Gaming FPS Drops, Malware related?

Hi there,

 

see copy and paste below.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02

Ran by Daany (administrator) on DESKTOP-IL226UG (Micro-Star International Co., Ltd. MS-7B33) (23-09-2021 23:13:40)

Running from C:UsersDaanyDesktop

Loaded Profiles: Daany

Platform: Windows 10 Home Version 20H2 19042.1237 (X64) Language: English (United Kingdom)

Default browser: FF

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() [File not signed] C:UsersDaanyDocumentsDS4WindowsDS4Windows.exe

() [File not signed] D:Riot GamesRiot ClientRiotClientCrashHandler.exe

() [File not signed] E:RuneLiteRuneLite.exe

(Apple Inc. -> Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDTShellHlp.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.CpuIdRemote64.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.DisplayAdapter.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCueLLAccessService.exe

(Discord Inc. -> Discord Inc.) C:UsersDaanyAppDataLocalDiscordapp-1.0.9003Discord.exe <6>

(Electronic Arts, Inc. -> Electronic Arts) C:Program Files (x86)OriginOriginWebHelperService.exe

(Even Balance, Inc. -> ) C:WindowsSystem32PnkBstrA.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_ffc75848a6342fdfjhi_service.exe

(Intel® System Usage Report -> ) C:Program FilesIntelSURQUEENCREEKSurSvc.exe

(Intel® System Usage Report -> ) C:Program FilesIntelSURQUEENCREEKx64esrv.exe

(Intel® System Usage Report -> ) C:Program FilesIntelSURQUEENCREEKx64esrv_svc.exe

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.8.23.0Lenovo.Vantage.AddinHost.Amd64.exe

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.8.23.0Lenovo.Vantage.AddinHost.exe <2>

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.8.23.0LenovoVantageService.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHostLenovo.Modern.ImController.PluginHost.SettingsApp.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerServiceLenovo.Modern.ImController.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbweHxOutlook.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbweHxTsr.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32GameBarPresenceWriter.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Taskmgr.exe

(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:WindowsSystem32CorsairGamingAudioCfgService64.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCopyAccelerator.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9413e5ce3f1b6ec6Display.NvContainerNVDisplay.Container.exe <2>

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_01042bb7f11c17c4RtkAudUService64.exe <2>

(Riot Games, Inc. -> ) D:League of LegendsLeagueCrashHandler.exe

(Riot Games, Inc. -> Riot Games, Inc.) D:League of LegendsLeagueClient.exe

(Riot Games, Inc. -> Riot Games, Inc.) D:League of LegendsLeagueClientUx.exe

(Riot Games, Inc. -> Riot Games, Inc.) D:League of LegendsLeagueClientUxRender.exe <5>

(Riot Games, Inc. -> Riot Games, Inc.) D:Riot GamesRiot ClientRiotClientServices.exe

(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe

(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe

(Valve -> Valve Corporation) D:Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve -> Valve Corporation) D:Steamsteam.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_01042bb7f11c17c4RtkAudUService64.exe [1256824 2021-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32…Run: [amd_dc_opt] => C:Program Files (x86)AMDDual-Core Optimizeramd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]

HKLM-x32…Run: [CORSAIR iCUE Software] => C:Program Files (x86)CorsairCORSAIR iCUE SoftwareiCUE Launcher.exe [410152 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32…Run: [Discord] => C:ProgramDataSquirrelMachineInstallsDiscord.exe [70858912 2021-09-04] (Discord Inc. -> Discord Inc.)

HKUS-1-5-21-3939722523-3027127093-560741939-1003…Run: [DAEMON Tools Lite Automount] => C:Program FilesDAEMON Tools LiteDTAgent.exe [735336 2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

HKUS-1-5-21-3939722523-3027127093-560741939-1003…Run: [Steam] => D:Steamsteam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)

HKUS-1-5-21-3939722523-3027127093-560741939-1003…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)

HKUS-1-5-21-3939722523-3027127093-560741939-1003…Run: [Discord] => C:UsersDaanyAppDataLocalDiscordUpdate.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.82Installerchrmstp.exe [2021-09-15] (Google LLC -> Google LLC)

Startup: C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDS4Windows.lnk [2019-03-14]

ShortcutTarget: DS4Windows.lnk -> C:UsersDaanyDocumentsDS4WindowsDS4Windows.exe () [File not signed]

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {008CFCF8-1C0C-4BED-800B-E215603E39A4} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel® System Usage Report -> Intel Corporation)

Task: {00BD62FB-5C49-49C4-9BB8-32A6B90C5AFD} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {0C276A80-029D-450F-8027-09F0E9E022DC} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {0C4F8CED-0F25-42D6-BCD4-CB89C7CD7806} – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc.exe

Task: {16253E86-B39F-4187-83CC-3E640543621F} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {1658658F-AFA7-4BD2-A0D1-3643DFA1CE97} – System32TasksMicrosoftOfficeOffice Subscription Maintenance => C:Program Files (x86)Microsoft OfficerootvfsProgramFilesCommonx86Microsoft SharedOffice16OLicenseHeartbeat.exe [1155480 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {177A567D-E7AD-4612-A3A7-4C3334CA19A1} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {1EC44631-729E-435B-97EF-6B1D71386035} – System32TasksUSER_ESRV_SVC_QUEENCREEK => “C:WINDOWSSystem32Wscript.exe” //B //NoLogo “C:Program FilesIntelSURQUEENCREEKx64task.vbs”

Task: {257AAED2-485D-46BD-A0FE-3B4A9EB9BC26} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {33B42144-F31C-4B9F-B4E8-A6DB4328F213} – System32TasksCCleanerSkipUAC – Daany => C:Program FilesCCleanerCCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {36C213DD-8B6D-4FB7-A2C3-203B795202FF} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {396622F2-AE08-46EC-A547-038675BE2563} – System32TasksMozillaFirefox Background Update 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe –MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozillaupdates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask backgroundupdate

Task: {3FD3E7DA-B42D-4650-AA3D-F186E8C0D74F} – System32TasksLenovoImControllerLenovo iM Controller Monitor => C:WINDOWSsystem32ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {40C44667-84AF-44A6-A2D3-95EDA54F26B6} – System32TasksLenovoBatteryGaugeBatteryGaugeMaintenance => C:ProgramDataLenovoImControllerPluginsLenovoBatteryGaugePackagex64BGHelper.exe [144456 2021-07-15] (Lenovo -> Lenovo Group Ltd.)

Task: {41028168-2E79-4C8A-9655-D602CEC57D10} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {4A0D1FCF-C7E1-4D57-ABA9-918936C11629} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [5439384 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {4BE3AA9C-79FC-45D6-B4A1-1C3624509E77} – System32TasksIntel PTT EK Recertification => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_75ffca5eec865b4blibIntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)

Task: {672C8F1B-FBC2-4F33-BD2D-E19683DC3792} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {679390B2-0159-4741-AB0E-488F924FF3D1} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-01-16] (Google Inc -> Google Inc.)

Task: {72F34FA6-8FA2-473A-B4B4-DB545D0BFC96} – System32TasksMicrosoftOfficeOffice Serviceability Manager => C:Program FilesCommon FilesMicrosoft SharedClickToRunofficesvcmgr.exe [4102784 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {735AAC4D-6005-4B4A-AF74-272ED9F630A2} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [113536 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {7A54E993-8A1E-4499-9E28-D0F6AAF94973} – System32TasksLenovoVantageScheduleDailyTelemetryTransmission => C:Program Files (x86)LenovoVantageService3.8.23.0ScheduleEventAction.exe [26664 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

Task: {802A3499-89CF-4727-8B5B-E77EAFD97559} – System32TasksLenovoImControllerLenovo iM Controller Scheduled Maintenance => “%windir%system32sc.exe” START ImControllerService

Task: {81A9402B-7C1C-41F3-BD12-B69AB4C43342} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {827E83FC-FC2A-4967-A128-319E23F6BFC4} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {86E3106E-47C7-4BE3-974C-724078624690} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)

Task: {8975AEF2-42E3-44F5-B617-8D5C848389A9} – System32TasksLenovoVantageLenovo.Vantage.ServiceMaintainance => %systemroot%system32sc.exe start LenovoVantageService

Task: {8BAB4294-C8BE-4E00-B180-A0FA3411976D} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-01-16] (Google Inc -> Google Inc.)

Task: {8BDE127F-C83B-4D75-A12C-FF4878F19C9F} – System32TasksMicrosoftWindowsremplshell => C:Program Filesremplsedlauncher.exe

Task: {8F65039B-61A2-4305-98DA-D83C98E2E172} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {91A4E7B7-258E-4A08-A9D6-40810C643A57} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {9597B551-4206-44A6-BA7F-DD5F0961CA99} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [113536 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {9D0039D7-2D96-43D5-AB2D-C57285AB7A46} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {A4137245-826E-428D-B9F2-F2E184513F9F} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel® System Usage Report -> Intel Corporation)

Task: {AFB24386-A4BD-42A0-918F-ED4DF20BCDD6} – System32TasksLenovoVantageScheduleVantageTelemetryAddinTask => C:Program Files (x86)LenovoVantageService3.6.15.0ScheduleEventAction.exe

Task: {C9769C7C-04D5-4E7D-B4AD-68EB0DB610DD} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {D30BCF9F-8AB0-4FBF-9538-67A3D3F9AF4E} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {D74FF879-CC1F-45C4-9036-73DC6C869EFA} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {DCB87EF4-E040-410C-9CF3-DFB6DBFF9C42} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [680888 2021-09-09] (Mozilla Corporation -> Mozilla Foundation)

Task: {EA1B4AB8-4947-4A02-BF4E-0A176EF380C6} – System32TasksMSIAfterburner => D:MSI AfterburnerMSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

Task: {EA5032A0-8F08-4759-A1EE-AB7C805CD687} – System32TasksOverwolf Updater Task => C:Program Files (x86)OverwolfOverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)

Task: {F05A3A05-24A0-4AD2-97B0-5644717EA984} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [5439384 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip..Interfaces{885523c3-50c3-4369-ae91-30ff7d0be5d5}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip..Interfaces{d6a0615a-c7b6-46a3-9fbf-dd431ecf93e1}: [DhcpNameServer] 194.168.4.100 194.168.8.100

 

Edge: 

=======

Edge Profile: C:UsersDaanyAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-23]

 

FireFox:

========

FF DefaultProfile: 15s7xrc1.default

FF DefaultProfile: 6w3vo7kf.default

FF ProfilePath: C:UsersDaanyAppDataRoamingZoteroZoteroProfiles15s7xrc1.default [2021-05-30]

FF ProfilePath: C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.default [2021-09-23]

FF DownloadDir: E:Firefox Downloads

FF Homepage: MozillaFirefoxProfiles6w3vo7kf.default -> hxxps://www.youtube.com/

FF NewTab: MozillaFirefoxProfiles6w3vo7kf.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__180929

FF Session Restore: MozillaFirefoxProfiles6w3vo7kf.default -> is enabled.

FF Extension: (Grammarly for Firefox) – C:UsersDaanyAppDataRoamingMozillaFirefoxPro[email protected]jetpack.xpi [2021-09-07]

FF Extension: (Tampermonkey) – C:UsersDaanyAppDat[email protected]tampermonkey.net.xpi [2021-04-30]

FF Extension: (Honey) – C:UsersDaanyAppDataRoamingMozi[email protected]jetpack.xpi [2021-06-24]

FF Extension: (AdBlock) – C:UsersDaanyAppDataRoamingMozi[email protected]jetpack.xpi [2020-02-06]

FF Extension: (Zotero Connector) – C:UsersDaanyAppDa[email protected]chnm.gmu.edu.xpi [2021-08-19] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]

FF Extension: (Dark Mode) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2021-07-06]

FF Extension: (Dark theme for Firefox) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{1afaee19-8dde-4b0e-8c84-f46ca0f02f06}.xpi [2020-12-16]

FF Extension: (fractal frost) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{880e832d-62b7-405b-8bb2-3b22e9a10016}.xpi [2021-07-13]

FF Extension: (Adblock Plus – free ad blocker) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]

FF Extension: (Adjust Screen Brightness) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{d1b377eb-1b72-4aaa-a724-ba69bbac9a34}.xpi [2020-12-27]

FF Extension: (Greasemonkey) – C:UsersDaanyAppDataRoamingMozillaFirefoxProfiles6w3vo7kf.defaultExtensions{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]

FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:Program FilesJavajre1.8.0_301bindtpluginnpDeployJava1.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:Program FilesJavajre1.8.0_301binplugin2npjp2.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:Program Files (x86)Battlelog Web PluginsSonar.70.4npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:Program Files (x86)Battlelog Web Plugins2.3.0npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersDaanyAppDataLocalGoogleChromeUser DataDefault [2021-09-23]

CHR DefaultSearchURL: Default -> hxxps://www.ctcodeinfo.com/search?q={searchTerms}

CHR DefaultSearchKeyword: Default -> Custom

CHR Extension: (Slides) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]

CHR Extension: (Docs) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2019-01-16]

CHR Extension: (Google Drive) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-11-02]

CHR Extension: (YouTube) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]

CHR Extension: (Sheets) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-01-16]

CHR Extension: (Google Docs Offline) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-04]

CHR Extension: (Custom) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionshemlmgggokggmncimchkllhcjcaimcle [2021-09-04]

CHR Extension: (Chrome Web Store Payments) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-23]

CHR Extension: (Gmail) – C:UsersDaanyAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [6076936 2018-09-28] (BattlEye Innovations e.K. -> )

S3 chromoting; C:Program Files (x86)GoogleChrome Remote Desktop94.0.4606.27remoting_host.exe [72536 2021-08-30] (Google LLC -> Google LLC)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)

R2 CorsairGamingAudioConfig; C:WINDOWSsystem32CorsairGamingAudioCfgService64.exe [602008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAService; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCueLLAccessService.exe [403496 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R2 CorsairService; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsair.Service.exe [55848 2020-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe [4132456 2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818304 2021-05-22] (EasyAntiCheat Oy -> Epic Games, Inc)

R2 ImControllerService; C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

R2 LenovoVantageService; C:Program Files (x86)LenovoVantageService3.8.23.0LenovoVantageService.exe [31248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7785656 2021-09-22] (Malwarebytes Inc -> Malwarebytes)

S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2557144 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3475680 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts)

S3 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)

R2 PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [76152 2020-08-03] (Even Balance, Inc. -> )

S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [1629312 2020-10-04] (Rockstar Games, Inc. -> Rockstar Games)

R2 ss_conn_service; C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)

S3 VSStandardCollectorService150; C:Program Files (x86)Microsoft Visual StudioSharedCommonDiagnosticsHub.Collection.ServiceStandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe [2772856 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe [136640 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9413e5ce3f1b6ec6Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9413e5ce3f1b6ec6Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 BthHFEnum; C:WINDOWSSystem32driversbthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]

R3 CorsairGamingAudioService; C:WINDOWSsystem32DRIVERSCorsairGamingAudio64.sys [60312 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:Program Files (x86)CorsairCORSAIR iCUE SoftwareCorsairLLAccess64.sys [21752 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 cpuz149; C:WINDOWStempcpuz149cpuz149_x64.sys [44320 2021-09-23] (CPUID S.A.R.L.U. -> CPUID)

R3 dtlitescsibus; C:WINDOWSSystem32driversdtlitescsibus.sys [42256 2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

R3 dtliteusbbus; C:WINDOWSSystem32driversdtliteusbbus.sys [59360 2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S3 Hamachi; C:WINDOWSsystem32DRIVERSHamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)

R1 HWiNFO_160; C:WINDOWSsystem32driversHWiNFO64A_160.SYS [64536 2021-05-23] (Martin Malik – REALiX -> REALiX™)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210344 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-09-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-09-23] (Malwarebytes Inc -> Malwarebytes)

R3 MpKsl669c305c; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{061F2691-BAB9-452D-A58B-A058EC69B3F6}MpKslDrv.sys [130296 2021-09-23] (Microsoft Windows -> Microsoft Corporation)

R3 ScpVBus; C:WINDOWSSystem32driversScpVBus.sys [39168 2018-09-29] (Bruce James -> Scarlet.Crush Productions)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [48536 2021-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [433384 2021-09-16] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86264 2021-09-16] (Microsoft Windows -> Microsoft Corporation)

S3 xhunter1; C:WINDOWSxhunter1.sys [2742720 2021-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

S3 dgderdrv; System32driversdgderdrv.sys [X]

S1 SMR540; SystemRootSystem32driversSMR540.SYS [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-23 22:26 – 2021-09-23 22:26 – 017301504 ____N C:WINDOWSsystem32configSYSTEM

2021-09-23 22:02 – 2021-09-23 22:25 – 000455046 _____ C:WINDOWSntbtlog.txt

2021-09-23 22:02 – 2021-09-23 22:25 – 000210344 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-09-23 22:02 – 2021-09-23 22:25 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job

2021-09-23 22:01 – 2021-09-23 22:01 – 000001426 _____ C:WINDOWSsystem32default_error_stack-000006-000000.txt

2021-09-23 02:49 – 2021-09-23 02:49 – 002295296 _____ (Digimarc) C:WINDOWSsystem32DMRCDecoder.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 002111488 _____ (Digimarc) C:WINDOWSSysWOW64DMRCDecoder.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 001823304 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-09-23 02:49 – 2021-09-23 02:49 – 001393480 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-09-23 02:49 – 2021-09-23 02:49 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 001328376 _____ C:WINDOWSsystem32FaceTrackerInternal.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 001324032 _____ C:WINDOWSsystem32FaceProcessor.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 001313608 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2021-09-23 02:49 – 2021-09-23 02:49 – 001164288 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-09-23 02:49 – 2021-09-23 02:49 – 000672768 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 000570368 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl

2021-09-23 02:49 – 2021-09-23 02:49 – 000512864 _____ C:WINDOWSsystem32FaceProcessorCore.dll

2021-09-23 02:49 – 2021-09-23 02:49 – 000452096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl

2021-09-23 02:49 – 2021-09-23 02:49 – 000426496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv

2021-09-23 02:49 – 2021-09-23 02:49 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-09-23 02:49 – 2021-09-23 02:49 – 000147456 _____ (Microsoft Corporation) C:WINDOWSsystem32wshom.ocx

2021-09-23 02:49 – 2021-09-23 02:49 – 000122880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wshom.ocx

2021-09-23 02:49 – 2021-09-23 02:49 – 000098816 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-09-23 02:49 – 2021-09-23 02:49 – 000011355 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-09-23 02:48 – 2021-09-23 02:48 – 000566784 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv

2021-09-23 02:48 – 2021-09-23 02:48 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-09-23 02:48 – 2021-09-23 02:48 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-09-23 02:42 – 2021-09-23 02:42 – 000000000 ___HD C:$WinREAgent

2021-09-23 02:33 – 2021-09-23 22:26 – 000000641 ____C C:UsersDaanyDesktopFixlog.txt

2021-09-23 02:28 – 2021-09-23 02:24 – 002304512 ____C (Farbar) C:UsersDaanyDesktopFRST64.exe

2021-09-22 16:08 – 2021-09-23 23:14 – 000032664 ____C C:UsersDaanyDesktopFRST.txt

2021-09-22 16:08 – 2021-09-23 02:31 – 000064286 ____C C:UsersDaanyDesktopAddition.txt

2021-09-22 16:05 – 2021-09-23 23:14 – 000000000 ____D C:FRST

2021-09-22 02:15 – 2021-09-22 02:15 – 000000000 ___HD C:$SysReset

2021-09-22 00:34 – 2021-09-22 00:36 – 000154386 ____C C:UsersDaanyDesktopRkill.txt

2021-09-22 00:21 – 2021-09-22 00:23 – 000020164 _____ C:TDSSKiller.3.1.0.28_22.09.2021_00.21.17_log.txt

2021-09-17 19:24 – 2021-09-17 19:24 – 000000000 ___DC C:UsersDaanyAppDataRoamingNVIDIA

2021-09-17 17:43 – 2021-09-17 17:43 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000004106 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-17 17:43 – 2021-09-17 17:43 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-09-17 17:43 – 2021-06-09 15:17 – 002838384 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvspcap64.dll

2021-09-17 17:43 – 2021-06-09 15:17 – 002186608 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvspcap.dll

2021-09-17 17:43 – 2021-06-09 15:17 – 001293680 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvRtmpStreamer64.dll

2021-09-17 17:43 – 2021-06-04 13:22 – 000168304 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvaudcap64v.dll

2021-09-17 17:43 – 2021-06-04 13:22 – 000144240 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvaudcap32v.dll

2021-09-17 17:43 – 2021-06-03 14:56 – 000043408 _____ (NVIDIA Corporation) C:WINDOWSsystem32DriversNvModuleTracker.sys

2021-09-17 17:43 – 2021-06-02 14:17 – 000069856 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvad64v.sys

2021-09-17 17:43 – 2021-05-04 08:49 – 000001951 _____ C:WINDOWSNvContainerRecovery.bat

2021-09-17 17:31 – 2021-09-17 17:31 – 000000000 ____D C:WINDOWSsystem32lxss

2021-09-17 17:31 – 2021-09-17 17:31 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-09-17 17:27 – 2021-08-28 13:25 – 001858664 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-09-17 17:27 – 2021-08-28 13:25 – 001858664 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-09-17 17:27 – 2021-08-28 13:25 – 001474704 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-09-17 17:27 – 2021-08-28 13:25 – 001438848 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-09-17 17:27 – 2021-08-28 13:25 – 001438848 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-09-17 17:27 – 2021-08-28 13:25 – 001212536 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-09-17 17:27 – 2021-08-28 13:25 – 001097856 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-09-17 17:27 – 2021-08-28 13:25 – 001097856 _____ C:WINDOWSsystem32vulkan-1.dll

2021-09-17 17:27 – 2021-08-28 13:25 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-09-17 17:27 – 2021-08-28 13:25 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-09-17 17:27 – 2021-08-28 13:22 – 000645240 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-09-17 17:27 – 2021-08-28 13:20 – 005681280 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 001520760 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 001171064 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 000716920 _____ C:WINDOWSsystem32nvofapi64.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 000676480 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 000577168 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-09-17 17:26 – 2021-08-28 13:22 – 000564344 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-09-17 17:26 – 2021-08-28 13:21 – 002112128 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-09-17 17:26 – 2021-08-28 13:21 – 001595536 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-09-17 17:26 – 2021-08-28 13:21 – 000919184 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-09-17 17:26 – 2021-08-28 13:21 – 000750224 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-09-17 17:26 – 2021-08-28 13:21 – 000706192 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-09-17 17:26 – 2021-08-28 13:20 – 008854144 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-09-17 17:26 – 2021-08-28 13:20 – 007920760 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-09-17 17:26 – 2021-08-28 13:20 – 004987512 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-09-17 17:26 – 2021-08-28 13:20 – 002925688 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-09-17 17:26 – 2021-08-28 13:20 – 000447104 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-09-17 17:26 – 2021-08-28 13:19 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-09-17 17:26 – 2021-08-28 13:18 – 007280848 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-09-17 17:26 – 2021-08-28 13:18 – 006216336 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-09-17 17:26 – 2021-08-27 17:54 – 000083133 _____ C:WINDOWSsystem32nvinfo.pb

2021-09-17 17:06 – 2021-09-17 17:09 – 755560304 ____C (NVIDIA Corporation) C:UsersDaanyDownloads471.96-desktop-win10-win11-64bit-international-dch-whql.exe

2021-09-15 23:29 – 2021-09-15 23:28 – 000029261 ___RC C:UsersDaanyDesktop1225719220-NFSMW-Black-edition-22-trainer-v1.3.zip

2021-09-15 23:27 – 2021-09-15 23:27 – 000000000 ___HD C:$AV_ASW

2021-09-15 18:54 – 2021-09-15 18:54 – 000000591 ____C C:UsersDaanyDesktopRuneLite.lnk

2021-09-15 18:54 – 2021-09-15 18:54 – 000000591 ____C C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuProgramsRuneLite.lnk

2021-09-13 22:26 – 2021-09-13 23:02 – 000000046 ____C C:UsersDaanyjagex_runescape_preferences.dat

2021-09-13 22:26 – 2021-09-13 23:02 – 000000001 ____C C:UsersDaanytfa.dat

2021-09-13 22:26 – 2021-09-13 22:26 – 000000024 ____C C:UsersDaanyrandom2.dat

2021-09-13 22:26 – 2021-09-13 22:26 – 000000000 ___DC C:UsersDaanyhdos

2021-09-13 22:25 – 2021-09-13 22:25 – 000000551 ____C C:UsersDaanyDesktopHDOS.lnk

2021-09-13 22:25 – 2021-09-13 22:25 – 000000551 ____C C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuProgramsHDOS.lnk

2021-09-09 14:33 – 2021-09-10 19:27 – 000000000 ____D C:Program FilesMozilla Firefox

2021-09-05 02:44 – 2021-09-16 22:44 – 000000000 ____D C:ProgramDataAvast Software

2021-09-05 01:44 – 2021-09-05 01:44 – 000002792 _____ C:WINDOWSsystem32.crusader

2021-09-05 00:57 – 2021-09-23 23:14 – 000000000 ___DC C:UsersDaanyAppDataRoamingdiscord

2021-09-05 00:57 – 2021-09-23 22:26 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-09-05 00:57 – 2021-09-22 22:11 – 000002227 ____C C:UsersDaanyDesktopDiscord.lnk

2021-09-05 00:57 – 2021-09-22 00:26 – 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-09-05 00:57 – 2021-09-22 00:26 – 000002021 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-09-05 00:57 – 2021-09-05 00:44 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2021-09-05 00:46 – 2021-09-05 00:46 – 000119048 _____ (Symantec Corporation) C:WINDOWSsystem32DriversSMR540.SYS.bak

2021-09-05 00:45 – 2021-09-05 00:45 – 013884680 ____C (NortonLifeLock Inc.) C:UsersDaanyDownloadsNPE.exe

2021-09-05 00:45 – 2021-09-05 00:45 – 000000000 ____D C:ProgramDataNorton

2021-09-05 00:43 – 2021-09-05 00:43 – 000000000 ____D C:Program FilesMalwarebytes

2021-09-05 00:35 – 2021-09-05 01:45 – 000000000 ____D C:ProgramDataHitmanPro

2021-09-05 00:35 – 2021-09-05 00:35 – 011332032 ____C (SurfRight B.V.) C:UsersDaanyDownloadsHitmanPro_x64.exe

2021-09-05 00:35 – 2021-09-05 00:35 – 000000000 ____D C:Program FilesHitmanPro

2021-09-05 00:26 – 2021-09-05 00:26 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-09-05 00:26 – 2021-09-05 00:26 – 000000000 ____D C:ProgramDataMalwarebytes

2021-09-05 00:24 – 2021-09-05 00:24 – 002120496 ____C (Malwarebytes) C:UsersDaanyDownloadsMBSetup-119967.119967-consumer.exe

2021-09-05 00:16 – 2021-09-05 00:16 – 008553680 ____C (Malwarebytes) C:UsersDaanyDownloadsadwcleaner_8.3.0.exe

2021-09-05 00:14 – 2021-09-23 22:28 – 000000000 ____D C:Program FilesCCleaner

2021-09-05 00:14 – 2021-09-16 22:32 – 000002988 _____ C:WINDOWSsystem32TasksCCleaner Update

2021-09-05 00:14 – 2021-09-16 22:32 – 000002252 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC – Daany

2021-09-05 00:14 – 2021-09-05 00:14 – 000000863 _____ C:UsersPublicDesktopCCleaner.lnk

2021-09-05 00:14 – 2021-09-05 00:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner

2021-09-05 00:13 – 2021-09-05 00:13 – 036100216 ____C (Piriform Software Ltd) C:UsersDaanyDownloadsccsetup584_pro_trial.exe

2021-09-04 23:59 – 2021-09-05 00:00 – 018444288 ____C C:UsersDaanyDownloadschromeremotedesktophost.msi

2021-09-04 15:24 – 2021-09-04 15:24 – 000000000 ____D C:ProgramDataSquirrelMachineInstalls

2021-09-04 15:24 – 2021-09-04 15:24 – 000000000 ____D C:ProgramDataDaany

2021-09-04 00:56 – 2021-09-04 00:56 – 000001425 _____ C:WINDOWSsystem32default_error_stack-000005-000000.txt

2021-09-04 00:38 – 2021-09-05 01:23 – 000000000 ____D C:ProgramData63

2021-09-04 00:38 – 2021-09-04 00:57 – 006826592 ____N C:WINDOWSsystem32DriversSi25o525.sys

2021-09-04 00:18 – 2021-09-04 00:29 – 000000000 ___DC C:UsersDaanyDocumentsGTA San Andreas User Files

2021-09-03 21:27 – 2021-09-03 21:27 – 000000896 ____C C:UsersDaanyDesktopµTorrent.lnk

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-23 23:08 – 2019-12-07 10:13 – 000000000 ____D C:WINDOWSINF

2021-09-23 23:04 – 2018-09-28 09:30 – 000000000 ___DC C:UsersDaanyAppDataLocalLowMozilla

2021-09-23 22:56 – 2019-01-07 18:36 – 000000000 ____D C:Steamlibary

2021-09-23 22:49 – 2018-09-26 10:40 – 000000000 ____D C:ProgramDataNVIDIA

2021-09-23 22:45 – 2018-09-28 13:10 – 000000000 ____D C:ProgramDataRiot Games

2021-09-23 22:39 – 2019-01-16 16:52 – 000000000 ____D C:Program Files (x86)Google

2021-09-23 22:30 – 2020-09-25 07:19 – 000853218 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-09-23 22:29 – 2021-08-19 20:51 – 000000000 ___DC C:UsersDaany.runelite

2021-09-23 22:28 – 2021-08-19 20:51 – 000000086 ____C C:UsersDaanyjagex_cl_oldschool_LIVE.dat

2021-09-23 22:28 – 2021-08-19 20:51 – 000000024 ____C C:UsersDaanyrandom.dat

2021-09-23 22:27 – 2020-09-25 07:16 – 000003102 _____ C:WINDOWSsystem32TasksMSIAfterburner

2021-09-23 22:26 – 2020-09-25 07:16 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-09-23 22:26 – 2020-09-25 07:08 – 000008192 ___SH C:DumpStack.log.tmp

2021-09-23 22:26 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSServiceState

2021-09-23 22:26 – 2019-12-07 10:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-09-23 22:26 – 2019-12-07 10:03 – 017301504 _____ C:WINDOWSsystem32configBCD000000

2021-09-23 22:26 – 2019-12-07 10:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-09-23 22:19 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-09-23 13:14 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSRegistration

2021-09-23 13:05 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-09-23 03:24 – 2020-09-25 07:08 – 000438920 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSSystemResources

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32DDFs

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSShellComponents

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSProvisioning

2021-09-23 03:23 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-09-23 03:23 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSservicing

2021-09-23 02:51 – 2019-12-07 10:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-09-23 02:36 – 2021-02-19 21:27 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-09-23 02:36 – 2018-09-28 21:31 – 135637312 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-09-23 02:36 – 2018-09-28 21:31 – 000000000 ____D C:WINDOWSsystem32MRT

2021-09-23 02:33 – 2020-09-25 07:10 – 000000000 ___DC C:UsersDaany

2021-09-22 22:22 – 2020-09-25 07:08 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-09-22 19:55 – 2020-11-22 23:55 – 000000000 ____D C:Program Files (x86)Overwolf

2021-09-19 16:45 – 2018-10-13 14:02 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-09-17 18:17 – 2018-12-27 23:45 – 000000000 ____D C:CFLog

2021-09-17 17:51 – 2018-09-28 12:57 – 000000000 ___DC C:UsersDaanyDesktopGames

2021-09-17 17:49 – 2018-09-28 11:02 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-09-17 17:43 – 2018-09-26 10:40 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-09-17 17:43 – 2018-09-26 10:40 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-09-17 15:49 – 2020-08-29 18:27 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-09-17 15:49 – 2019-12-07 10:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-09-16 22:48 – 2018-06-06 17:59 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-09-16 22:32 – 2021-05-28 00:05 – 000002678 _____ C:WINDOWSsystem32TasksUSER_ESRV_SVC_QUEENCREEK

2021-09-16 22:32 – 2021-01-16 18:36 – 000003042 _____ C:WINDOWSsystem32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473

2021-09-16 22:32 – 2021-01-16 02:34 – 000002970 _____ C:WINDOWSsystem32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132

2021-09-16 22:32 – 2021-01-16 02:34 – 000002604 _____ C:WINDOWSsystem32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon

2021-09-16 22:32 – 2020-11-22 23:55 – 000003244 _____ C:WINDOWSsystem32TasksOverwolf Updater Task

2021-09-16 22:32 – 2020-09-25 21:24 – 000003220 _____ C:WINDOWSsystem32TasksIntel PTT EK Recertification

2021-09-16 22:32 – 2020-09-25 07:16 – 000003408 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-09-16 22:32 – 2020-09-25 07:16 – 000003348 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-09-16 22:32 – 2020-09-25 07:16 – 000003308 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{1EC5857D-8B06-4D53-B26A-C80E8278BA59}

2021-09-16 22:32 – 2020-09-25 07:16 – 000003184 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-09-16 22:32 – 2020-09-25 07:16 – 000003124 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-09-16 22:32 – 2020-09-25 07:16 – 000002858 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3939722523-3027127093-560741939-1003

2021-09-16 22:32 – 2020-09-25 07:16 – 000002852 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3939722523-3027127093-560741939-500

2021-09-16 22:26 – 2021-05-23 20:24 – 000062912 ____C C:UsersDaanyDocumentsFPSMonitor.txt

2021-09-15 18:52 – 2019-01-16 16:53 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-09-13 23:26 – 2018-11-07 21:51 – 000000892 ____C C:UsersDaanyDesktopSteam.lnk

2021-09-12 12:00 – 2018-09-28 10:33 – 000000000 ____D C:Program Files (x86)Battle.net

2021-09-12 11:38 – 2020-09-25 07:10 – 000002379 ____C C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-09-10 19:27 – 2018-09-28 09:30 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2021-09-09 22:48 – 2021-07-20 12:07 – 000000000 ____D C:WINDOWSsystem32TasksMozilla

2021-09-09 22:48 – 2018-09-28 09:30 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2021-09-06 23:19 – 2018-09-28 11:09 – 000000000 ___DC C:UsersDaanyAppDataRoamingOrigin

2021-09-06 23:19 – 2018-09-28 11:09 – 000000000 ____D C:ProgramDataOrigin

2021-09-06 22:47 – 2018-09-28 11:45 – 000000000 ____D C:Program Files (x86)Origin

2021-09-06 15:00 – 2021-07-22 19:56 – 000000040 ____C C:UsersDaanyDesktopDriving test.txt

2021-09-05 02:45 – 2019-12-07 10:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-09-05 01:23 – 2019-02-28 00:01 – 000000000 ____D C:Program Files (x86)NuGet

2021-09-05 00:57 – 2018-09-28 09:44 – 000000000 ___DC C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-09-03 22:41 – 2020-11-07 18:49 – 000000000 ___DC C:UsersDaanyAppDataRoamingSega

2021-09-03 21:32 – 2018-09-29 18:22 – 000000000 ___DC C:UsersDaanyAppDataRoaminguTorrent

2021-09-03 21:27 – 2019-04-12 16:33 – 000000876 ____C C:UsersDaanyAppDataRoamingMicrosoftWindowsStart MenuµTorrent.lnk

2021-08-31 02:43 – 2018-09-28 21:14 – 000803176 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe

2021-08-28 16:43 – 2021-03-20 01:51 – 000000000 ___DC C:UsersDaanyAppDataRoaming.minecraft

2021-08-26 12:24 – 2020-11-27 19:12 – 000005080 _____ C:WINDOWSsystem32InstallUtil.InstallLog

 

==================== Files in the root of some directories ========

 

2021-09-13 22:26 – 2021-09-13 23:02 – 000000046 ____C () C:UsersDaanyjagex_runescape_preferences.dat

2021-09-13 22:26 – 2021-09-13 22:26 – 000000024 ____C () C:UsersDaanyrandom2.dat

2021-09-13 22:26 – 2021-09-13 23:02 – 000000001 ____C () C:UsersDaanytfa.dat

2021-01-16 03:49 – 2021-01-16 03:49 – 000007608 ____C () C:UsersDaanyAppDataLocalResmon.ResmonCfg

 

==================== FLock ==============================

 

2021-09-23 22:26 C:WINDOWSsystem32configSYSTEM

2021-09-04 00:57 C:WINDOWSsystem32DriversSi25o525.sys

2018-09-29 18:23 C:ProgramDataApplication Data

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02

Ran by Daany (23-09-2021 23:15:05)

Running from C:UsersDaanyDesktop

Windows 10 Home Version 20H2 19042.1237 (X64) (2020-09-25 06:16:15)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-3939722523-3027127093-560741939-500 – Administrator – Disabled)

ASPNET (S-1-5-21-3939722523-3027127093-560741939-1004 – Limited – Enabled)

Daany (S-1-5-21-3939722523-3027127093-560741939-1003 – Administrator – Enabled) => C:UsersDaany

DefaultAccount (S-1-5-21-3939722523-3027127093-560741939-503 – Limited – Disabled)

Guest (S-1-5-21-3939722523-3027127093-560741939-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-3939722523-3027127093-560741939-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Disabled – Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-3939722523-3027127093-560741939-1003…uTorrent) (Version: 3.5.5.46074 – BitTorrent Inc.)

Adobe Digital Editions 4.5 (HKLM-x32…Adobe Digital Editions 4.5) (Version: 4.5.9 – Adobe Systems Incorporated)

Amazon Games (HKUS-1-5-21-3939722523-3027127093-560741939-1003…{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 1.7.3024.2 – Amazon.com Services, Inc.)

Apple Application Support (32-bit) (HKLM-x32…{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 – Apple Inc.)

Apple Application Support (64-bit) (HKLM…{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 – Apple Inc.)

Apple Mobile Device Support (HKLM…{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 – Apple Inc.)

Artix Game Launcher 2.1.0 (HKLM…{3BECECC9-207F-4FAE-A1EA-207D7F8B9AB4}) (Version: 2.1.0 – Artix Entertainment, LLC)

Assassin’s Creed Valhalla (HKLM-x32…Uplay Install 13504) (Version:  – Ubisoft)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Battlefield 4™ (HKLM-x32…{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 – Electronic Arts)

Battlefield™ 1 (HKLM-x32…{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 – Electronic Arts)

Battlefield™ V (HKLM-x32…{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 – Electronic Arts)

Battlelog Web Plugins (HKLM-x32…Battlelog Web Plugins) (Version: 2.3.0 – EA Digital Illusions CE AB)

Bethesda.net Launcher (HKLM-x32…{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.68.0 – Bethesda Softworks)

Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)

Burning Crusade Classic (HKLM-x32…Burning Crusade Classic) (Version:  – Blizzard Entertainment)

Burnout™ Paradise: The Ultimate Box (HKLM-x32…{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 4.1.0.1 – Electronic Arts)

Call of Duty Black Ops Cold War (HKLM-x32…Call of Duty Black Ops Cold War) (Version:  – Blizzard Entertainment)

Call of Duty Black Ops Cold War Beta (HKLM-x32…Call of Duty Black Ops Cold War Beta) (Version:  – Blizzard Entertainment)

Call of Duty Modern Warfare (HKLM-x32…Call of Duty Modern Warfare) (Version:  – Blizzard Entertainment)

CCleaner (HKLM…CCleaner) (Version: 5.84 – Piriform)

Chrome Remote Desktop Host (HKLM-x32…{1180A2CA-8F3D-4AD0-A1EF-1ED38327C683}) (Version: 94.0.4606.27 – Google LLC)

ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32…{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 – Microsoft Corporation) Hidden

CORSAIR iCUE Software (HKLM-x32…{24A86878-1C2B-462D-81A3-C7AFA66F0254}) (Version: 3.28.70 – Corsair)

CPUID CPU-Z 1.90 (HKLM…CPUID CPU-Z_is1) (Version: 1.90 – CPUID, Inc.)

CrossFire West (HKLM-x32…CrossFire West_is1) (Version:  – Z8Games.com)

Crysis 2 (HKLM-x32…{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 – Electronic Arts)

CurseForge (HKUS-1-5-21-3939722523-3027127093-560741939-1003…Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.181.1.15 – Overwolf app)

DAEMON Tools Lite (HKLM…DAEMON Tools Lite) (Version: 10.10.0.0811 – Disc Soft Ltd)

Dead Space™ 2 (HKLM-x32…{C549C2A2-574F-4ABC-933C-BD11D027C16A}) (Version: 1.0.941.0 – Electronic Arts)

DiagnosticsHub_CollectionService (HKLM…{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 – Microsoft Corporation) Hidden

Discord (HKUS-1-5-21-3939722523-3027127093-560741939-1003…Discord) (Version: 1.0.9002 – Discord Inc.)

Doom Eternal (HKLM-x32…Doom Eternal) (Version:  – Bethesda Softworks)

Dual-Core Optimizer (HKLM-x32…{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 – AMD)

Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32…{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 – Microsoft Corporation) Hidden

Epic Games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

ESN Sonar (HKLM-x32…ESN Sonar-0.70.4) (Version: 0.70.4 – ESN Social Software AB)

FPS Monitor (HKLM-x32…FPS Monitor_is1) (Version: 1 – )

Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.82 – Google LLC)

Grand Theft Auto IV (HKLM-x32…{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 – Rockstar Games Inc.) Hidden

Grand Theft Auto V (HKLM-x32…{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: “1.0.0.10” – Rockstar Games)

HDOS Launcher (HKUS-1-5-21-3939722523-3027127093-560741939-1003…HDOS Launcher_is1) (Version: 1.0.7 – HDOS)

icecap_collection_neutral (HKLM-x32…{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collection_x64 (HKLM…{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 – Microsoft Corporation) Hidden

icecap_collectionresources (HKLM-x32…{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

icecap_collectionresourcesx64 (HKLM-x32…{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 – Microsoft Corporation) Hidden

iMazing 2.10.6.0 (HKLM…iMazing_is1) (Version: 2.10.6.0 – DigiDNA)

Intel® Computing Improvement Program (HKLM…{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 – Intel Corporation)

IntelliTraceProfilerProxy (HKLM-x32…{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 – Microsoft Corporation) Hidden

Java 8 Update 301 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 – Oracle Corporation)

Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32…{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 – Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32…{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 – Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32…{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 – Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32…{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 – Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32…{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 – Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32…{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 – Microsoft Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

League of Legends (HKLM-x32…League of Legends 1.0) (Version: 1.0 – Riot Games, Inc)

Lenovo Vantage Service (HKLM-x32…VantageSRV_is1) (Version: 3.8.23.0 – Lenovo Group Ltd.)

Malwarebytes version 4.4.6.132 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 – Malwarebytes)

Microsoft .NET Framework 1.1 (HKLM-x32…{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 – Microsoft)

Microsoft 365 – en-us (HKLM…o365homepremretail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation)

Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 93.0.961.52 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 93.0.961.52 – Microsoft Corporation)

Microsoft Games for Windows – LIVE Redistributable (HKLM-x32…{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-3939722523-3027127093-560741939-1003…OneDriveSetup.exe) (Version: 21.160.0808.0002 – Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x64) (HKLM…{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 – Microsoft Corporation)

Microsoft Server Speech Recognition Language – TELE (en-IN) (HKLM-x32…{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM…{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32…{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-3939722523-3027127093-560741939-1003…Teams) (Version: 1.3.00.21759 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.60610 (HKLM-x32…{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 – Mojang)

Mozilla Firefox (x64 en-GB) (HKLM…Mozilla Firefox 92.0 (x64 en-GB)) (Version: 92.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 62.0.2 – Mozilla)

MSI Afterburner 4.6.1 (HKLM-x32…Afterburner) (Version: 4.6.1 – MSI Co., LTD)

Need for Madness (HKLM-x32…{7369D8AB-6580-4DBA-AAE2-6A93E085A50E}) (Version: 44 – Radicalplay.com Games, Ltd.)

Need For Speed Underground (HKLM-x32…{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version:  – )

Need for Speed Underground 2 (HKLM-x32…Need for Speed Underground 2) (Version:  – )

Need for Speed™ Hot Pursuit (HKLM-x32…{2736FCA6-A352-4CFC-B5A8-F1438BD8A5B2}) (Version: 1.0.5.0 – Electronic Arts)

Need for Speed™ Heat (HKLM-x32…{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 – Electronic Arts)

Need for Speed™ Payback (HKLM-x32…{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.41148 – Electronic Arts)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Graphics Driver 471.96 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.96 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.60 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden

OpenIV (HKUS-1-5-21-3939722523-3027127093-560741939-1003…OpenIV) (Version: 4.0.1.1452 – .black/OpenIV Team)

Origin (HKLM-x32…Origin) (Version: 10.5.103.48818 – Electronic Arts, Inc.)

Overwolf (HKLM-x32…Overwolf) (Version: 0.180.0.5 – Overwolf Ltd.)

PCSX2 – Playstation 2 Emulator (HKLM-x32…pcsx2) (Version:  – )

PlayStation™Now (HKLM-x32…{F26F420A-BBE3-4C7E-BB87-3831EEFA4DC9}) (Version: 11.7.0 – Sony Interactive Entertainment Network America LLC)

PunkBuster Services (HKLM-x32…PunkBusterSvc) (Version: 0.993 – Even Balance, Inc.)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.29.283 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.7.0 – Rockstar Games)

RuneLite (HKUS-1-5-21-3939722523-3027127093-560741939-1003…RuneLite Launcher_is1) (Version: 2.1.7 – RuneLite)

RuneScape Launcher 2.2.7 (HKLM…RuneScape Launcher_is1) (Version: 2.2.7 – Jagex Ltd)

Samsung USB Driver for Mobile Phones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 – Samsung Electronics Co., Ltd.)

Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)

STAR WARS™ Battlefront™ II (HKLM-x32…{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 – Electronic Arts)

Teams Machine-Wide Installer (HKLM-x32…{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 – Microsoft Corporation)

Ubisoft Connect (HKLM-x32…Uplay) (Version: 123.1.10526 – Ubisoft)

Update for  (KB2504637) (HKLM-x32…{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 – Microsoft Corporation)

VALORANT (HKUS-1-5-21-3939722523-3027127093-560741939-1003…Riot Game valorant.live) (Version:  – Riot Games, Inc)

vcpp_crt.redist.clickonce (HKLM-x32…{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 – Microsoft Corporation) Hidden

Visual Studio Community 2017 (HKLM-x32…5274ee9a) (Version: 15.9.28307.423 – Microsoft Corporation)

VS Immersive Activate Helper (HKLM-x32…{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

VS JIT Debugger (HKLM…{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 – Microsoft Corporation) Hidden

vs_BlendMsi (HKLM-x32…{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 – Microsoft Corporation) Hidden

vs_clickoncebootstrappermsi (HKLM-x32…{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_clickoncebootstrappermsires (HKLM-x32…{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_clickoncesigntoolmsi (HKLM-x32…{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_communitymsi (HKLM-x32…{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 – Microsoft Corporation) Hidden

vs_communitymsires (HKLM-x32…{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_devenvmsi (HKLM-x32…{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_filehandler_amd64 (HKLM-x32…{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_filehandler_x86 (HKLM-x32…{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_FileTracker_Singleton (HKLM-x32…{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 – Microsoft Corporation) Hidden

vs_minshellinteropmsi (HKLM-x32…{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 – Microsoft Corporation) Hidden

vs_minshellmsi (HKLM-x32…{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 – Microsoft Corporation) Hidden

vs_minshellmsires (HKLM-x32…{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 – Microsoft Corporation) Hidden

vs_SQLClickOnceBootstrappermsi (HKLM-x32…{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

vs_tipsmsi (HKLM-x32…{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 – Microsoft Corporation) Hidden

Warcraft III (HKLM-x32…Warcraft III) (Version:  – Blizzard Entertainment)

WinRAR 5.61 (64-bit) (HKLM…WinRAR archiver) (Version: 5.61.0 – win.rar GmbH)

World of Warcraft (HKLM-x32…World of Warcraft) (Version:  – Blizzard Entertainment)

World of Warcraft Classic (HKLM-x32…World of Warcraft Classic) (Version:  – Blizzard Entertainment)

Zotero (HKLM-x32…Zotero 5.0.57 (x86 en-US)) (Version: 5.0.57 – Corporation for Digital Scholarship)

 

Packages:

=========

Dolby Access -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-11] (Dolby Laboratories)

Hidden City: Hidden Object Adventure -> C:Program FilesWindowsApps828B5831.HiddenCityMysteryofShadows_1.43.4302.0_x86__ytsefhwckbdv6 [2021-08-29] (G5 Entertainment AB)

Lenovo Vantage -> C:Program FilesWindowsAppsE046963F.LenovoCompanion_10.2108.22.0_x64__k1h2ywk1493x8 [2021-09-01] (LENOVO INC.)

LinkedIn -> C:Program FilesWindowsApps7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-28] (LinkedIn)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Studios) [MS Ad]

Minecraft for Windows 10 -> C:Program FilesWindowsAppsMicrosoft.MinecraftUWP_1.17.1101.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Studios)

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-17] (NVIDIA Corp.)

Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.26.249.0_x64__dt26b99r8h8gj [2021-06-16] (Realtek Semiconductor Corp)

Xbox One SmartGlass -> C:Program FilesWindowsAppsMicrosoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-3939722523-3027127093-560741939-1003_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersDaanyAppDataLocalMicrosoftTeamsMeetingAddin1.0.20130.1x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3939722523-3027127093-560741939-1003_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersDaanyAppDataLocalMicrosoftTeamsMeetingAddin1.0.20130.1x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:Program FilesDAEMON Tools Litedtshl64.dll [2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:Program FilesDAEMON Tools Litedtshl64.dll [2019-04-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-05] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9413e5ce3f1b6ec6nvshext.dll [2021-08-28] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-05] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2021-09-23 22:28 – 2021-09-23 22:28 – 000018944 _____ () [File not signed] E:Tempjogamp_0000file_cachejln16098757149884249433jln11110578275532532261nativeswindows-amd64gluegen_rt.dll

2021-09-23 22:28 – 2021-09-23 22:28 – 000508928 _____ () [File not signed] E:Tempjogamp_0000file_cachejln16098757149884249433jln11110578275532532261nativeswindows-amd64jogl_desktop.dll

2021-09-23 22:28 – 2021-09-23 22:28 – 000295936 _____ () [File not signed] E:Tempjogamp_0000file_cachejln16098757149884249433jln11110578275532532261nativeswindows-amd64jogl_mobile.dll

2021-09-23 22:28 – 2021-09-23 22:28 – 000017920 _____ () [File not signed] E:Tempjogamp_0000file_cachejln16098757149884249433jln11110578275532532261nativeswindows-amd64nativewindow_awt.dll

2021-09-23 22:28 – 2021-09-23 22:28 – 000033792 _____ () [File not signed] E:Tempjogamp_0000file_cachejln16098757149884249433jln11110578275532532261nativeswindows-amd64nativewindow_win32.dll

2021-09-23 22:28 – 2021-09-23 22:28 – 000254464 ____N (Java™ Native Access (JNA)) [File not signed] E:Tempjna-65785903jna6054086388602951718.dll

2021-04-30 23:27 – 2021-06-01 17:02 – 004329600 _____ (Mercer Road Corp -> Mercer Road Corp) [File not signed] D:Riot GamesRiot Clientvivoxsdk_v4.dll

2021-05-12 20:07 – 2021-05-12 20:07 – 001638912 _____ (Robert Simpson, et al.) [File not signed] C:Program FilesIntelSURQUEENCREEKx64SQLite.Interop.dll

2020-05-30 16:04 – 2020-05-30 16:04 – 001638912 _____ (Robert Simpson, et al.) [File not signed] C:ProgramDataLenovoVantageAddinsVantageCoreAddin1.0.0.15x64SQLite.Interop.dll

2020-03-06 12:49 – 2020-03-06 12:49 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE SoftwareSiUSBXp.dll

2021-05-12 20:07 – 2021-05-12 20:07 – 002122240 _____ (SQLite Development Team) [File not signed] C:Program FilesIntelSURQUEENCREEKx64sqlite3.dll

2021-02-12 18:35 – 2020-03-16 15:05 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll

2021-02-12 18:35 – 2020-03-16 15:06 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll

2021-02-12 18:35 – 2020-01-13 22:44 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll

2021-09-06 22:47 – 2020-01-13 22:44 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll

2020-04-17 18:36 – 2020-04-17 18:36 – 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:Program Files (x86)CorsairCORSAIR iCUE SoftwareQt5Core.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

SearchScopes: HKUS-1-5-21-3939722523-3027127093-560741939-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_301binssv.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_301binjp2ssv.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-08-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-08-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-08-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-08-29] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU.DEFAULT…localhost -> localhost

IE trusted site: HKUS-1-5-21-3939722523-3027127093-560741939-1003…localhost -> localhost

IE trusted site: HKUS-1-5-21-3939722523-3027127093-560741939-1003…sharepoint.com -> hxxps://liveastonac-files.sharepoint.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2018-04-12 00:38 – 2021-09-05 00:19 – 000000852 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR

HKUS-1-5-21-3939722523-3027127093-560741939-1003Control PanelDesktop\Wallpaper -> C:UsersDaanyPicturesBackground WallpapersYasuo LoL 3.jpg

DNS Servers: 194.168.4.100 – 194.168.8.100

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “SecurityHealth”

HKLM…StartupApprovedRun32: => “amd_dc_opt”

HKLM…StartupApprovedRun32: => “CORSAIR iCUE Software”

HKUS-1-5-21-3939722523-3027127093-560741939-1003…StartupApprovedRun: => “DAEMON Tools Lite Automount”

HKUS-1-5-21-3939722523-3027127093-560741939-1003…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-3939722523-3027127093-560741939-1003…StartupApprovedRun: => “CCleaner Smart Cleaning”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{149F7C97-33E1-4706-9544-9A01CE41D3E0}] => (Allow) D:Steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [{421C8775-6BE7-4B59-BD25-73BDB0A2E864}] => (Allow) D:Steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [{BC9B22E7-EE9B-4443-924C-D69BE7C140E7}] => (Allow) D:Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{25DF9EB5-A4E6-4666-9553-E95F40810D32}] => (Allow) D:Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{F70029B6-91E3-45F2-B21A-D7FDFDCECA9A}] => (Allow) D:SteamsteamappscommonUnturnedUnturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{A3EB6FE8-D793-44DE-951D-48D9FC866D95}] => (Allow) D:SteamsteamappscommonUnturnedUnturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{356FA432-4221-4DDC-B89F-33DA5FB9D34D}] => (Allow) D:SteamsteamappscommonUnturnedUnturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{D428EBE8-5CDF-4745-A3ED-1D0B975544C2}] => (Allow) D:SteamsteamappscommonUnturnedUnturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{C5C61C26-4D8F-4406-83DC-D07BE36A84AA}] => (Allow) E:Steamsteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )

FirewallRules: [{2D332382-85C4-4336-A417-671B64BF8C52}] => (Allow) E:Steamsteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )

FirewallRules: [{DA0CE234-03E8-482C-9D0C-4B15AD316704}] => (Allow) E:Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )

FirewallRules: [{493E9A41-E006-46E8-BD15-3F4691F84F3F}] => (Allow) E:Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )

FirewallRules: [{0414806B-A07D-4CC0-AF64-93AFF9B23DB5}] => (Allow) E:SteamsteamappscommonCry of FearCoFLaunchApp.exe (Team Psykskallar) [File not signed]

FirewallRules: [{E31D103C-2498-406B-AD68-BB902E75A35A}] => (Allow) E:SteamsteamappscommonCry of FearCoFLaunchApp.exe (Team Psykskallar) [File not signed]

FirewallRules: [{406D5584-D6E0-48F6-921C-B412ECC2F89A}] => (Allow) E:SteamsteamappscommonBeamNG.driveBeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)

FirewallRules: [{969FA65E-007A-4D33-B78E-7C8C1D71E35B}] => (Allow) E:SteamsteamappscommonBeamNG.driveBeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)

FirewallRules: [{FA596C8F-9417-4FC4-AEF0-3D0762A1FC45}] => (Allow) D:SteamsteamappscommonWreckfestWreckfest_x64.exe () [File not signed]

FirewallRules: [{C2BA05B5-8D1F-4EB5-B14C-DFEB7EDE4D61}] => (Allow) D:SteamsteamappscommonWreckfestWreckfest_x64.exe () [File not signed]

FirewallRules: [{694EA83C-386E-42E5-AE16-294A045CBFBC}] => (Allow) D:SteamsteamappscommonWreckfestWreckfest.exe () [File not signed]

FirewallRules: [{C5D581C2-CAA5-40B2-A428-72A0AB0F866F}] => (Allow) D:SteamsteamappscommonWreckfestWreckfest.exe () [File not signed]

FirewallRules: [TCP Query User{96A0D684-EDAD-4166-A42D-46FD4D2EC095}E:call of duty modern warfaremodernwarfare.exe] => (Allow) E:call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)

FirewallRules: [UDP Query User{9EA3477E-41BE-4415-8A52-FC55ED6E9BE2}E:call of duty modern warfaremodernwarfare.exe] => (Allow) E:call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)

FirewallRules: [{6E62C0B1-7892-41E8-A15B-FC2E3872A556}] => (Block) E:call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)

FirewallRules: [{6FD46B0D-37B4-4A93-A8A7-8AE222B6296C}] => (Block) E:call of duty modern warfaremodernwarfare.exe (Activision Publishing Inc -> Activision)

FirewallRules: [TCP Query User{2443F486-9E67-4FDF-A56F-BAD7B4372EB7}D:steamsteamappscommoninsurgency2insurgency_x64.exe] => (Allow) D:steamsteamappscommoninsurgency2insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)

FirewallRules: [UDP Query User{202A1A0E-ACD1-4FE5-A0E0-13F8BF348EAD}D:steamsteamappscommoninsurgency2insurgency_x64.exe] => (Allow) D:steamsteamappscommoninsurgency2insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)

FirewallRules: [{ED17B2D0-3B56-4C74-8917-D4AA93E12E8A}] => (Allow) D:Steamsteamappscommoninsurgency2insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{E997EDBF-A2F1-42C0-8BB2-E038B9D52F66}] => (Allow) D:Steamsteamappscommoninsurgency2insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{71ED6A76-F08B-46F0-8E70-13079605005A}] => (Block) D:steamsteamappscommoninsurgency2insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)

FirewallRules: [{D72E1099-5C37-4D9B-9AAE-24645E7522B0}] => (Block) D:steamsteamappscommoninsurgency2insurgency_x64.exe (New World Interactive LLC -> New World Interactive LLC)

FirewallRules: [TCP Query User{E7D9438D-4E23-449B-93DF-AC2E169429BE}E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe] => (Allow) E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [UDP Query User{8A8F4E29-CCDB-4E4C-A9C3-E14C732E3CE9}E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe] => (Allow) E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{3BBBA140-979F-4934-9F90-D511D3F79A48}] => (Block) E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{9678BE90-79C7-40A8-B816-1E3C8771A184}] => (Block) E:steamsteamappscommonneed for speed hot pursuit remasterednfs11remastered.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{8B214C57-108B-4913-86C9-DA79981D6BD7}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{AE849096-038B-42DC-A9FE-4AF8CA974E0D}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{B78608D2-9A25-4136-86FA-428E8D35F8BC}] => (Allow) E:SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{B6B771F9-A7D3-4AB6-BD7A-DF59867AD61E}] => (Allow) E:SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{680F7758-1CC7-4345-8753-01699D96D914}] => (Allow) D:SteamLibrarysteamappscommonTEKKEN 7TEKKEN 7.exe () [File not signed]

FirewallRules: [{137F4549-E2D4-4064-9402-1BF32BB04922}] => (Allow) D:SteamLibrarysteamappscommonTEKKEN 7TEKKEN 7.exe () [File not signed]

FirewallRules: [TCP Query User{B55B2122-5AB3-4C0F-8635-903EFB471698}D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe] => (Allow) D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]

FirewallRules: [UDP Query User{3006DFBE-E1CA-45BE-978C-EED13566A004}D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe] => (Allow) D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]

FirewallRules: [{026A1FF2-B98C-4AB2-8182-E08247B24AF8}] => (Block) D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]

FirewallRules: [{6E45D289-ECB8-4F08-AD05-17671CFFF008}] => (Block) D:steamlibrarysteamappscommontekken 7tekkengamebinarieswin64tekkengame-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed]

FirewallRules: [{29E4DC5D-AE83-47E4-884A-E40B195F4175}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{89BD779E-DC8A-4AD2-9BDF-413FCF3A7DC4}E:call of duty black ops cold warblackopscoldwar.exe] => (Allow) E:call of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)

FirewallRules: [UDP Query User{CD132114-C8C8-4107-B9C2-B6A31ED69F11}E:call of duty black ops cold warblackopscoldwar.exe] => (Allow) E:call of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)

FirewallRules: [{41F06E1A-6B9A-43FD-BB08-CF062BE415B3}] => (Block) E:call of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)

FirewallRules: [{E069BA4F-6D00-47F4-AE23-4316470207CF}] => (Block) E:call of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)

FirewallRules: [{115110DA-2383-43BE-9BAF-83C5A1670F30}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{D35F2BCA-CC13-4342-97BE-2D7238F5C292}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{B0D4A96B-9C54-4442-96F0-90DA8AF5A470}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{86000299-D92E-4938-95D1-AF3B6DB4212D}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{FB3C4F9A-A426-4199-AA01-D05EE2000F2C}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{FEE31C65-8DE6-4B08-BB34-E4E0B44A7CE2}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{6E1E2187-ACDB-4476-A999-AAA79E0C0C24}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication93.0.961.52msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3078F69A-EC56-453E-8DFF-7E430F153AD2}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9CA8755F-9543-4208-8F96-414B024C4855}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{24DC83B4-3EF0-44FD-957B-C2786F75005C}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{69175C27-D041-44CB-8A6F-502A038D1EBC}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{45CD2D47-EC83-438F-81C1-1559EF816ABF}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{A02074DE-F93F-4A43-AED6-C4C4E62F6F5E}] => (Allow) C:Program Files (x86)GoogleChrome Remote Desktop94.0.4606.27remoting_host.exe (Google LLC -> Google LLC)

FirewallRules: [{F002398B-A74C-4446-AC4D-9646E3D9101C}] => (Allow) E:SteamsteamappscommonSMITEBinariesWin64SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{40423EE7-7038-4FF5-BD35-AED60B4BFE0C}] => (Allow) E:SteamsteamappscommonSMITEBinariesWin64SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{3383E9B6-8FB6-4BFF-A5BE-D4C9D4FBDA18}] => (Allow) E:SteamsteamappscommonSMITEBinariesWin32SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{7FC753DA-5A9A-401E-90AD-D2FF2BF8A11C}] => (Allow) E:SteamsteamappscommonSMITEBinariesWin32SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{CC8F4A5A-5272-4CA5-9EA6-AF0871A6274F}] => (Allow) D:SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{0D677CCC-0E7C-48E3-8623-351944EED9DD}] => (Allow) D:SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{2A0BB577-6127-4E8F-A05F-F386358FCA1C}] => (Allow) C:Program Files (x86)Overwolf.180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{9C56CC47-BAFD-42A5-B549-C5EAB3584E05}] => (Allow) C:Program Files (x86)Overwolf.180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{96DF4FF0-81AA-4B15-9A3E-74919A3B4A23}] => (Block) C:Program Files (x86)Overwolf.180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{2ECCDAC4-324D-49B9-8274-87AE24294B97}] => (Block) C:Program Files (x86)Overwolf.180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{0B424760-DDD4-4CC1-B5C9-59C179029FC5}] => (Allow) E:SteamsteamappscommonGrand Theft Auto IVGTAIVPlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{88E2211B-AEF7-48A5-9536-6202504B410A}] => (Allow) E:SteamsteamappscommonGrand Theft Auto IVGTAIVPlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)

 

==================== Restore Points =========================

 

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:8.67 GB) (8%)

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (09/23/2021 10:30:54 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-IL226UG)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

 

Error: (09/23/2021 10:08:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-IL226UG)

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4441) (User: )

Description: A MS DTC component has encountered an internal error. The process is being terminated. Error Specifics: DtcSystemShutdown ([email protected]): Shutting down with an error

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4112) (User: )

Description: Could not start the MS DTC Transaction Manager.

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4185) (User: )

Description: MS DTC Transaction Manager start failed. LogInit returned error 0x2. This is expected if the corresponding volume has been restored (search for kb article regarding the issue). In all other cases, contact product support.

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4163) (User: )

Description: MS DTC log file not found. After ensuring that all Resource Managers coordinated by MS DTC have no indoubt transactions, please run msdtc -resetlog to create the log file.

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4441) (User: )

Description: A MS DTC component has encountered an internal error. The process is being terminated. Error Specifics: DtcSystemShutdown ([email protected]): Shutting down with an error

 

Error: (09/23/2021 08:44:30 PM) (Source: MSDTC) (EventID: 4112) (User: )

Description: Could not start the MS DTC Transaction Manager.

 

 

System errors:

=============

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service ShellHWDetection with arguments “Unavailable” in order to run the server:

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (09/23/2021 10:25:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IL226UG)

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “Unavailable” in order to run the server:

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

 

Windows Defender:

================

Date: 2021-09-23 23:13:27

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: App:Daemon_Tools_Lite_BundleInstaller

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:Program FilesDAEMON Tools LitelangARA.dll; file:_C:Program FilesDAEMON Tools LitelangCHS.dll; file:_C:Program FilesDAEMON Tools LitelangCHT.dll; file:_C:Program FilesDAEMON Tools LitelangENU.dll; file:_C:Program FilesDAEMON Tools LitelangSVE.dll; file:_C:Program FilesDAEMON Tools LitelangTRK.dll

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Program FilesDAEMON Tools LiteDTShellHlp.exe

Security intelligence Version: AV: 1.349.1287.0, AS: 1.349.1287.0, NIS: 1.349.1287.0

Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

 

Date: 2021-09-23 22:05:04

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: App:Daemon_Tools_Lite_BundleInstaller

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:Program FilesDAEMON Tools LitelangARA.dll; file:_C:Program FilesDAEMON Tools LitelangCHS.dll; file:_C:Program FilesDAEMON Tools LitelangCHT.dll; file:_C:Program FilesDAEMON Tools LitelangENU.dll; file:_C:Program FilesDAEMON Tools LitelangSVE.dll; file:_C:Program FilesDAEMON Tools LitelangTRK.dll

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Program FilesDAEMON Tools LiteDTShellHlp.exe

Security intelligence Version: AV: 1.349.1271.0, AS: 1.349.1271.0, NIS: 1.349.1271.0

Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

 

Date: 2021-09-23 14:36:28

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: App:Daemon_Tools_Lite_BundleInstaller

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:Program FilesDAEMON Tools LitelangARA.dll; file:_C:Program FilesDAEMON Tools LitelangCHS.dll; file:_C:Program FilesDAEMON Tools LitelangCHT.dll; file:_C:Program FilesDAEMON Tools LitelangENU.dll; file:_C:Program FilesDAEMON Tools LitelangSVE.dll; file:_C:Program FilesDAEMON Tools LitelangTRK.dll

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Program FilesDAEMON Tools LiteDTShellHlp.exe

Security intelligence Version: AV: 1.349.1271.0, AS: 1.349.1271.0, NIS: 1.349.1271.0

Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

 

Date: 2021-09-22 15:06:15

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: App:Daemon_Tools_Lite_BundleInstaller

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:Program FilesDAEMON Tools LitelangARA.dll; file:_C:Program FilesDAEMON Tools LitelangCHS.dll; file:_C:Program FilesDAEMON Tools LitelangCHT.dll; file:_C:Program FilesDAEMON Tools LitelangENU.dll; file:_C:Program FilesDAEMON Tools LitelangSVE.dll; file:_C:Program FilesDAEMON Tools LitelangTRK.dll

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Program FilesDAEMON Tools LiteDTShellHlp.exe

Security intelligence Version: AV: 1.349.1093.0, AS: 1.349.1093.0, NIS: 1.349.1093.0

Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

 

Date: 2021-09-22 00:15:43

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: HackTool:Win32/ProductKey

Severity: High

Category: Tool

Path: file:_E:Windows Repair ToolDownloadsProduKeyprodukey.zip

Detection Origin: Local machine

Detection Type: FastPath

Detection Source: Real-Time Protection

Process Name: E:Windows Repair ToolWindows_Repair_Toolbox.exe

Security intelligence Version: AV: 1.349.1093.0, AS: 1.349.1093.0, NIS: 1.349.1093.0

Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10

 

Date: 2021-09-23 22:25:00

Description: 

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode 

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

 

Date: 2021-09-23 22:02:42

Description: 

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode 

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

 

Date: 2021-09-22 00:40:20

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.349.1093.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18500.10

Error code: 0x80080005

Error description: Server execution failed 

 

Date: 2021-09-17 17:42:56

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.349.858.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18500.10

Error code: 0x80070057

Error description: The parameter is incorrect. 

 

Date: 2021-09-17 17:31:06

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.349.858.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18500.10

Error code: 0x80070057

Error description: The parameter is incorrect. 

 

CodeIntegrity:

===============

Date: 2021-09-23 22:06:56

Description: 

Windows is unable to verify the image integrity of the file DeviceHarddiskVolume7Program FilesMalwarebytesAnti-MalwareMBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2021-09-22 00:26:10

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume7Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume7Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-09-16 20:32:58

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume7Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume7Program FilesAvast SoftwareAvastaswAMSI.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 1.51 07/09/2018

Motherboard: Micro-Star International Co., Ltd. H310M PRO-VD (MS-7B33)

Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz

Percentage of memory in use: 55%

Total physical RAM: 16322.55 MB

Available physical RAM: 7202.71 MB

Total Virtual: 25042.55 MB

Available Virtual: 11979.98 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:111.19 GB) (Free:8.67 GB) NTFS

Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:173.7 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:2794.5 GB) (Free:29.52 GB) NTFS

 

\?Volume{3bb465ee-8249-4088-9577-d54369ac949e} (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS

\?Volume{21dd4efb-e9ff-447b-9491-a77cc4143bd7} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==========================================================

Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==========================================================

Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== End of Addition.txt =======================


https://www.bleepingcomputer.com/forums/t/758837/gaming-fps-drops-malware-related/

Erlando F Rasatro

Next Post

HP Pavilion Laptop - lots of HDD activity & very slow

Mon Jan 24 , 2022
We have a laptop that for several months has become so slow that it is almost not worth using.  I’ve searched for Malware & viruses etc but haven’t managed to find anything.  There are no popups happening just lots of drive activity for 3 hours or so after its turned […]