkoleoagjpgk [2021-02-23]

CHR Extension: (Chrome Web Store Payments) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (LiveJimaku) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionspggagcnknjflkejaiimenbpdoebfegkm [2021-01-30]

CHR Extension: (Gmail) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]

CHR Extension: (hyde — hide the YouTube video player controls) – C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultExtensionspmkpddhfbiojipiehnejbjkgdgdpkdpb [2021-02-22]

CHR Profile: C:UsersAdminAppDataLocalGoogleChromeUser DataGuest Profile [2022-01-29]

CHR Profile: C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1 [2022-01-29]

CHR Extension: (Slides) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-01-23]

CHR Extension: (Docs) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2021-01-23]

CHR Extension: (Google Drive) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-01-23]

CHR Extension: (YouTube) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-23]

CHR Extension: (Sheets) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-01-23]

CHR Extension: (Google Docs Offline) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-13]

CHR Extension: (Chrome Web Store Payments) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

CHR Extension: (Gmail) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]

CHR Extension: (Chrome Media Router) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-13]

CHR Profile: C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2 [2022-01-29]

CHR Extension: (Slides) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-04-12]

CHR Extension: (Docs) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsaohghmighlieiainnegkcijnfilokake [2021-04-12]

CHR Extension: (Google Drive) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-04-12]

CHR Extension: (YouTube) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-12]

CHR Extension: (Sheets) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-04-12]

CHR Extension: (Google Docs Offline) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-28]

CHR Extension: (Chrome Web Store Payments) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-12]

CHR Extension: (Google Web Homepage) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionsolikpalgcofeeedmpdlgoheiaijldhdn [2021-04-12]

CHR Extension: (Gmail) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-04-12]

CHR Extension: (Chrome Media Router) – C:UsersAdminAppDataLocalGoogleChromeUser DataProfile 2Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-28]

CHR Profile: C:UsersAdminAppDataLocalGoogleChromeUser DataSystem Profile [2022-01-29]

CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

 

Opera: 

=======

StartMenuInternet: (HKUS-1-5-21-4274810467-1182231613-2801170039-1001) Opera GXStable – “C:UsersAdminAppDataLocalProgramsOpera GXLauncher.exe”

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8906088 2021-09-13] (BattlEye Innovations e.K. -> )

S3 brlapi; C:windowsbrlttybinbrltty.exe [847886 2019-10-15] (Microsoft Windows -> )

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [784512 2021-12-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)

R2 HPPrintScanDoctorService; C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe [260256 2022-01-29] (HP Inc. -> HP Inc.)

R3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7848632 2021-12-02] (Malwarebytes Inc -> Malwarebytes)

S3 npggsvc; C:windowsSysWOW64GameMon.des [9608504 2020-09-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)

R2 RunSwUSB; C:WindowsrunSW.exe [44760 2021-07-28] (Realtek Semiconductor Corp -> )

S3 SophosVirusRemovalTool; C:UsersAdminDesktopresourcesstage_3_disinfectsophos_virus_removerSVRTservice.exe [155720 2021-03-17] (Sophos Ltd -> Sophos Limited)

S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2201.10-0NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2201.10-0MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 RealtekWlanU; C:Program Files (x86)RealtekUSB Wireless LAN UtilityRtlService.exe [X]

S2 RTLDHCPService; C:Program Files (x86)RealtekUSB Wireless LAN UtilityRTLDHCP.exe [X]

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AMDSAFD; C:windowsSystem32DriverStoreFileRepositoryamdsafd.inf_amd64_8e2568524f674315amdsafd.sys [100768 2021-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R3 amdwddmg; C:windowsSystem32DriverStoreFileRepositoryu0373652.inf_amd64_97d024528a122d1aB372726amdkmdag.sys [80538504 2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

R3 AMDXE; C:windowsSystem32driversamdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 BthHFEnum; C:windowsSystem32driversbthhfenum.sys [153088 2021-08-12] (Microsoft Corporation) [File not signed]

R1 ESProtectionDriver; C:windowssystem32driversmbae64.sys [160176 2021-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S3 ITECIRfilter; C:windowsSystem32driversITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. -> ITE Tech. Inc.)

R2 MBAMChameleon; C:windowsSystem32DriversMbamChameleon.sys [210352 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:windowsSystem32DRIVERSMbamElam.sys [19912 2021-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:windowsSystem32DRIVERSfarflt.sys [193448 2022-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMProtection; C:windowssystem32DRIVERSmbam.sys [69040 2022-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:windowsSystem32Driversmbamswissarmy.sys [248992 2021-12-02] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:windowssystem32DRIVERSmwac.sys [149424 2022-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S3 nuviocir; C:windowsSystem32driversnuviocir_x64.sys [39704 2013-07-11] (Nuvoton Technology Corporation -> Nuvoton Technology Corp.)

S3 SIVDriver; C:windowssystem32DriversSIVX64.sys [205552 2021-02-13] (RH Software Ltd -> Ray Hinchliffe)

S3 ssudmdm; C:windowssystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 UniFairy; C:windowssystem32UniFairy.sys [885224 2021-04-12] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)

R1 vgk; C:Program FilesRiot Vanguardvgk.sys [8480608 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdBoot; C:windowssystem32driverswdWdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:windowssystem32driverswdWdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:windowsSystem32driverswdWdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)

S3 AIDA64Driver; ??C:UsersAdminAppDataLocalTemp7ZipSfx.000aida64kerneld.x64 [X] <==== ATTENTION

S3 cpuz149; ??C:windowstempcpuz149cpuz149_x64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2022-02-10 11:42 – 2022-02-10 11:52 – 000000000 ____D C:FRST

2022-02-10 11:32 – 2022-02-10 11:32 – 000193448 _____ (Malwarebytes) C:windowssystem32Driversfarflt.sys

2022-02-10 11:32 – 2022-02-10 11:32 – 000149424 _____ (Malwarebytes) C:windowssystem32Driversmwac.sys

2022-02-10 11:32 – 2022-02-10 11:32 – 000069040 _____ (Malwarebytes) C:windowssystem32Driversmbam.sys

2022-02-09 22:30 – 2022-02-09 22:30 – 000001415 _____ C:UsersPublicDesktopPath of Exile.lnk

2022-02-09 22:30 – 2022-02-09 22:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGrinding Gear Games

2022-02-09 16:11 – 2022-02-09 16:11 – 000223744 _____ C:windowsSysWOW64TpmTool.exe

2022-02-09 16:11 – 2022-02-09 16:11 – 000011813 _____ C:windowssystem32DrtmAuthTxt.wim

2022-02-09 16:10 – 2022-02-09 16:10 – 000288768 _____ C:windowssystem32Windows.Management.InprocObjects.dll

2022-02-09 16:10 – 2022-02-09 16:10 – 000272384 _____ C:windowssystem32TpmTool.exe

2022-02-09 16:10 – 2022-02-09 16:10 – 000162816 _____ C:windowssystem32DataStoreCacheDumpTool.exe

2022-02-09 15:54 – 2022-02-09 15:54 – 000000000 ___HD C:$WinREAgent

2022-02-09 09:35 – 2022-02-09 09:35 – 000018673 _____ C:UsersAdminDownloadsMUSYNX.Shooting.Game.Theme-PLAZA (3).torrent

2022-02-09 09:32 – 2022-02-09 09:32 – 000018673 _____ C:UsersAdminDownloadsMUSYNX.Shooting.Game.Theme-PLAZA (2).torrent

2022-02-08 21:48 – 2022-02-08 21:48 – 000789446 _____ C:UsersAdminDownloadsdownload (6).htm

2022-02-08 21:20 – 2022-02-08 21:20 – 000210352 _____ (Malwarebytes) C:windowssystem32DriversMbamChameleon.sys

2022-02-08 11:08 – 2022-02-09 17:13 – 000000000 ____D C:UsersAdminAppDataLocalLowBitTorrent

2022-02-07 20:57 – 2022-02-07 20:57 – 000018673 _____ C:UsersAdminDownloadsMUSYNX.Shooting.Game.Theme-PLAZA (1).torrent

2022-02-07 20:51 – 2022-02-07 20:51 – 000018673 _____ C:UsersAdminDownloadsMUSYNX.Shooting.Game.Theme-PLAZA.torrent

2022-02-07 13:28 – 2022-02-07 13:28 – 000000367 _____ C:UsersAdminDesktopDAEMON X MACHINA.url

2022-02-06 21:32 – 2022-02-06 21:32 – 000046442 _____ C:UsersAdminDownloadsshang-chi-and-the-legend-of-the-ten-rings-2021-english-yify-370482.zip

2022-02-05 21:43 – 2022-02-05 21:43 – 001325978 _____ C:UsersAdminDownloadsDesigningLikertscalesbyKrosnik.pdf

2022-02-05 21:43 – 2022-02-05 21:43 – 000473899 _____ C:UsersAdminDownloadsKrosnickPresser10SurveyDesign.pdf

2022-02-05 21:43 – 2022-02-05 21:43 – 000055663 _____ C:UsersAdminDownloadsAnalyzingandInterpretingDataFromLikert-TypeScales.pdf

2022-02-05 14:01 – 2022-02-05 14:01 – 000018639 _____ C:UsersAdminDownloadsdownload (5).htm

2022-02-04 15:10 – 2022-02-04 15:10 – 012800354 _____ C:UsersAdminDownloads4_Familaran_J_Act1.pdf

2022-02-03 12:24 – 2022-02-03 12:24 – 000001237 _____ C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsVanguard.lnk

2022-02-02 23:20 – 2022-02-02 23:20 – 000001191 _____ C:UsersAdminDownloadsUPDATED january 31.docx – Shortcut.lnk

2022-02-02 20:27 – 2022-02-02 20:27 – 000000793 _____ C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsRune Factory 4 Special.lnk

2022-02-02 11:01 – 2022-02-02 11:01 – 000117195 _____ C:UsersAdminDownloadsPrinter.pdf

2022-02-01 14:16 – 2022-02-01 14:31 – 000000000 ____D C:UsersAdminAppDataRoamingRune Factory 4 Special

2022-02-01 14:16 – 2022-02-01 14:16 – 000000000 ____D C:UsersAdminAppDataRoamingmutekicorp

2022-02-01 13:43 – 2022-02-01 13:43 – 000000619 _____ C:UsersPublicDesktopRune Factory 4 Special.lnk

2022-02-01 11:52 – 2022-02-01 11:52 – 000000000 ____D C:UsersAdminAppDataLocalLowWhy so serious, Inc_

2022-02-01 11:48 – 2022-02-01 11:48 – 000000639 _____ C:UsersPublicDesktopNeedy Streamer Overload.lnk

2022-01-29 21:53 – 2022-01-29 21:53 – 000000581 _____ C:UsersPublicDesktopAudacity.lnk

2022-01-29 21:53 – 2022-01-29 21:53 – 000000581 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAudacity.lnk

2022-01-29 21:53 – 2022-01-29 21:53 – 000000000 ____D C:UsersAdminDocumentsAudacity

2022-01-29 21:50 – 2022-01-29 21:51 – 034788008 _____ (Audacity Team ) C:UsersAdminDownloadsaudacity-win-3.1.3-64bit.exe

2022-01-29 21:49 – 2022-01-29 21:49 – 004302048 _____ C:UsersAdminDownloadsBGM_01_HomeMenu-[AudioTrimmer.com].flac

2022-01-28 14:34 – 2022-01-29 22:35 – 000000000 ____D C:ProjectIgnis

2022-01-28 14:34 – 2022-01-28 14:34 – 000000704 _____ C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsProject Ignis – EDOPro.lnk

2022-01-28 14:34 – 2022-01-28 14:34 – 000000674 _____ C:UsersAdminDesktopProject Ignis – EDOPro.lnk

2022-01-28 14:17 – 2022-01-28 14:18 – 063725344 _____ C:UsersAdminDownloadsProjectIgnis-EDOPro-39.2.0-windows-installer.exe

2022-01-23 18:51 – 2022-01-23 18:51 – 000723238 _____ C:UsersAdminDownloadsdownload (2).htm

2022-01-22 18:19 – 2022-01-22 18:19 – 000056042 _____ C:UsersAdminDownloadseternals-english-2667112.zip

2022-01-22 13:35 – 2022-01-22 13:35 – 000000000 ____D C:ProgramDataPropagation

2022-01-21 21:29 – 2022-01-21 21:29 – 000730361 _____ C:UsersAdminDownloadsdownload (1).htm

2022-01-19 11:56 – 2022-01-19 11:56 – 000000000 ____D C:UsersAdminAppDataLocalLowKonami Digital Entertainment Co., Ltd_

2022-01-19 11:53 – 2022-01-19 11:53 – 000000223 _____ C:UsersAdminDesktopYu-Gi-Oh!  Master Duel.url

2022-01-19 11:12 – 2022-01-19 11:12 – 000000000 ____D C:UsersAdminAppDataLocalVASSAL

2022-01-19 11:11 – 2022-01-19 11:15 – 000000000 ____D C:UsersAdminDownloadsBuild Divide Online Challengers

2022-01-19 11:11 – 2022-01-19 11:12 – 000000000 ____D C:UsersAdminAppDataRoamingVASSAL

2022-01-19 11:11 – 2022-01-19 11:11 – 099380245 _____ C:UsersAdminDownloadsBuild Divide Online Challengers-20220119T031134Z-001.zip

2022-01-19 11:07 – 2022-01-19 11:28 – 000000000 ____D C:Program FilesVASSAL-3.6.4

2022-01-19 11:07 – 2022-01-19 11:07 – 000000886 _____ C:UsersAdminDesktopVASSAL.lnk

2022-01-19 11:07 – 2022-01-19 11:07 – 000000000 ____D C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsVASSAL

2022-01-18 18:55 – 2022-01-18 18:55 – 000030344 _____ C:UsersAdminDownloadscbefef42a7fbb5b3aab43a61c88b74a087203c19de0ac55e8993107bda3f33c8.htm

2022-01-15 21:25 – 2022-01-15 21:25 – 000000921 _____ C:UsersPublicDesktopEpic Games Launcher.lnk

2022-01-15 21:25 – 2022-01-15 21:25 – 000000921 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk

2022-01-14 14:01 – 2022-01-14 14:01 – 000000000 ____D C:UsersAdminAppDataLocalCentury

2022-01-14 12:30 – 2022-01-14 12:30 – 000464384 _____ (curl, hxxps://curl.se/) C:windowsSysWOW64curl.exe

2022-01-14 12:29 – 2022-01-14 12:29 – 000523776 _____ (curl, hxxps://curl.se/) C:windowssystem32curl.exe

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2022-02-10 11:47 – 2021-08-16 17:23 – 000000000 ____D C:UsersAdminDesktopJap lessons

2022-02-10 11:45 – 2020-10-19 20:09 – 000000000 ____D C:UsersAdminAppDataRoamingdiscord

2022-02-10 11:35 – 2020-10-17 08:27 – 000487072 _____ C:windowssystem32perfh011.dat

2022-02-10 11:35 – 2020-10-17 08:27 – 000132800 _____ C:windowssystem32perfc011.dat

2022-02-10 11:35 – 2020-08-10 17:44 – 001451306 _____ C:windowssystem32PerfStringBackup.INI

2022-02-10 11:35 – 2019-12-07 17:13 – 000000000 ____D C:windowsINF

2022-02-10 11:31 – 2020-10-22 12:58 – 000004150 _____ C:windowssystem32TasksUser_Feed_Synchronization-{893D3D5C-8A4B-4908-8150-40C5102F1DD6}

2022-02-10 11:31 – 2020-10-17 15:34 – 000000001 _____ C:windowsvgkbootstatus.dat

2022-02-10 11:31 – 2020-08-11 02:38 – 000000000 ____D C:windowssystem32Driverswd

2022-02-10 11:30 – 2020-10-17 05:55 – 000000000 ____D C:Program Files (x86)Google

2022-02-10 11:28 – 2021-10-15 21:02 – 000003078 _____ C:windowssystem32TasksAMDLinkUpdate

2022-02-10 11:28 – 2021-09-27 18:13 – 000000000 ____D C:UsersAdminAppDataLocalDiscord

2022-02-10 11:28 – 2021-05-21 00:17 – 000003108 _____ C:windowssystem32TasksAMDInstallLauncher

2022-02-10 11:28 – 2020-08-11 02:38 – 000000006 ____H C:windowsTasksSA.DAT

2022-02-10 11:28 – 2020-08-10 17:45 – 000008192 ___SH C:DumpStack.log.tmp

2022-02-10 11:28 – 2019-12-07 17:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2022-02-10 00:14 – 2020-10-21 12:19 – 000000000 ____D C:UsersAdminAppDataRoamingBitTorrent

2022-02-10 00:14 – 2020-10-17 21:05 – 000000000 ____D C:Program Files (x86)Steam

2022-02-10 00:14 – 2019-12-07 17:03 – 000524288 _____ C:windowssystem32configBBI

2022-02-09 23:21 – 2021-09-27 18:56 – 000002262 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2022-02-09 23:21 – 2021-09-27 18:56 – 000002221 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2022-02-09 22:50 – 2020-08-11 02:38 – 000000000 ____D C:windowssystem32SleepStudy

2022-02-09 22:30 – 2020-10-17 08:04 – 000000000 ____D C:ProgramDataPackage Cache

2022-02-09 22:21 – 2020-10-26 14:12 – 000000000 ____D C:UsersAdminDocumentsMy Games

2022-02-09 22:11 – 2020-11-28 10:40 – 000000000 ____D C:Games

2022-02-09 17:05 – 2021-02-22 10:01 – 000000000 ____D C:UsersAdminAppDataLocalBitTorrentHelper

2022-02-09 17:05 – 2019-12-07 17:14 – 000000000 ____D C:windowsAppReadiness

2022-02-09 17:04 – 2020-08-11 02:38 – 000482592 _____ C:windowssystem32FNTCACHE.DAT

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowsSysWOW64Dism

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowsSystemResources

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32et-EE

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32es-MX

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32Dism

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32appraiser

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowsShellExperiences

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowsPolicyDefinitions

2022-02-09 17:03 – 2019-12-07 17:14 – 000000000 ____D C:windowsbcastdvr

2022-02-09 17:03 – 2019-12-07 17:03 – 000000000 ____D C:windowsservicing

2022-02-09 16:15 – 2019-12-07 17:03 – 000000000 ____D C:windowsCbsTemp

2022-02-09 16:10 – 2020-08-10 17:42 – 002877440 _____ (Microsoft Corporation) C:windowsSysWOW64PrintConfig.dll

2022-02-09 15:53 – 2020-11-03 10:38 – 000000000 ____D C:windowssystem32MRT

2022-02-09 15:51 – 2020-11-03 10:38 – 149611728 ____C (Microsoft Corporation) C:windowssystem32MRT.exe

2022-02-09 07:39 – 2021-09-27 17:47 – 000004164 _____ C:windowssystem32TasksOpera GX scheduled Autoupdate 1632736032

2022-02-09 07:39 – 2021-09-27 17:47 – 000001453 _____ C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera GX Browser.lnk

2022-02-08 21:47 – 2021-02-04 15:57 – 000000000 ____D C:UsersAdminAppDataLocalmiHoYo

2022-02-08 20:25 – 2020-08-10 17:41 – 000000000 ____D C:UsersAdminAppDataLocalPackages

2022-02-07 15:03 – 2021-04-25 23:21 – 000000000 ____D C:UsersAdminAppDataLocalDXM

2022-02-07 01:34 – 2020-12-21 16:36 – 000000000 ____D C:UsersAdminAppDataRoamingvlc

2022-02-05 23:25 – 2019-12-07 17:14 – 000000000 ___HD C:Program FilesWindowsApps

2022-02-05 18:25 – 2020-10-25 15:34 – 000002453 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2022-02-05 13:40 – 2021-04-22 19:19 – 000000000 ____D C:UsersAdminAppDataLocalAMD_Common

2022-02-05 09:17 – 2019-12-07 17:14 – 000000000 ____D C:windowsLiveKernelReports

2022-02-03 10:07 – 2020-10-22 09:45 – 000000000 ____D C:Program Files (x86)Microsoft Office

2022-02-02 15:08 – 2020-10-17 12:16 – 000000000 ____D C:UsersAdminDesktopゲイムの時間

2022-02-02 11:08 – 2021-08-27 12:02 – 000000000 ____D C:ProgramDataHP

2022-02-01 12:58 – 2020-10-20 16:04 – 000000000 ____D C:UsersAdminAppDataRoamingGoldberg SteamEmu Saves

2022-02-01 11:52 – 2021-04-22 17:26 – 000002456 _____ C:windowssystem32Driversetchosts.rollback

2022-02-01 11:52 – 2021-01-27 22:19 – 000000000 ____D C:windowsSysWOW64directx

2022-01-31 23:20 – 2021-10-18 09:03 – 000000000 ____D C:UsersAdminAppDataRoamingaudacity

2022-01-29 14:50 – 2020-10-17 05:57 – 000000000 ___RD C:UsersAdminOneDrive

2022-01-29 14:27 – 2021-11-20 23:29 – 000000000 ____D C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsAlbion Online

2022-01-29 14:27 – 2021-03-12 11:15 – 000000000 ____D C:UsersAdminAppDataLocalCrashDumps

2022-01-29 14:27 – 2020-11-17 19:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGuild Wars 2

2022-01-29 14:22 – 2021-09-27 16:53 – 000000000 ____D C:UsersAdminDesktopresources

2022-01-29 14:18 – 2021-03-09 15:56 – 000000000 ____D C:UsersAdminDesktopSchool

2022-01-29 14:14 – 2021-10-28 11:50 – 000000000 ____D C:Program FilesHPPrintScanDoctor

2022-01-28 09:17 – 2020-10-25 15:33 – 000003480 _____ C:windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2022-01-28 09:17 – 2020-10-25 15:33 – 000003356 _____ C:windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2022-01-27 16:44 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32NDF

2022-01-27 13:11 – 2021-12-13 12:13 – 000003592 _____ C:windowssystem32TasksOneDrive Reporting Task-S-1-5-21-4274810467-1182231613-2801170039-1001

2022-01-27 13:11 – 2020-08-10 17:43 – 000003362 _____ C:windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-4274810467-1182231613-2801170039-1001

2022-01-27 13:11 – 2020-08-10 17:41 – 000002398 _____ C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2022-01-21 12:15 – 2021-09-27 18:55 – 000003420 _____ C:windowssystem32TasksGoogleUpdateTaskMachineUA

2022-01-21 12:15 – 2021-09-27 18:55 – 000003296 _____ C:windowssystem32TasksGoogleUpdateTaskMachineCore

2022-01-19 14:09 – 2020-11-01 20:08 – 000000000 ____D C:UsersAdminAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2022-01-15 21:30 – 2021-06-25 22:18 – 000000000 ____D C:UsersAdminAppDataLocalD3DSCache

2022-01-15 21:26 – 2020-11-22 18:12 – 000000000 ____D C:UsersAdminAppDataLocalEpic Games

2022-01-14 18:41 – 2021-11-18 19:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMedibang

2022-01-14 18:41 – 2021-08-27 12:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHP

2022-01-14 18:41 – 2021-01-06 18:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio 2019

2022-01-14 14:00 – 2021-09-23 21:13 – 000000000 ____D C:UsersAdminAppDataRoamingEasyAntiCheat

2022-01-14 12:45 – 2019-12-07 17:14 – 000000000 ___SD C:windowssystem32DiagSvcs

2022-01-14 12:45 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32setup

2022-01-14 12:45 – 2019-12-07 17:14 – 000000000 ____D C:windowssystem32oobe

 

==================== Files in the root of some directories ========

 

2021-11-13 09:58 – 2021-11-13 09:58 – 000000068 _____ () C:UsersAdminAppDataRoamingchangzhi_leidian.data

2021-11-13 09:58 – 2021-11-13 09:58 – 000000102 _____ () C:UsersAdminAppDataRoamingchangzhi_leidianmac.data

2021-02-25 11:01 – 2021-02-25 11:01 – 000000000 _____ () C:UsersAdminAppDataLocaloobelibMkey.log

2021-09-04 15:55 – 2021-10-01 23:30 – 000007598 _____ () C:UsersAdminAppDataLocalResmon.ResmonCfg

2021-03-29 12:11 – 2021-03-29 12:11 – 000000000 _____ () C:UsersAdminAppDataLocal{22809E07-5E36-4F9F-91CA-55118DD0BC56}

2020-10-17 06:00 – 2020-10-17 06:00 – 000000000 _____ () C:UsersAdminAppDataLocal{5D759FC8-F332-4102-B7CC-22B367E3E57B}

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022

Ran by Admin (10-02-2022 11:55:54)

Running from C:UsersAdminDesktopJap lessons

Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-10 18:40:23)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Admin (S-1-5-21-4274810467-1182231613-2801170039-1001 – Administrator – Enabled) => C:UsersAdmin

Administrator (S-1-5-21-4274810467-1182231613-2801170039-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-4274810467-1182231613-2801170039-503 – Limited – Disabled)

Guest (S-1-5-21-4274810467-1182231613-2801170039-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-4274810467-1182231613-2801170039-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Illustrator 2021 (HKLM-x32…ILST_25_4_1) (Version: 25.4.1 – Adobe Inc.)

Adobe Photoshop 2020 (HKLM-x32…PHSP_21_0_2) (Version: 21.0.2 – Adobe Systems Incorporated)

Albion Online (HKLM-x32…SandboxAlbionOnline) (Version:  – Sandbox Interactive GmbH)

AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.13.27.501 – Advanced Micro Devices, Inc.)

AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 21.5.2 – Advanced Micro Devices, Inc.)

AMD_Chipset_Drivers (HKLM-x32…{40c19864-e557-4855-95ee-075689dfcf8e}) (Version: 2.13.27.501 – Advanced Micro Devices, Inc.) Hidden

Android Studio (HKLM…Android Studio) (Version: 2020.3 – Google LLC)

Audacity 3.1.3 (HKLM…Audacity_is1) (Version: 3.1.3 – Audacity Team)

BitTorrent (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…BitTorrent) (Version: 7.10.5.46097 – BitTorrent Inc.)

DeepL (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…DeepL) (Version: 3.0.2724 – DeepL GmbH)

Discord (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Discord) (Version: 1.0.9003 – Discord Inc.)

Epic Games Launcher (HKLM-x32…{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Epic Online Services (HKLM-x32…{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 – Epic Games, Inc.)

Excel (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 – Excel)

Genshin Impact (HKLM…Genshin Impact) (Version: 2.14.4.0 – miHoYo Co.,Ltd)

Google Chrome (HKLM-x32…Google Chrome) (Version: 98.0.4758.82 – Google LLC)

Guild Wars 2 (HKLM…Guild Wars 2) (Version:  – NCsoft Corporation, Ltd.)

HP Deskjet 1510 series Basic Device Software (HKLM…{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 – Hewlett-Packard Co.)

Java 8 Update 51 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 – Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Malwarebytes version 4.4.10.144 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 – Malwarebytes)

MediBang Paint Pro 27.0 (64-bit) (HKLM…MediBang Paint Pro_is1) (Version: 27.0 – Medibang)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 98.0.1108.43 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 98.0.1108.43 – Microsoft Corporation)

Microsoft Office Professional Plus 2016 – en-us (HKLM…ProPlusRetail – en-us) (Version: 16.0.14827.20158 – Microsoft Corporation)

Microsoft OneDrive (HKU.DEFAULT…OneDriveSetup.exe) (Version: 18.151.0729.0013 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…OneDriveSetup.exe) (Version: 22.002.0103.0004 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729 (HKLM-x32…{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.29.30135 (HKLM-x32…{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.9.3365.38425 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 – Microsoft Corporation)

Needy Streamer Overload (HKLM-x32…Needy Streamer Overload_is1) (Version:  – )

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 – Microsoft Corporation) Hidden

Opera GX Stable 83.0.4254.46 (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Opera GX 83.0.4254.46) (Version: 83.0.4254.46 – Opera Software)

Outlook (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 – Outlook)

Path of Exile (HKLM-x32…{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.17.0.58904 – Grinding Gear Games) Hidden

Path of Exile (HKLM-x32…{a012fb6e-5f1f-4698-9823-171bffac98d6}) (Version: 3.17.0.58904 – Grinding Gear Games)

PowerPoint (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…319814cb56b667dff88f54e08be8f51f) (Version: 1.0 – PowerPoint)

Promontory_GPIO Driver (HKLM-x32…{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 – Realtek Semiconductor Corp.)

Realtek USB Wireless LAN Driver (HKLM-x32…InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0019 – REALTEK Semiconductor Corp.)

Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)

Rune Factory 4 Special (HKLM-x32…Rune Factory 4 Special_is1) (Version:  – )

RyzenMasterSDK (HKLM…{FE13F9D7-038D-4E21-B221-CE16700F12A9}) (Version: 1.2.3.5 – Advanced Micro Devices, Inc.) Hidden

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TLauncher (HKLM-x32…TLauncher2.8) (Version: 2.8 – TLauncher Inc.)

Unity (HKLM-x32…Unity) (Version: 2019.4.23f1 – Unity Technologies ApS)

Unity Hub 3.0.0-beta.6 (HKLM…Unity Technologies – Hub) (Version: 3.0.0-beta.6 – Unity Technologies Inc.)

Update for  (KB2504637) (HKLM-x32…{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 – Microsoft Corporation)

UXP WebView Support (HKLM-x32…UXPW_1_0_0) (Version: 1.0.0 – Adobe Inc.)

VALORANT (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc)

VASSAL 3.6.4 (HKLM…VASSAL 3.6.4) (Version: 3.6.4 – vassalengine.org)

Visual Studio Community 2019 (HKLM-x32…bc723ed9) (Version: 16.9.31112.23 – Microsoft Corporation)

VLC media player (HKLM…VLC media player) (Version: 3.0.11 – VideoLAN)

vs_communitymsi (HKLM-x32…{03119992-794E-4BD1-8811-050DD87BC41C}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

vs_communitymsires (HKLM-x32…{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 – Microsoft Corporation) Hidden

vs_devenvmsi (HKLM-x32…{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 – Microsoft Corporation) Hidden

vs_filehandler_amd64 (HKLM-x32…{6E29FB21-642A-4E68-BD8B-745E679EB9F5}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

vs_filehandler_x86 (HKLM-x32…{D12A3F67-709D-477A-B5D3-D820E4C745E3}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

vs_FileTracker_Singleton (HKLM-x32…{B64FFE5E-EDCF-49DE-B528-C5AA0D0C313B}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

vs_minshellinteropmsi (HKLM-x32…{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 – Microsoft Corporation) Hidden

vs_minshellmsi (HKLM-x32…{621CB344-D1D9-4F17-A5B5-36BBBC4F6FFA}) (Version: 16.9.31025 – Microsoft Corporation) Hidden

vs_minshellmsires (HKLM-x32…{F4E68397-CB34-42A2-A2FC-33C63EA0CE3B}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

vs_vswebprotocolselectormsi (HKLM-x32…{6C9A7596-C8E7-44B0-B5C1-15D5CB97499A}) (Version: 16.9.31004 – Microsoft Corporation) Hidden

Windows PC Health Check (HKLM…{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 – Microsoft Corporation)

WinRAR 5.91 (64-bit) (HKLM…WinRAR archiver) (Version: 5.91.0 – win.rar GmbH)

Word (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 – Word)

Zoom (HKUS-1-5-21-4274810467-1182231613-2801170039-1001…ZoomUMX) (Version: 5.8.4 (1736) – Zoom Video Communications, Inc.)

 

Packages:

=========

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-17] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-17] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-09] (Microsoft Studios) [MS Ad]

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-06] (Microsoft Corporation)

XboxInsiderHub -> C:Program FilesWindowsAppsMicrosoft.XboxInsider_1.2201.13001.0_x64__8wekyb3d8bbwe [2022-01-28] (Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020420-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020421-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020422-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020423-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020424-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{00020425-0000-0000-C000-000000000046}InprocServer32 -> C:windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{0E270DAA-1BE6-48F2-AC49-FD8E73FEA996} -> [Creative Cloud Files] => C:UsersAdminCreative Cloud Files [2021-02-25 10:40]

CustomCLSID: HKUS-1-5-21-4274810467-1182231613-2801170039-1001_ClassesCLSID{2F81B25E-7507-4844-BFF2-77D2CC24CED4}localserver32 -> “C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe” -ToastActivated => No File

ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-09-04] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-09-04] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-09-04] (Adobe Inc. -> )

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-09-04] (Adobe Inc. -> )

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-27] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:windowsSystem32atiacm64.dll [2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-09-04] (Adobe Inc. -> )

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-27] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2020-08-17 11:48 – 2020-08-17 11:48 – 000017920 _____ () [File not signed] C:Program FilesAMDCNextCNextlibEGL.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 003567616 _____ () [File not signed] C:Program FilesAMDCNextCNextlibGLESv2.dll

2021-04-15 07:01 – 2021-04-15 07:01 – 000575488 _____ (Advanced Micro Devices) [File not signed] C:Program FilesAMDCNextCNextDevice.dll

2021-04-15 07:01 – 2021-04-15 07:01 – 000048640 _____ (Advanced Micro Devices) [File not signed] C:Program FilesAMDCNextCNextPlatform.dll

2021-05-11 02:54 – 2021-05-11 02:54 – 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDWVROpenVRbinwin64driver_amdwvr.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqgif.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqicns.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqico.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000414720 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqjpeg.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqsvg.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000024576 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqtga.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwbmp.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000532992 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwebp.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 001441792 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsplatformsqwindows.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 001189888 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginssqldriversqsqlite.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000134656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsstylesqwindowsvistastyle.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 006184448 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Core.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 006867456 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Gui.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000735232 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Multimedia.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000120832 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5MultimediaQuick.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 001104896 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Network.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000325120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Positioning.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 003668480 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Qml.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000517120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlModels.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000051712 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlWorkerScript.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 004228608 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Quick.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickControls2.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 001085440 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickTemplates2.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000480256 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5RemoteObjects.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000205824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Sql.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Svg.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000127488 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebChannel.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000390656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngine.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 095598080 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngineCore.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 005587968 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Widgets.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000462848 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WinExtras.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000188928 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Xml.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 002878464 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5XmlPatterns.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000055808 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000262144 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtMultimediadeclarative_multimedia.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQmlqmlplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000284160 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControls.2qtquickcontrols2plugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000333824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControlsqtquickcontrolsplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000136704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickDialogsdialogplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000090112 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickLayoutsqquicklayoutsplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll

2020-08-17 11:48 – 2020-08-17 11:48 – 000091648 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtWebEngineqtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:UsersAdminApplication Data:374c9b336db4fa9522b72c58dcd0c3f9 [394]

AlternateDataStreams: C:UsersAdminAppDataRoaming:374c9b336db4fa9522b72c58dcd0c3f9 [394]

AlternateDataStreams: C:ProgramDataAment.ini:B13B8B5C48 [10]

AlternateDataStreams: C:ProgramDataDP45977C.lfl:677104FCAA [10]

AlternateDataStreams: C:ProgramDatamntemp:8EAD8B3507 [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart Menudesktop.ini:B1DA6C571C [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsAccess 2016.lnk:B76C4E1157 [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsAccess.lnk:A1B76439FE [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Illustrator 2021.lnk:AF199A10EB [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Photoshop 2020.lnk:1A5FAF1E4E [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsdesktop.ini:41964AA945 [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel 2016.lnk:F9B57EE960 [10]

AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel.lnk:B96E9B8455 [10]

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalSophosVirusRemovalTool => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSophosVirusRemovalTool => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-4274810467-1182231613-2801170039-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-10-21%2004:20:29&bName=

SearchScopes: HKUS-1-5-21-4274810467-1182231613-2801170039-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_51binssv.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_51binjp2ssv.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-4274810467-1182231613-2801170039-1001…localhost -> localhost

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-12-07 17:14 – 2022-02-01 11:52 – 000002528 _____ C:windowssystem32driversetchosts

109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site

109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site

109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site

109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site

109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site

109.94.209.70      fitgirl-repack.com              # Fake FitGirl site

109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site

109.94.209.70      fitgirlrepack.games             # Fake FitGirl site

109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site

109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site

109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site

109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site

109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site

109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site

109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site

109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site

109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site

109.94.209.70      fitgirl-repack.net              # Fake FitGirl site

109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site

109.94.209.70      fitgirlpack.site                # Fake FitGirl site

109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

109.94.209.70      fitgirl-repack.org              # Fake FitGirl site

109.94.209.70      www.fitgirl-repack.org          # Fake FitGirl site

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:ProgramDataOracleJavajavapath;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-4274810467-1182231613-2801170039-1001Control PanelDesktop\Wallpaper -> c:usersadmindownloads6gn73gk4tp731.png

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “Riot Vanguard”

HKLM…StartupApprovedRun32: => “SunJavaUpdateSched”

HKLM…StartupApprovedRun32: => “Adobe CCXProcess”

HKLM…StartupApprovedRun32: => “Adobe Creative Cloud”

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…StartupApprovedStartupFolder: => “Send to OneNote.lnk”

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…StartupApprovedRun: => “EpicGamesLauncher”

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…StartupApprovedRun: => “Opera GX Browser Assistant”

HKUS-1-5-21-4274810467-1182231613-2801170039-1001…StartupApprovedRun: => “CCXProcess”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{A6C1DB24-8EB9-4EBB-A6A7-7EC2CD52A327}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{BAB97131-08A9-46D2-A5DB-CA02BB7BB700}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{0661DFF6-22EA-4075-8EC3-BC46838E5573}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{52DA6C70-12A7-433D-8044-28942BFFE9A8}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [TCP Query User{A82C4D8B-0CDC-46F5-9BD7-633A88DD6E42}D:program filesepic gamesdauntlessarchonbinarieswin64dauntless-win64-shipping.exe] => (Allow) D:program filesepic gamesdauntlessarchonbinarieswin64dauntless-win64-shipping.exe => No File

FirewallRules: [UDP Query User{5C9F9E7F-E7AF-488B-A99C-3EB83C1265DB}D:program filesepic gamesdauntlessarchonbinarieswin64dauntless-win64-shipping.exe] => (Allow) D:program filesepic gamesdauntlessarchonbinarieswin64dauntless-win64-shipping.exe => No File

FirewallRules: [TCP Query User{E1578754-3398-4245-B74C-D907284A8675}C:usersadminappdatalocalprogramsopera gxopera.exe] => (Block) C:usersadminappdatalocalprogramsopera gxopera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{07F70EE1-2185-47D2-9CE8-783851C8AD11}C:usersadminappdatalocalprogramsopera gxopera.exe] => (Block) C:usersadminappdatalocalprogramsopera gxopera.exe (Opera Software AS -> Opera Software)

FirewallRules: [TCP Query User{7A5F3C0B-65AA-480F-BA8D-1D9C1E4967C7}C:usersadminappdataroamingbittorrentbittorrent.exe] => (Allow) C:usersadminappdataroamingbittorrentbittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [UDP Query User{FE2288BE-4A5E-4A96-89F4-E60E931275D5}C:usersadminappdataroamingbittorrentbittorrent.exe] => (Allow) C:usersadminappdataroamingbittorrentbittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User{0D04903D-6CD4-4236-ADE1-8618E8B80F87}C:usersadminappdatalocalprogramsopera gxopera.exe] => (Block) C:usersadminappdatalocalprogramsopera gxopera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{1EBB31B1-5763-40D6-9A9B-3BF2C273828A}C:usersadminappdatalocalprogramsopera gxopera.exe] => (Block) C:usersadminappdatalocalprogramsopera gxopera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{1D6683AF-A504-4B1C-A4D2-457B24527A29}] => (Allow) C:UsersAdminAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{640176EF-1252-4BF8-9DBA-F07A5CD13190}] => (Allow) C:UsersAdminAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{7B2EB70D-CA1A-423C-A087-E16F47401ABC}] => (Allow) C:UsersAdminAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{B9C26CF2-734E-4008-9870-0CFFDFFFA4DD}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{58752BD7-C3A7-4D7D-8D1F-EE0F3D642E03}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{E60E87B0-6749-4257-B4C1-525A15F35D70}D:genshin impactgenshin impact gamegenshinimpact.exe] => (Allow) D:genshin impactgenshin impact gamegenshinimpact.exe (miHoYo Co.,Ltd. -> )

FirewallRules: [UDP Query User{3A44C06E-0DA4-457A-BF50-AADA56E42804}D:genshin impactgenshin impact gamegenshinimpact.exe] => (Allow) D:genshin impactgenshin impact gamegenshinimpact.exe (miHoYo Co.,Ltd. -> )

FirewallRules: [TCP Query User{FDD8CBDA-B81E-4AEC-847A-7637BF7B786D}D:steamfoldersteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) D:steamfoldersteamappscommonpaladinsbinarieswin64paladins.exe => No File

FirewallRules: [UDP Query User{CE38191F-E114-40D1-AB86-97E779FAF585}D:steamfoldersteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) D:steamfoldersteamappscommonpaladinsbinarieswin64paladins.exe => No File

FirewallRules: [{591D8D0E-B119-4138-A603-95E75E4A774A}] => (Allow) C:Program FilesUnity HubUnity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [TCP Query User{145F14D7-6727-4BC8-84D5-A988CB74B93D}C:program filesunity hubunity hub.exe] => (Allow) C:program filesunity hubunity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [UDP Query User{EDF87840-2D76-4CA1-9DBA-C0458C2693E6}C:program filesunity hubunity hub.exe] => (Allow) C:program filesunity hubunity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [TCP Query User{9455D7AC-7F24-42DE-A031-0C6A3A0D771D}D:2019.4.17f1editorunity.exe] => (Allow) D:2019.4.17f1editorunity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [UDP Query User{59B41D33-AEBF-4E79-AAAA-14268437885E}D:2019.4.17f1editorunity.exe] => (Allow) D:2019.4.17f1editorunity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [TCP Query User{8DB54506-8FB7-4261-B82A-EED1B499958F}D:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe => No File

FirewallRules: [UDP Query User{95607389-33DC-4B9C-9A1D-38DD3A4D91B9}D:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe => No File

FirewallRules: [{ba58e43d-f3f5-449c-9430-6f0ce9f495d1}] => (Allow) C:Program FilesldplayerboxLdVBoxHeadless.exe => No File

FirewallRules: [TCP Query User{7491AA9F-DE78-46A5-A8DD-5B4890F87813}D:steamfoldersteamappscommonproject xandata playtestxdbinarieswin64xd-win64-shipping.exe] => (Allow) D:steamfoldersteamappscommonproject xandata playtestxdbinarieswin64xd-win64-shipping.exe => No File

FirewallRules: [UDP Query User{F68448C3-D6FD-402C-8105-ADCA8D4B57EE}D:steamfoldersteamappscommonproject xandata playtestxdbinarieswin64xd-win64-shipping.exe] => (Allow) D:steamfoldersteamappscommonproject xandata playtestxdbinarieswin64xd-win64-shipping.exe => No File

FirewallRules: [TCP Query User{2C6ADFFB-A407-4055-88FD-6B2FAB508C9E}C:usersadminappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersadminappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [UDP Query User{C8943B24-FB57-41AD-8C8A-F2E3A7B30C8D}C:usersadminappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersadminappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [TCP Query User{0CF9572E-4025-405A-86CE-23E95028709E}C:usersadminappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe] => (Block) C:usersadminappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe

FirewallRules: [UDP Query User{0C81CB0A-EA20-487C-B873-E3D63E70D01C}C:usersadminappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe] => (Block) C:usersadminappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe

FirewallRules: [TCP Query User{73E12197-2ADF-4512-B844-BE6186BCE61B}D:gamescockatriceservatrice.exe] => (Block) D:gamescockatriceservatrice.exe () [File not signed]

FirewallRules: [UDP Query User{B11BE1FE-EF5A-4231-8F4F-2CBB20CC06A8}D:gamescockatriceservatrice.exe] => (Block) D:gamescockatriceservatrice.exe () [File not signed]

FirewallRules: [TCP Query User{6E9EF2CB-E4F2-46E8-89D5-A64FD57C8FB9}D:riot gamesriot clientriotclientservices.exe] => (Allow) D:riot gamesriot clientriotclientservices.exe => No File

FirewallRules: [UDP Query User{02F65480-BB1A-4F30-8711-9CA6ACB1C73C}D:riot gamesriot clientriotclientservices.exe] => (Allow) D:riot gamesriot clientriotclientservices.exe => No File

FirewallRules: [{FCB7500E-D9DE-416A-A3FC-9D4029C7E7A3}] => (Allow) D:SteamFoldersteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [{AB5B2A5A-6817-4E80-B741-D21689CBCB0A}] => (Allow) D:SteamFoldersteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [{4CB792AD-0254-49B8-B0DF-85A1E1315EE1}] => (Allow) D:SteamFoldersteamappscommonCrab GameCrab Game.exe () [File not signed]

FirewallRules: [{706254A7-3154-4F62-BEB1-63F3E229574B}] => (Allow) D:SteamFoldersteamappscommonCrab GameCrab Game.exe () [File not signed]

FirewallRules: [{1289F87E-04FE-469F-9FFA-D3545DEEC841}] => (Allow) C:Program Files (x86)SteamsteamappscommonShadowverseShadowverse.exe () [File not signed]

FirewallRules: [{C6A87710-A949-467D-B085-15404A06FE5B}] => (Allow) C:Program Files (x86)SteamsteamappscommonShadowverseShadowverse.exe () [File not signed]

FirewallRules: [TCP Query User{5BEF6A8E-D569-47ED-8501-236F05E54810}D:gamesvalorantriot gamesriot clientriotclientservices.exe] => (Allow) D:gamesvalorantriot gamesriot clientriotclientservices.exe => No File

FirewallRules: [UDP Query User{400D42D4-0A81-4570-99DC-01549349B296}D:gamesvalorantriot gamesriot clientriotclientservices.exe] => (Allow) D:gamesvalorantriot gamesriot clientriotclientservices.exe => No File

FirewallRules: [{DC067316-D5DF-4D75-860C-671E8C6464E9}] => (Allow) D:SteamFoldersteamappscommonConqueror’s Blade Frontiergamex64Shipclientproven_ground_client.exe => No File

FirewallRules: [{038FA356-0B59-404F-B760-5A6DA1F01804}] => (Allow) D:SteamFoldersteamappscommonConqueror’s Blade Frontiergamex64Shipclientproven_ground_client.exe => No File

FirewallRules: [TCP Query User{82DEAB83-5866-4E58-8C0E-1DDA6EC5D01B}D:steamfoldersteamappscommonconqueror’s blade frontiergamex64shipclientccccmini.exe] => (Allow) D:steamfoldersteamappscommonconqueror’s blade frontiergamex64shipclientccccmini.exe => No File

FirewallRules: [UDP Query User{0582F27C-2221-486F-A321-742B968402C5}D:steamfoldersteamappscommonconqueror’s blade frontiergamex64shipclientccccmini.exe] => (Allow) D:steamfoldersteamappscommonconqueror’s blade frontiergamex64shipclientccccmini.exe => No File

FirewallRules: [{8031D432-8003-4A8A-BACA-665FAEB7AAE6}] => (Allow) D:SteamFoldersteamappscommontModLoadertModLoader.exe (Re-Logic) [File not signed]

FirewallRules: [{AC2D041B-62EA-4367-800A-404B4D18D4E6}] => (Allow) D:SteamFoldersteamappscommontModLoadertModLoader.exe (Re-Logic) [File not signed]

FirewallRules: [{6BE208A1-A462-40D2-B4C3-653FC0381FDE}] => (Allow) D:SteamFoldersteamappscommonUNBEATABLE [white label]UNBEATABLE [white label].exe () [File not signed]

FirewallRules: [{AFACEA4C-6E4B-4602-9623-AC0D0EC507F0}] => (Allow) D:SteamFoldersteamappscommonUNBEATABLE [white label]UNBEATABLE [white label].exe () [File not signed]

FirewallRules: [TCP Query User{880A6F91-7EE3-4E21-83C7-71836A871260}D:gamesvalorantriot gamesriot clientriotclientservices.exe] => (Allow) D:gamesvalorantriot gamesriot clientriotclientservices.exe => No File

FirewallRules: [UDP Query User{BE1F1B8F-4826-4A8A-8C39-A241D42BABF7}D:gamesvalorantriot gamesriot clientriotclientservices.exe] => (Allow) D:gamesvalorantriot gamesriot clientriotclientservices.exe => No File

FirewallRules: [{4D6C2D90-8F35-4F21-A862-C5AE2F4EFC2C}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{BE06FB12-D69E-4A7F-94E8-97E132774C54}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{7DC76235-1608-4DAE-89F0-D67BB8915FB8}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{1BFF334C-5116-45C4-B7B4-96600A44E6FF}] => (Allow) D:SteamFoldersteamappscommonYu-Gi-Oh!  Master Duelmasterduel.exe () [File not signed]

FirewallRules: [{696AC129-B444-4409-8AAD-80915943FED7}] => (Allow) D:SteamFoldersteamappscommonYu-Gi-Oh!  Master Duelmasterduel.exe () [File not signed]

FirewallRules: [TCP Query User{C75B1C8B-34EC-4A25-B696-03F3F3FE1EFC}C:usersadminappdataroamingbittorrentbittorrent.exe] => (Block) C:usersadminappdataroamingbittorrentbittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [UDP Query User{D9FCE454-A60C-4326-A9D9-A6B7768EE65E}C:usersadminappdataroamingbittorrentbittorrent.exe] => (Block) C:usersadminappdataroamingbittorrentbittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User{E23007E9-850E-4F76-9A52-0EF4DE254755}C:projectignisedopro.exe] => (Allow) C:projectignisedopro.exe (Project Ignis) [File not signed]

FirewallRules: [UDP Query User{E3173272-8CE6-44DA-8006-D5E47DA2A5E4}C:projectignisedopro.exe] => (Allow) C:projectignisedopro.exe (Project Ignis) [File not signed]

FirewallRules: [TCP Query User{4071C6AC-6815-4672-A1D0-4B4A97FF889D}D:program filesepic gameslauncherenginebinarieswin64epicwebhelper.exe] => (Allow) D:program filesepic gameslauncherenginebinarieswin64epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{C8C13AAC-7A52-4BFE-92F6-209507734AD1}D:program filesepic gameslauncherenginebinarieswin64epicwebhelper.exe] => (Allow) D:program filesepic gameslauncherenginebinarieswin64epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{F2B783D5-F557-4465-9105-D2A655DE545C}D:gamesneedy streamer overloadwindose.exe] => (Block) D:gamesneedy streamer overloadwindose.exe => No File

FirewallRules: [UDP Query User{E2DEA97A-C1A9-494B-9072-060A283DAED5}D:gamesneedy streamer overloadwindose.exe] => (Block) D:gamesneedy streamer overloadwindose.exe => No File

FirewallRules: [{B8414915-4A14-46E5-BC91-8E26C9022820}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication98.0.1108.43msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{09AF72A2-F779-417A-8EE3-940598D8D04E}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

09-02-2022 15:50:43 Windows Modules Installer

09-02-2022 15:53:48 Windows Modules Installer

09-02-2022 15:56:51 Windows Modules Installer

 

==================== Faulty Device Manager Devices ============

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: Standard PS/2 Keyboard

Description: Standard PS/2 Keyboard

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (02/10/2022 11:34:01 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamtray.exe, version: 4.0.0.1162, time stamp: 0x61783b28

Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce

Exception code: 0xc0000005

Fault offset: 0x0000000000219dc5

Faulting process id: 0x23f0

Faulting application start time: 0x01d81e2edaac8579

Faulting application path: C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

Faulting module path: C:Program FilesMalwarebytesAnti-MalwareQt5Core.dll

Report Id: 709534e8-595f-4289-84ad-0dd1f6fb4be7

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (02/10/2022 11:30:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (02/10/2022 11:29:18 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (02/10/2022 11:28:37 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Thu, 10 Feb 2022 03:29:53 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: f8999e08-5695-481e-970a-e1b6ddacb138

 

Method: GET(1234ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (02/09/2022 05:06:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (02/09/2022 05:05:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (02/09/2022 05:04:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Wed, 09 Feb 2022 09:05:59 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: e3c3bc95-b7b3-40ad-951a-2538ab70262a

 

Method: GET(625ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (02/09/2022 03:00:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

 

 

System errors:

=============

Error: (02/10/2022 11:28:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The RealtekWlanU service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (02/09/2022 05:04:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The RealtekWlanU service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (02/09/2022 05:02:39 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (02/09/2022 05:02:39 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (02/09/2022 05:02:39 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (02/09/2022 05:02:39 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (02/09/2022 05:02:39 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (02/09/2022 05:02:38 PM) (Source: DCOM) (EventID: 10010) (User: ALFINA)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

 

Windows Defender:

================

Date: 2022-02-05 23:25:21

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2022-02-02 19:01:47

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2022-02-02 10:10:56

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2022-01-28 19:08:15

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2022-01-27 20:05:20

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan



CodeIntegrity:

===============

Date: 2022-02-10 11:32:47

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume2UsersAdminAppDataLocalProgramsOpera GXopera.exe) attempted to load DeviceHarddiskVolume2Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2022-02-10 11:30:26

Description: 

Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesMalwarebytesAnti-MalwareMBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 5.14 01/17/2020

Motherboard: BIOSTAR Group A320MH

Processor: AMD Ryzen 3 3200G with Radeon Vega Graphics 

Percentage of memory in use: 87%

Total physical RAM: 6092.9 MB

Available physical RAM: 738.89 MB

Total Virtual: 11844.73 MB

Available Virtual: 3597.82 MB

 

==================== Drives ================================

 

Drive c: (Win 10 Home x64) (Fixed) (Total:100 GB) (Free:5.04 GB) NTFS

Drive d: () (Fixed) (Total:123.37 GB) (Free:23.13 GB) NTFS

 

\?Volume{0ce07c69-fe9e-463b-971d-41641461410b} (ESP_EFI) (Fixed) (Total:0.19 GB) (Free:0.17 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 223.6 GB) (Disk ID: 9C774745)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 


https://www.bleepingcomputer.com/forums/t/768387/concerned-about-some-performance-on-my-computer/

Erlando F Rasatro

Next Post

Gadgets have stopped working together, and it’s becoming an issue | Smartphones

Mon Apr 4 , 2022
In 2001, if you listened to digital music, you did it with a large folder of MP3 files. How you acquired them is probably best left between you and a priest, but you may have ripped them from a CD, downloaded them from a file sharing service, or bought them […]