Need Help Removing Virus/Malware – Virus, Trojan, Spyware, and Malware Removal Help

 

Hello polskamachina, in my reply I have included all the logs you’ve asked for.  Please let me know if any further attention is needed for my laptop and I will check for your reply.  Hopefully everything is back to working order.

 

-DominoPunkyHeart

 

 

 

 

 

Malwarebytes

www.malwarebytes.com

 

-Log Details-

Scan Date: 1/6/22

Scan Time: 3:13 AM

Log File: 90fa41a4-6ec8-11ec-89f2-c85b76ddc406.json

 

-Software Information-

Version: 4.5.0.152

Components Version: 1.0.1538

Update Package Version: 1.0.49486

License: Trial

 

-System Information-

OS: Windows 10 (Build 19042.1415)

CPU: x64

File System: NTFS

User: System

 

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Scheduler

Result: Completed

Objects Scanned: 321798

Threats Detected: 4

Threats Quarantined: 4

Time Elapsed: 6 min, 0 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 3

Trojan.Downloader, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETREEChromeLoader, Quarantined, 525, 1013878, , , , , , 

Trojan.Downloader, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHETASKS{5FC46DA9-B902-4534-BD56-314763BE61C1}, Quarantined, 525, 1013878, , , , , , 

Trojan.Downloader, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONSCHEDULETASKCACHEPLAIN{5FC46DA9-B902-4534-BD56-314763BE61C1}, Quarantined, 525, 1013878, , , , , , 

 

Registry Value: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 0

(No malicious items detected)

 

File: 1

Trojan.Downloader, C:WINDOWSSYSTEM32TASKSChromeLoader, Quarantined, 525, 1013878, 1.0.49486, , ame, , 2B041E4905764C13DFE4E21F91A7F935, 3B1F10F160AF29DD6E2F2F366BD612017ABD3F57E01BDCB69F0B0D5BA1E0879C

 

Physical Sector: 0

(No malicious items detected)

 

WMI: 0

(No malicious items detected)

 

 

(end)

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021

Ran by scott (administrator) on DOMINOPUNKYHEAR (LENOVO 80Q0) (07-01-2022 20:15:53)

Running from C:UsersscottDownloads

Loaded Profiles: scott

Platform: Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Adobe Systems Incorporated -> ) C:Program Files (x86)AdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe

(Dolby Laboratories, Inc. -> ) C:Program FilesDolbyDolby DAX2DAX2_APIDolbyDAX2API.exe

(Dolby Laboratories, Inc. -> ) C:Program FilesDolbyDolby DAX2DAX2_APPDolbyDAX2Toast.exe

(Dolby Laboratories, Inc. -> ) C:Program FilesDolbyDolby DAX2DAX2_APPDolbyDAX2TrayIcon.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <13>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesIntelWiFibinEvtEng.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:Program FilesIntelWiFibinZeroConfigService.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxCUIService.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxEM.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxext.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989IntelCpHDCPSvc.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989IntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe

(LENOVO -> ) C:Program FilesLenovoLenovoUtilityutility.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHostLenovo.Modern.ImController.PluginHost.CompanionApp.exe <3>

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHost86Lenovo.Modern.ImController.PluginHost.Device.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerServiceLenovo.Modern.ImController.exe

(LENOVO -> Lenovo(beijing) Limited) C:Program FilesLenovoNerve Centerbinx64HotkeyMonitor.exe

(LENOVO -> Lenovo(beijing) Limited) C:Program FilesLenovoNerve Centerbinx64LenovoNerveCenterTray.exe

(LENOVO -> Lenovo(beijing) Limited) C:Program FilesLenovoNerve Centerbinx64LenovoNerveCenterUpdateAgent.exe

(LENOVO -> Lenovo(beijing) Limited) C:Program FilesLenovoNerve Centerbinx64PluginLoaderSvc.exe

(LENOVO -> Lenovo(beijing) Limited) C:Program FilesLenovoNerve Centerbinx86GameRecorderSVC.exe

(LENOVO -> Lenovo) C:Program Files (x86)ThinkPadUtilitiesPWMDBSVC.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16SDXHelper.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbweWin32Bridge.Server.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <3>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe

(SweetLabs Inc. -> SweetLabs, Inc) C:UsersscottAppDataLocalHost App ServiceEngineHostAppServiceUpdater.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe

(Valve Corp. -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe

(Valve Corp. -> Valve Corporation) D:Steam GamesSteambincefcef.win7x64steamwebhelper.exe <7>

(Valve Corp. -> Valve Corporation) D:Steam GamesSteamsteam.exe

(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [NerveCenterTray] => C:Program FilesLenovoNerve Centerbinx64LenovoNerveCenterTray.exe [245088 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)

HKLM…Run: [LenovoUtility] => C:Program FilesLenovoLenovoUtilityutility.exe [791848 2017-03-09] (LENOVO -> )

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARAVCpl64.exe [16779768 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg_Dolby] => C:Program FilesRealtekAudioHDARAVBg64.exe [1478144 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:Program FilesRealtekAudioHDARAVBg64.exe [1478144 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg_LENOVO_MICPKEY] => C:Program FilesRealtekAudioHDARAVBg64.exe [1478144 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe [323056 2015-11-04] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM…Run: [DAX2_APP] => C:Program FilesDolbyDolby DAX2DAX2_APPDolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )

HKLM-x32…Run: [Adobe Photo Downloader] => C:Program Files (x86)AdobePhotoshop Elements 6.0apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM-x32…Run: [WDDiscovery] => C:Program Files (x86)Western DigitalDiscoveryCurrentWD Discovery.exe [81379600 2021-12-27] (Western Digital Technologies, Inc. -> Western Digital Corporation)

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…Run: [Discord] => C:UsersscottAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKLM…Windows x64Print ProcessorsBJ Print Processor4: C:WindowsSystem32spoolprtprocsx64CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…PrintMonitorsBJ Language Monitor4: C:Windowssystem32CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication97.0.4692.71Installerchrmstp.exe [2022-01-06] (Google LLC -> Google LLC)

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0316DD02-0788-46A3-B31D-D268AA016796} – System32TasksLenovoImControllerTimeBasedEventsc983d090-49d2-4d7b-b68c-da049919be80 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {03405A93-69CC-432A-819B-C994CD11EEA2} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)

Task: {0FCD2477-D645-4A26-9C66-6FBB862E7E54} – System32TasksLenovoImControllerTimeBasedEventsdd88ca7d-1204-4101-acf5-b5ae5e854747 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {39CDEF37-7D8A-4E7B-8964-CA932EBB9AE5} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [1542080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {40DE693C-8CFD-4CAC-8980-2BB8B1532DE4} – System32TasksApp Explorer => C:UsersscottAppDataLocalHost App ServiceEngineHostAppServiceUpdater.exe [7744560 2021-01-19] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION

Task: {44EF4A33-40A1-4267-9A66-1E83E8656E33} – System32TasksLenovoImControllerTimeBasedEventsad28dbd8-94e7-4179-8ea6-2a16996351d8 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {4E01D4EE-C295-472D-8C91-FF25F9AF74C6} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {4EA7A415-93B1-4D9C-8A29-1B1BECB0E909} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {58895498-3B9B-4802-9021-58372A7F37A8} – System32TasksLenovoImControllerLenovo iM Controller Scheduled Maintenance => “%windir%system32sc.exe” START ImControllerService

Task: {66318254-D66D-4652-86E7-C0D94986EE08} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [960448 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {70FFF1DF-0DBA-4C94-99A9-C0DF052F99D1} – System32TasksMicrosoftWindowsSetupEOSNotify => C:WINDOWSsystem32EOSNotify.exe (No File)

Task: {75A437C2-FB70-4356-8EF3-B5A0C78539EF} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108872 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {77E1CB8F-8FE0-4C1A-B440-D52FAE80C047} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [436160 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {7D1B2B7E-FFB6-4893-9CA1-99F466036754} – System32TasksLenovoImControllerPluginsLenovoSystemUpdatePlugin_WeeklyTask => %windir%System32reg.exe add hklmSOFTWARELenovoSystemUpdatePluginscheduler /v start /t reg_dword /d 1 /f /reg:32

Task: {7FABF0B7-BC09-49B6-9896-DE0A10ED887C} – System32TasksLenovoBatteryGaugeBatteryGaugeMaintenance => C:ProgramDataLenovoImControllerPluginsLenovoBatteryGaugePackagex64BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)

Task: {867DE49F-DC09-4079-B91D-A1604FAD8131} – System32TasksLenovoImControllerTimeBasedEventsb3e62256-cc6b-4b96-835d-821ec281b063 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {8CBB3840-CF5D-4699-A8F3-6DAF2B51BBAA} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-11-26] (Google Inc -> Google Inc.)

Task: {A5D5D761-F453-4A1D-A3F8-E215695D3C70} – System32TasksNvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe (No File)

Task: {B06EB3BB-EF4C-45D2-AF49-F40B58E4DCEA} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {B1E1D06C-AF40-4BE7-AEDA-CD7EB9FEFDFE} – System32TasksNerveCenterUpdate => C:Program FilesLenovoNerve Centerbinx64LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)

Task: {BD893A82-480B-423E-BE60-F42F446B7C8F} – System32TasksWD Discovery Service Task scott => C:Program Files (x86)Western DigitalDiscoveryCurrentServiceWDDiscoveryService.exe [78608 2021-12-27] (Western Digital Technologies, Inc. -> )

Task: {BE905044-A82A-4869-8BE3-6696AB9F23EB} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CA29313F-D0F5-4F99-A316-6BFF7C27D621} – System32TasksLenovoLenovo Settings Power => “C:WINDOWSsystem32rundll32.exe” “C:Program Files (x86)ThinkPadUtilitiesPWMTR64V.dll”,PwrMgrBkGndMonitor

Task: {CEF656B0-8B38-44E4-AAA3-FBFA364A2B5E} – System32TasksNvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {D2E9298C-C0CA-4CE6-A76B-5DD5144BD5BB} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {DB06F123-BE8B-46B0-A1C2-A31839917A66} – System32TasksLenovoImControllerLenovo iM Controller Monitor => C:WINDOWSsystem32ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {E256BDCD-E19B-435E-9297-D81244D62A3A} – System32TasksLenovoImControllerTimeBasedEvents9d14f0f5-2fca-4e63-bf39-347fb1fd24b1 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

Task: {E3EB9A8C-38D3-4EE3-84DE-B5017822D94F} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [108872 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {EB9E0C1E-23C5-4083-81B0-A7039C345E0B} – System32TasksWD Device Agent Task scott => C:Program Files (x86)Western DigitalDiscoveryCurrentWD Device Agent.exe [723728 2021-12-27] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

Task: {FC35D24A-2F66-4E75-9B09-570AA3EA9889} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 209.18.47.61 209.18.47.63

Tcpip..Interfaces{b675f143-5303-45d5-9d76-55b176ae069d}: [DhcpNameServer] 150.204.1.2

Tcpip..Interfaces{cc2b293d-37dd-49a3-ba83-23d46f9c1139}: [DhcpNameServer] 209.18.47.61 209.18.47.63

 

Edge: 

=======

DownloadDir: C:UsersscottDownloads

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersscottAppDataLocalMicrosoftEdgeUser DataDefault [2022-01-05]

 

FireFox:

========

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersscottAppDataLocalGoogleChromeUser DataDefault [2022-01-07]

CHR StartupUrls: Default -> “hxxp://homepage-web.com/?s=toshibaupd&m=start”

CHR NewTab: Default ->  Active:”chrome-extension://nadklbnikchkjjnlmnomcbdppegnppkk/tab10.html”

CHR Extension: (Slides) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]

CHR Extension: (Docs) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2018-11-26]

CHR Extension: (Google Drive) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-24]

CHR Extension: (YouTube) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]

CHR Extension: (Tampermonkey) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2021-05-23]

CHR Extension: (Gloss dark) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsedfjafcniegodjnlgfgacgkbbmjhgmfd [2022-01-05]

CHR Extension: (Sheets) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-11-26]

CHR Extension: (Night Mode Pro) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsgbilbeoogenjmnabenfjfoockmpfnjoh [2021-07-19]

CHR Extension: (Google Docs Offline) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30]

CHR Extension: (Dabi Wallpaper HD Custom New Tab) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsnadklbnikchkjjnlmnomcbdppegnppkk [2022-01-05]

CHR Extension: (Chrome Web Store Payments) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]

CHR Extension: (Gmail) – C:UsersscottAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Settings) – C:UsersscottAppDataLocal [2022-01-07]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor6.0; C:Program Files (x86)AdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe [124832 2007-09-11] (Adobe Systems Incorporated -> )

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)

R2 DAX2API; C:Program FilesDolbyDolby DAX2DAX2_APIDolbyDAX2API.exe [163336 2016-09-19] (Dolby Laboratories, Inc. -> )

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [811120 2020-03-15] (EasyAntiCheat Oy -> Epic Games, Inc)

S3 FLEXnet Licensing Service; C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848 2018-11-27] (Macrovision Europe Ltd.) [File not signed]

R2 GameRecorderSVC; C:Program FilesLenovoNerve Centerbinx86GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)

R2 ImControllerService; C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7901368 2022-01-05] (Malwarebytes Inc -> Malwarebytes)

R2 PluginLoaderSvc; C:Program FilesLenovoNerve Centerbinx64PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)

S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [2017072 2021-12-20] (Rockstar Games, Inc. -> Rockstar Games)

R2 WDDriveService; C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe [528160 2018-06-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2111.5-0NisSrv.exe [2876152 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2111.5-0MsMpEng.exe [128360 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; “C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe” -s NVDisplay.ContainerLocalSystem -f “C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log” -l 3 -d “C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem”

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 BHTPCRDR; C:WINDOWSSystem32driversbhtpcrdr.sys [173432 2016-08-10] (BayHub Technology Inc. -> BayHubTech/O2Micro)

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 BthHFEnum; C:WINDOWSSystem32driversbthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]

S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2022-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R2 FBNetFilter; C:Windowssystem32DriversFBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210352 2022-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2022-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [193448 2022-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [69040 2022-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2022-01-05] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2022-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48536 2021-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R3 WDC_SAM; C:WINDOWSSystem32driverswdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [435432 2021-12-15] (Microsoft Windows -> Microsoft Corporation)

R1 wdfsconnect2017; C:WINDOWSsystem32driverswdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86248 2021-12-15] (Microsoft Windows -> Microsoft Corporation)

R3 wdvpnpbus; C:WINDOWSSystem32driverswdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2022-01-07 20:15 – 2022-01-07 20:16 – 000027544 ____C C:UsersscottDownloadsFRST.txt

2022-01-07 19:04 – 2022-01-07 19:04 – 000000000 ___DC C:UsersscottAppDataLocalLowIGDump

2022-01-06 11:05 – 2022-01-06 11:05 – 000193448 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2022-01-06 11:05 – 2022-01-06 11:05 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2022-01-06 11:05 – 2022-01-06 11:05 – 000069040 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2022-01-05 16:25 – 2022-01-07 20:16 – 000000000 ___DC C:FRST

2022-01-05 16:19 – 2022-01-05 16:19 – 002311168 ____C (Farbar) C:UsersscottDownloadsFRST64.exe

2022-01-05 15:47 – 2022-01-05 15:47 – 000000000 ___DC C:AdwCleaner

2022-01-05 11:07 – 2022-01-05 11:07 – 000265926 _____ C:WINDOWSntbtlog.txt

2022-01-05 11:07 – 2022-01-05 11:07 – 000000214 ____C C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job

2022-01-05 09:25 – 2022-01-05 09:25 – 000000000 ____D C:UsersscottAppDataLocalmbam

2022-01-05 09:24 – 2022-01-05 11:11 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2022-01-05 09:24 – 2022-01-05 11:07 – 000210352 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2022-01-05 09:24 – 2022-01-05 09:24 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2022-01-05 09:24 – 2022-01-05 09:24 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2022-01-05 09:24 – 2022-01-05 09:24 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2022-01-05 09:24 – 2022-01-05 09:24 – 000002028 ____C C:UsersPublicDesktopMalwarebytes.lnk

2022-01-05 09:24 – 2022-01-05 09:24 – 000000000 ____D C:ProgramDataMalwarebytes

2022-01-05 09:24 – 2022-01-05 09:24 – 000000000 ____D C:Program FilesMalwarebytes

2022-01-05 07:31 – 2022-01-06 11:04 – 097517568 _____ C:WINDOWSsystem32configSOFTWARE

2022-01-05 07:27 – 2022-01-05 07:31 – 000000000 ____D C:WINDOWSMicrosoft Antimalware

2022-01-05 04:49 – 2022-01-05 04:49 – 000000000 ____D C:UsersscottAppDataLocalGUI

2022-01-05 04:49 – 2022-01-05 04:49 – 000000000 ____D C:ProgramDataSecuritySuite

2022-01-04 13:31 – 2022-01-04 13:31 – 000000000 ____D C:UsersscottAppDataLocalChess2

2022-01-04 13:29 – 2022-01-04 13:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsChess Ultra

2022-01-04 12:53 – 2022-01-04 12:53 – 000000000 ____D C:UsersscottAppDataLocalchrome

2021-12-27 19:36 – 2021-12-27 19:36 – 000003172 _____ C:WINDOWSsystem32TasksWD Device Agent Task scott

2021-12-18 01:27 – 2021-12-18 01:27 – 000000000 ____D C:WINDOWSSystemTemp

2021-12-18 01:25 – 2021-12-18 01:25 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-12-18 01:25 – 2021-12-18 01:25 – 000011979 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-12-18 01:24 – 2021-12-18 01:24 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-12-18 01:24 – 2021-12-18 01:24 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-12-18 01:19 – 2021-12-18 01:19 – 000000000 __HDC C:$WinREAgent

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2022-01-07 20:10 – 2018-11-26 16:18 – 000000000 ___DC C:UsersscottAppDataLocalHost App Service

2022-01-07 19:31 – 2018-11-26 16:58 – 000000000 ___DC C:Program Files (x86)Google

2022-01-07 19:18 – 2019-12-07 04:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2022-01-07 13:53 – 2021-03-14 18:25 – 000004168 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{441EDC59-0660-4121-9195-856D71242991}

2022-01-07 13:53 – 2017-03-09 09:49 – 000000000 ___DC C:ProgramDataNVIDIA

2022-01-07 13:50 – 2018-11-26 16:35 – 000000000 _SHDC C:UsersscottIntelGraphicsProfiles

2022-01-07 11:37 – 2021-03-14 18:18 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2022-01-07 08:27 – 2018-11-26 19:07 – 000000000 ___DC C:UsersscottAppDataRoamingvlc

2022-01-06 11:12 – 2021-03-14 19:23 – 000842414 _____ C:WINDOWSsystem32PerfStringBackup.INI

2022-01-06 11:12 – 2019-12-07 04:13 – 000000000 ____D C:WINDOWSINF

2022-01-06 11:05 – 2021-03-14 18:25 – 000000006 ___HC C:WINDOWSTasksSA.DAT

2022-01-06 11:05 – 2021-03-14 18:18 – 000008192 ___SH C:DumpStack.log.tmp

2022-01-06 11:05 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSServiceState

2022-01-06 11:04 – 2019-12-07 04:03 – 000786432 _____ C:WINDOWSsystem32configBBI

2022-01-06 06:30 – 2018-11-27 05:11 – 000000000 ___DC C:UsersscottAppDataRoamingdiscord

2022-01-06 06:24 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSAppReadiness

2022-01-06 05:38 – 2018-11-27 05:11 – 000000000 ___DC C:UsersscottAppDataLocalDiscord

2022-01-06 03:16 – 2018-11-26 16:58 – 000002308 ____C C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2022-01-05 13:51 – 2018-11-26 21:55 – 000000000 ___DC C:UsersscottAppDataLocalD3DSCache

2022-01-05 13:19 – 2019-12-07 04:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2022-01-05 12:49 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSCbsTemp

2022-01-05 10:05 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSLiveKernelReports

2022-01-05 09:25 – 2018-11-30 01:32 – 000000000 ___DC C:UsersscottAppDataLocalCrashDumps

2022-01-05 04:17 – 2019-12-07 04:14 – 000000000 ___HD C:Program FilesWindowsApps

2022-01-05 04:08 – 2021-11-14 13:50 – 000000000 ___DC C:UsersscottAppDataLocalLowuTorrent

2022-01-05 04:08 – 2019-04-13 02:55 – 000000000 ___DC C:UsersscottAppDataLocalBitTorrentHelper

2022-01-05 04:08 – 2018-11-27 00:58 – 000000000 ___DC C:UsersscottAppDataRoaminguTorrent

2022-01-04 13:31 – 2019-01-05 23:35 – 000000000 ___DC C:UsersscottAppDataLocalUnrealEngine

2021-12-28 17:07 – 2018-11-29 15:38 – 000000000 ___DC C:UsersscottAppDataRoamingWD Discovery

2021-12-28 17:07 – 2018-11-29 15:38 – 000000000 ___DC C:Usersscott.wdc

2021-12-27 23:05 – 2021-03-14 18:18 – 001338920 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-12-27 19:37 – 2018-11-29 15:39 – 000000000 ___DC C:Program FilesWD Desktop App

2021-12-27 19:37 – 2017-03-09 09:48 – 000000000 ___DC C:ProgramDataPackage Cache

2021-12-27 19:36 – 2021-03-14 18:25 – 000003236 _____ C:WINDOWSsystem32TasksWD Discovery Service Task scott

2021-12-27 19:36 – 2018-11-29 15:39 – 000000000 ___DC C:Program Files (x86)Western Digital

2021-12-27 19:36 – 2018-11-26 16:36 – 000000000 __RDC C:UsersscottOneDrive

2021-12-27 00:57 – 2021-03-14 09:50 – 000000000 ____D C:Usersscott

2021-12-20 17:04 – 2019-08-30 05:36 – 000000000 ____D C:UsersscottAppDataLocalRockstar Games

2021-12-20 17:01 – 2019-08-30 05:36 – 000000000 ____D C:Program FilesRockstar Games

2021-12-20 17:01 – 2019-08-30 05:36 – 000000000 ____D C:Program Files (x86)Rockstar Games

2021-12-20 10:09 – 2021-04-19 21:57 – 000000000 ____D C:UsersscottAppDataLocalT2GP Launcher

2021-12-19 04:14 – 2020-03-13 15:02 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-12-18 17:56 – 2017-03-09 08:27 – 000000000 ___DC C:Program Files (x86)Microsoft Office

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSystemResources

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSProvisioning

2021-12-18 01:27 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-12-16 16:44 – 2018-11-26 19:39 – 000000000 ___DC C:WINDOWSsystem32MRT

2021-12-16 16:42 – 2018-11-26 19:39 – 137938848 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-12-15 19:49 – 2018-11-26 19:39 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-12-11 10:31 – 2021-03-24 19:52 – 000000000 ____D C:WINDOWSMinidump

2021-12-10 20:08 – 2021-04-26 03:47 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d719293b661bc7

2021-12-10 20:08 – 2021-03-14 18:25 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021

Ran by scott (07-01-2022 20:17:01)

Running from C:UsersscottDownloads

Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) (2021-03-14 23:26:02)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-4096549371-2451222336-3956411163-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-4096549371-2451222336-3956411163-503 – Limited – Disabled)

defaultuser0 (S-1-5-21-4096549371-2451222336-3956411163-1000 – Limited – Disabled) => C:Usersdefaultuser0

Guest (S-1-5-21-4096549371-2451222336-3956411163-501 – Limited – Disabled)

scott (S-1-5-21-4096549371-2451222336-3956411163-1001 – Administrator – Enabled) => C:Usersscott

WDAGUtilityAccount (S-1-5-21-4096549371-2451222336-3956411163-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

[NarutoPlanet.ru] Bleach Heat The Soul 7 PC (HKLM-x32…[NarutoPlanet.ru] Bleach Heat The Soul 7 PC_is1) (Version: [NarutoPlanet.ru] Bleach Heat The Soul 7 PC – NarutoPlanet.ru)

µTorrent (HKUS-1-5-21-4096549371-2451222336-3956411163-1001…uTorrent) (Version: 3.5.5.46096 – BitTorrent Inc.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

ACID Music Studio 10.0 (HKLM-x32…{0417C9E1-CBD4-11E3-A786-F04DA23A5C58}) (Version: 10.0.108 – Sony)

Adobe Photoshop (HKLM-x32…Adobe Photoshop_is1) (Version:  – www.g1wholesale.com)

Adobe Photoshop Elements 6.0 (HKLM-x32…Adobe Photoshop Elements 6) (Version: 6.0 – Adobe Systems Inc.)

BayHubTech Flash Memory Card Windows Driver (HKLM…{357682C3-2295-45C5-B7DD-8109E66656EC}) (Version: 3.4.00.30 – BayHub Technology LTD.) Hidden

BayHubTech Flash Memory Card Windows Driver (HKLM-x32…InstallShield_{357682C3-2295-45C5-B7DD-8109E66656EC}) (Version: 3.4.00.30 – BayHub Technology LTD.)

BCC 8 OFX 64Bit (HKLM…{6309B4F7-F571-44FB-A154-330BE4C57042}) (Version: 8.1.0301 – Boris FX, Inc.)

CEP (Color Enable Package) v.9.2 (beta) (HKLM-x32…CEP – Colour Enable Packages_is1) (Version: 9.2 (beta) – Numenor, for ModTheSims2)

Chess Ultra (HKLM-x32…Chess Ultra_is1) (Version:  – )

Cities Skylines Campus (HKLM-x32…Cities Skylines Campus_is1) (Version:  – )

Cities Skylines Modern City Center (HKLM-x32…Cities Skylines Modern City Center_is1) (Version:  – )

Cities Skylines Sunset Harbor (HKLM-x32…Cities Skylines Sunset Harbor_is1) (Version:  – )

Cities Skylines Train Stations (HKLM-x32…Cities Skylines Train Stations_is1) (Version:  – )

Dead or Alive 6 (HKLM-x32…Dead or Alive 6_is1) (Version:  – )

Discord (HKUS-1-5-21-4096549371-2451222336-3956411163-1001…Discord) (Version: 0.0.309 – Discord Inc.)

Dolby Audio X2 Windows API SDK (HKLM…{AA950AA4-CD9B-4D81-B6C0-BFABB7A24261}) (Version: 0.7.5.65 – Dolby Laboratories, Inc.)

Dolby Audio X2 Windows APP (HKLM…{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 – Dolby Laboratories, Inc.)

Dragon Ball FighterZ (HKLM-x32…Dragon Ball FighterZ_is1) (Version:  – )

DVD Architect Studio 5.0 (HKLM-x32…{3822E74F-08F8-11E3-99EE-F04DA23A5C58}) (Version: 5.0.186 – Sony)

EA Download Manager (HKLM-x32…EADM) (Version: 5.0.0.255 – Electronic Arts, Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 97.0.4692.71 – Google LLC)

Intel® Chipset Device Software (HKLM-x32…{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 – Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 – Intel Corporation)

Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4526 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 – Intel Corporation)

Intel® Wireless Bluetooth® (HKLM-x32…{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 – Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32…{bc883058-299e-461f-8e52-4f1dbb355f86}) (Version: 19.0.1 – Intel Corporation)

iZotope Audio Enhancer (HKLM-x32…iZotope Audio Enhancer_is1) (Version: 1.00 – iZotope, Inc.)

JUMP FORCE (HKLM-x32…JUMP FORCE_is1) (Version:  – )

Jurassic World: Evolution (HKLM-x32…Jurassic World: Evolution_is1) (Version:  – )

Just Cause 4 (HKLM-x32…{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version:  – Avalanche Studios)

Lenovo App Explorer (HKUS-1-5-19…Host App Service) (Version: 0.271.1.400 – SweetLabs for Lenovo) <==== ATTENTION

Lenovo App Explorer (HKUS-1-5-20…Host App Service) (Version: 0.271.1.400 – SweetLabs for Lenovo) <==== ATTENTION

Lenovo App Explorer (HKUS-1-5-21-4096549371-2451222336-3956411163-1000…Host App Service) (Version: 0.273.2.941 – SweetLabs for Lenovo) <==== ATTENTION

Lenovo App Explorer (HKUS-1-5-21-4096549371-2451222336-3956411163-1001…Host App Service) (Version: 0.273.4.227 – SweetLabs for Lenovo) <==== ATTENTION

Lenovo Nerve Sense (HKLM…{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 – Lenovo)

Lenovo Settings – Power (HKLM-x32…{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 – Lenovo)

Lenovo System Interface Foundation Driver (HKLM…{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.1.17.1 – Lenovo)

LenovoUtility (HKLM-x32…{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 – Lenovo) Hidden

LenovoUtility (HKLM-x32…InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 – Lenovo)

Malwarebytes version 4.5.0.152 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 – Malwarebytes)

Malzbies Pinball Collection Ghouls (HKLM-x32…Malzbies Pinball Collection Ghouls_is1) (Version:  – )

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.62 – Microsoft Corporation)

Microsoft Office Home and Student 2016 – en-us (HKLM…HomeStudentRetail – en-us) (Version: 16.0.14701.20262 – Microsoft Corporation)

Microsoft Office Word 2007 (HKLM-x32…WORD) (Version: 12.0.4518.1014 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729 (HKLM…{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729 (HKLM-x32…{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32…{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 – Microsoft Corp.)

Movie Studio Platinum 13.0 (64-bit) (HKLM…{402E168F-CC02-11E3-812F-F04DA23A5C58}) (Version: 13.0.932 – Sony)

NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to Boruto Next Generations (HKLM-x32…NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to ~629813CA_is1) (Version:  – )

NewBlue VideoFX for Sony Vegas MSPPS (HKLM…NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 – NewBlue)

NewBlue VideoFX for Sony Vegas MSPPS (HKLM-x32…NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 – NewBlue)

NVIDIA GeForce Experience 3.10.0.95 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.16.0318 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden

OpenAL (HKLM-x32…OpenAL) (Version:  – )

OpenIV (HKUS-1-5-21-4096549371-2451222336-3956411163-1001…OpenIV) (Version: 4.0.1.1452 – .black/OpenIV Team)

PGA TOUR 2K21 (HKLM-x32…PGA TOUR 2K21_is1) (Version:  – )

Pinball Arcade Season 1 to 7 Pro Packs (HKLM-x32…Pinball Arcade Season 1 to 7 Pro Packs_is1) (Version:  – )

Pinball FX3 Williams Pinball Volume 5 (HKLM-x32…Pinball FX3 Williams Pinball Volume 5_is1) (Version:  – )

Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 – Realtek)

Revo Uninstaller 2.2.2 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.2 – VS Revo Group, Ltd.)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.53.576 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.9.3 – Rockstar Games)

Saints Row – The Third (HKLM-x32…1430740694_is1) (Version: 2.0.0.4 – GOG.com)

SanDisk Security (HKLM-x32…{189ff347-b978-4c66-88b6-30214ecb87a9}) (Version: 1.0.0.17 – Western Digital Technologies, Inc.)

SanDisk Security (HKLM-x32…{3C6EE362-358C-41AB-8B54-0BBBE7DE837F}) (Version: 1.0.0.17 – Western Digital Technologies, Inc.) Hidden

Sekiro Shadows Die Twice (HKLM-x32…Sekiro Shadows Die Twice_is1) (Version:  – )

Sims 3 – Nude Censor Remover (HKLM-x32…xSIMS_Censor_Remover_TS3) (Version:  – )

Sims 4 Studio (HKLM-x32…{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 3.1.3.3 – Sims 4 Studio)

Sony Vocal Eraser (HKLM-x32…Sony Vocal Eraser_is1) (Version: 1.00 – iZotope, Inc.)

Sound Forge Audio Studio 10.0 (HKLM-x32…{BC208D90-4643-11E3-987B-F04DA23A5C58}) (Version: 10.0.252 – Sony)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Street Fighter V Arcade Edition (HKLM-x32…Street Fighter V Arcade Edition_is1) (Version:  – )

TEKKEN 7 Ultimate Edition (HKLM-x32…TEKKEN 7 Ultimate Edition_is1) (Version:  – )

The Sims 4 v. 1.67.45.1020 (HKLM-x32…The Sims 4_is1) (Version:  – )

The Sims™ 3 (HKLM-x32…{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 – Electronic Arts)

The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32…{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 – Electronic Arts)

The Sims™ 3 Ambitions (HKLM-x32…{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 – Electronic Arts)

The Sims™ 3 Diesel Stuff (HKLM-x32…{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 – Electronic Arts)

The Sims™ 3 Fast Lane Stuff (HKLM-x32…{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 – Electronic Arts)

The Sims™ 3 Generations (HKLM-x32…{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 – Electronic Arts)

The Sims™ 3 High-End Loft Stuff (HKLM-x32…{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 – Electronic Arts)

The Sims™ 3 Into the Future (HKLM-x32…{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 – Electronic Arts)

The Sims™ 3 Island Paradise (HKLM-x32…{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 – Electronic Arts)

The Sims™ 3 Katy Perry’s Sweet Treats (HKLM-x32…{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 – Electronic Arts)

The Sims™ 3 Late Night (HKLM-x32…{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 – Electronic Arts)

The Sims™ 3 Master Suite Stuff (HKLM-x32…{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 – Electronic Arts)

The Sims™ 3 Movie Stuff (HKLM-x32…{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 – Electronic Arts)

The Sims™ 3 Outdoor Living Stuff (HKLM-x32…{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 – Electronic Arts)

The Sims™ 3 Pets (HKLM-x32…{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 – Electronic Arts)

The Sims™ 3 Seasons (HKLM-x32…{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 – Electronic Arts)

The Sims™ 3 Showtime (HKLM-x32…{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 – Electronic Arts)

The Sims™ 3 Supernatural (HKLM-x32…{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 – Electronic Arts)

The Sims™ 3 Town Life Stuff (HKLM-x32…{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 – Electronic Arts)

The Sims™ 3 University Life (HKLM-x32…{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 – Electronic Arts)

The Sims™ 3 World Adventures (HKLM-x32…{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 – Electronic Arts)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 – Microsoft Corporation)

UpdateAssistant (HKLM…{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 – Microsoft Corporation) Hidden

Vegas Movie Studio HD 9.0 (HKLM-x32…{655CD886-3B90-4E4D-B314-92BDA9B08C86}) (Version: 9.0.30 – Sony)

VLC media player (HKLM…VLC media player) (Version: 3.0.12 – VideoLAN)

Vulkan Run Time Libraries 1.0.11.1 (HKLM…VulkanRT1.0.11.1) (Version: 1.0.11.1 – LunarG, Inc.)

Vulkan Run Time Libraries 1.0.26.0 (HKLM…VulkanRT1.0.26.0) (Version: 1.0.26.0 – LunarG, Inc.)

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1-2) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1-3) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1-4) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1-5) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Watch Dogs Complete Edition MULTi19 – ElAmigos version 1.06.329 (HKLM-x32…{EC053F56-69AC-44BF-A227-F6CB1E35272D}_is1) (Version: 1.06.329 – UBISoft)

Watch_Dogs 2 (HKLM-x32…Watch_Dogs 2_is1) (Version:  – )

WD Desktop App 2.1.0.322 (HKLM-x32…{9478cae3-730b-4ffe-b22b-ae8b7787f5d5}) (Version: 2.1.0.322 – Western Digital Corporation) Hidden

WD Desktop App 2.1.0.322 (x64) (HKLM…{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.322 – Western Digital Corporation) Hidden

WD Discovery (HKLM-x32…WDDiscovery) (Version: 4.3.336 – Western Digital Technologies, Inc.)

WD SES Driver Setup (HKLM-x32…{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 – Western Digital) Hidden

WeMod (HKUS-1-5-21-4096549371-2451222336-3956411163-1001…WeMod) (Version: 7.1.16 – WeMod)

Windows PC Health Check (HKLM…{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 – Microsoft Corporation)

 

Packages:

=========

BreeZip -> C:Program FilesWindowsApps3138AweZip.AweZip_1.4.8.0_x86__ffd303wmbhcjt [2021-08-17] (BreeZip) [MS Ad]

Lenovo Settings -> C:Program FilesWindowsAppsLenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-11-16] (LENOVO INCORPORATED.)

Lenovo Vantage -> C:Program FilesWindowsAppsE046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-29] (LENOVO INC.)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]

Microsoft Mahjong -> C:Program FilesWindowsAppsMicrosoft.MicrosoftMahjong_4.1.11220.0_x64__8wekyb3d8bbwe [2021-12-07] (Microsoft Studios) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)

Real Chess Online -> C:Program FilesWindowsApps52833Alienforce.ChessFusionFree_3.25.0.0_x64__np5hvx4gj677g [2021-11-16] (Alienforce)

Trio Office -> C:Program FilesWindowsApps64343GTDocStudio.OfficeDocOpener_3.2.24.0_x86__3h5nez1g3qt2c [2021-08-17] (GT Office PDF Studio)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-4096549371-2451222336-3956411163-1001_ClassesCLSID{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}InprocServer32 -> C:UsersscottAppDataLocalMicrosoftOneDrive18.192.0920.0015amd64FileSyncShell64.dll => No File

CustomCLSID: HKUS-1-5-21-4096549371-2451222336-3956411163-1001_ClassesCLSID{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}InprocServer32 -> C:UsersscottAppDataLocalMicrosoftOneDrive18.192.0920.0015amd64FileSyncShell64.dll => No File

CustomCLSID: HKUS-1-5-21-4096549371-2451222336-3956411163-1001_ClassesCLSID{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}InprocServer32 -> C:UsersscottAppDataLocalMicrosoftOneDrive18.192.0920.0015amd64FileSyncShell64.dll => No File

SSODL: WDFSMountNotificator-wdfsconnect2017 – {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF} – C:WINDOWSsystem32wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]

SSODL-x32: WDFSMountNotificator-wdfsconnect2017 – {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF} – C:WINDOWSSysWOW64wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]

ShellServiceObjects: Virtual Storage Mount Notification -> {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF} => C:WINDOWSsystem32wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]

ShellServiceObjects-x32: Virtual Storage Mount Notification -> {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF} => C:WINDOWSSysWOW64wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [WDDesktopContextMenu] -> {f351d8c9-ff13-3519-92fa-763cce46b27b} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-01-05] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [WDDesktopContextMenu] -> {f351d8c9-ff13-3519-92fa-763cce46b27b} => C:Program FilesWD Desktop Appkda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:WINDOWSSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_1a33d2f73651d989igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2017-01-15] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-01-05] (Malwarebytes Corporation -> Malwarebytes)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [vidc.VP60] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

HKLM…Drivers32: [vidc.VP61] => C:WINDOWSSysWOW64vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2021-11-20 05:34 – 2021-10-05 20:30 – 126961152 _____ () [File not signed] D:Steam GamesSteambincefcef.win7x64libcef.dll

2021-11-20 05:34 – 2021-10-05 20:30 – 000384000 _____ () [File not signed] D:Steam GamesSteambincefcef.win7x64libegl.dll

2021-11-20 05:34 – 2021-10-05 20:30 – 008006656 _____ () [File not signed] D:Steam GamesSteambincefcef.win7x64libglesv2.dll

2020-01-19 07:47 – 2019-02-21 11:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2020-04-17 12:19 – 2020-04-17 12:19 – 000000000 ___CL (Microsoft Corporation) [simlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunAppvIsvSubsystems32.dll] C:Program Files (x86)Microsoft OfficeRootOffice16AppVIsvSubsystems32.dll

2020-04-17 12:19 – 2020-04-17 12:19 – 000000000 ___CL (Microsoft Corporation) [simlink -> C:Program FilesCommon FilesMicrosoft SharedClickToRunC2R32.dll] C:Program Files (x86)Microsoft OfficeRootOffice16c2r32.dll

2021-11-20 05:34 – 2021-10-05 20:30 – 000983552 _____ (The Chromium Authors) [File not signed] D:Steam GamesSteambincefcef.win7x64chrome_elf.dll

2018-11-29 15:39 – 2017-11-10 12:51 – 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:WINDOWSsystem32wdfsconnectMntNtf2017.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-4096549371-2451222336-3956411163-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://lenovo17swin10.msn.com/?pc=LSJE

HKUS-1-5-21-4096549371-2451222336-3956411163-1001SoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages = hxxp://mystart.toshiba.com

SearchScopes: HKUS-1-5-21-4096549371-2451222336-3956411163-1001 -> DefaultScope {BBBC899D-85F0-447B-89ED-F68FBA315D38} URL = 

SearchScopes: HKUS-1-5-21-4096549371-2451222336-3956411163-1001 -> {BBBC899D-85F0-447B-89ED-F68FBA315D38} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

BHO: No Name -> {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF}’ -> No File

BHO-x32: No Name -> {F91D11A8-8E29-408A-A9ED-D1B4CE29ECDF}’ -> No File

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2016-07-16 06:47 – 2022-01-05 13:19 – 000000824 ____C C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-4096549371-2451222336-3956411163-1000Control PanelDesktop\Wallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg

HKUS-1-5-21-4096549371-2451222336-3956411163-1001Control PanelDesktop\Wallpaper -> E:Anime and Yaoidabi (26).jpeg

DNS Servers: 209.18.47.61 – 209.18.47.63

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “WinZip PreLoader”

HKLM…StartupApprovedRun32: => “Adobe Photo Downloader”

HKLM…StartupApprovedRun32: => “WDDiscovery”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “OneDriveSetup”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “Steam”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “uTorrent”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “Discord”

HKUS-1-5-21-4096549371-2451222336-3956411163-1001…StartupApprovedRun: => “ShutterflyStudio”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{4B0469CC-C1DB-4073-AE30-18D56FD2983B}E:simcasino.v15.02.2021simcasinosimcasino.exe] => (Allow) E:simcasino.v15.02.2021simcasinosimcasino.exe => No File

FirewallRules: [TCP Query User{8D26ABB6-5C87-4273-9362-13F86D515553}E:simcasino.v15.02.2021simcasinosimcasino.exe] => (Allow) E:simcasino.v15.02.2021simcasinosimcasino.exe => No File

FirewallRules: [{2BA8F4F5-08F8-4AA0-AF22-95DF989BBFCB}] => (Allow) E:Pinball GamesPinball.ParlorPP.exe => No File

FirewallRules: [{95002BEA-BA72-4726-90CC-6502BF6225D2}] => (Allow) E:Pinball GamesPinball.ParlorPP.exe => No File

FirewallRules: [{ED631F4E-09FC-4225-BC45-144386BCC66A}] => (Allow) E:Pinball GamesPinball.ParlorPP.exe => No File

FirewallRules: [{35094D17-58A1-432B-AF94-47034D9175E3}] => (Allow) E:Pinball GamesPinball.ParlorPP.exe => No File

FirewallRules: [{578CED8D-A937-4408-85B1-057D819CDDE9}] => (Allow) D:Steam GamesSteamsteamappscommonZaccaria PinballZaccariaPinball.exe () [File not signed]

FirewallRules: [{6291D1CC-6C69-4971-80F3-D6F51869054B}] => (Allow) D:Steam GamesSteamsteamappscommonZaccaria PinballZaccariaPinball.exe () [File not signed]

FirewallRules: [UDP Query User{02A6B425-F016-4A10-9DD3-EBD3447F85D8}E:gamesthe sims 4gamebin_lets4.exe] => (Block) E:gamesthe sims 4gamebin_lets4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [TCP Query User{604C14CD-E578-4F53-A635-3F9369D476E2}E:gamesthe sims 4gamebin_lets4.exe] => (Block) E:gamesthe sims 4gamebin_lets4.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [{6B831CFE-226F-4BC0-8799-C6960ED033BA}] => (Allow) C:Program FilesBlueStacksHD-Player.exe => No File

FirewallRules: [{B4135EB5-8A74-4C8A-9E8C-2D88FEA394C8}] => (Allow) D:Steam GamesSteamsteamappscommonL.A.NoireLANLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{8CC87BE0-A341-498A-99DC-1005713C94CD}] => (Allow) D:Steam GamesSteamsteamappscommonL.A.NoireLANLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{0D49990D-62BD-4859-A700-3469F2224838}] => (Allow) D:Steam GamesSteamsteamappscommonMafia II Definitive EditionpcMafia2LauncherLauncher.exe (2K Games) [File not signed]

FirewallRules: [{0037A64F-6418-4B28-99AA-4CEC6632E396}] => (Allow) D:Steam GamesSteamsteamappscommonMafia II Definitive EditionpcMafia2LauncherLauncher.exe (2K Games) [File not signed]

FirewallRules: [{52177A74-62B9-4CD0-8860-620E281BB1CA}] => (Allow) D:Steam GamesSteamsteamappscommonMafia Definitive Editionlauncher.exe (2K Games) [File not signed]

FirewallRules: [{EAB8B3F6-5224-4110-B901-8BAE79D593DF}] => (Allow) D:Steam GamesSteamsteamappscommonMafia Definitive Editionlauncher.exe (2K Games) [File not signed]

FirewallRules: [UDP Query User{9DBA000A-E130-4AFE-820E-97F92B406617}E:gamesthe sims 4gamebints4_x64.exe] => (Allow) E:gamesthe sims 4gamebints4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [TCP Query User{2093F737-F84F-4B39-BF95-D6BDCEDAEFBC}E:gamesthe sims 4gamebints4_x64.exe] => (Allow) E:gamesthe sims 4gamebints4_x64.exe (Electronic Arts Inc.) [File not signed]

FirewallRules: [{6D355FBE-AE23-4E76-9BE1-415F370A40AF}] => (Allow) D:Steam GamesSteamsteamappscommonMy Hero Ones Justice 2HeroGameBinariesWin64MHOJ2.exe (BNEI) [File not signed]

FirewallRules: [{05A799FE-E82A-42F7-B1CD-C27EB1F737EB}] => (Allow) D:Steam GamesSteamsteamappscommonMy Hero Ones Justice 2HeroGameBinariesWin64MHOJ2.exe (BNEI) [File not signed]

FirewallRules: [UDP Query User{23F24458-48C5-4E43-9A3A-5EB7AA8A6CB2}E:gamesthe sims 4 eco lifestylegamebints4_x64.exe] => (Allow) E:gamesthe sims 4 eco lifestylegamebints4_x64.exe => No File

FirewallRules: [TCP Query User{407E0FBD-26EC-4C2D-910E-9D2676EAC39A}E:gamesthe sims 4 eco lifestylegamebints4_x64.exe] => (Allow) E:gamesthe sims 4 eco lifestylegamebints4_x64.exe => No File

FirewallRules: [UDP Query User{76093F34-BB7F-4D4F-9C8D-978A39E22122}E:saints row 3 – gamesaints row 3saintsrowthethird_dx11.exe] => (Allow) E:saints row 3 – gamesaints row 3saintsrowthethird_dx11.exe => No File

FirewallRules: [TCP Query User{573B1A30-35C8-4FB9-A7C5-15E296CD908E}E:saints row 3 – gamesaints row 3saintsrowthethird_dx11.exe] => (Allow) E:saints row 3 – gamesaints row 3saintsrowthethird_dx11.exe => No File

FirewallRules: [UDP Query User{E36F3718-5ABA-4F09-9A84-622B97661E9A}E:saints row 2 – gamesaints row 2sr2_pc.exe] => (Allow) E:saints row 2 – gamesaints row 2sr2_pc.exe => No File

FirewallRules: [TCP Query User{492D992A-B834-49D1-A22F-B047C113916F}E:saints row 2 – gamesaints row 2sr2_pc.exe] => (Allow) E:saints row 2 – gamesaints row 2sr2_pc.exe => No File

FirewallRules: [{FA3B11CD-BDE4-474D-8BBC-A864BDF57DC6}] => (Allow) D:Steam GamesSteamsteamappscommonONE PUNCH MAN A HERO NOBODY KNOWSONE PUNCH MAN A HERO NOBODY KNOWS.exe (EasyAntiCheat Oy -> Epic Games, Inc)

FirewallRules: [{770ABD07-908B-4038-9E2B-43AA5247C36A}] => (Allow) D:Steam GamesSteamsteamappscommonONE PUNCH MAN A HERO NOBODY KNOWSONE PUNCH MAN A HERO NOBODY KNOWS.exe (EasyAntiCheat Oy -> Epic Games, Inc)

FirewallRules: [UDP Query User{075CE593-D950-425E-83C3-C80B941C0542}E:jump forcejump forcejump_forcebinarieswin64jump_force-win64-shipping.exe] => (Allow) E:jump forcejump forcejump_forcebinarieswin64jump_force-win64-shipping.exe => No File

FirewallRules: [TCP Query User{65119092-D215-4C52-A477-96859EE6834B}E:jump forcejump forcejump_forcebinarieswin64jump_force-win64-shipping.exe] => (Allow) E:jump forcejump forcejump_forcebinarieswin64jump_force-win64-shipping.exe => No File

FirewallRules: [UDP Query User{225B6674-4EF9-452A-A013-DB1632F8FF70}E:gamesthe sims 4 discover universitygamebints4_x64.exe] => (Allow) E:gamesthe sims 4 discover universitygamebints4_x64.exe => No File

FirewallRules: [TCP Query User{5AEA2B36-DBE7-4F8B-BCAB-FE6119D1A79D}E:gamesthe sims 4 discover universitygamebints4_x64.exe] => (Allow) E:gamesthe sims 4 discover universitygamebints4_x64.exe => No File

FirewallRules: [UDP Query User{26A3908F-600E-4728-B212-033DFFE88CC4}E:the sims 4 island livinggamebints4_x64.exe] => (Allow) E:the sims 4 island livinggamebints4_x64.exe => No File

FirewallRules: [TCP Query User{24BAE737-62B0-4D31-9DFB-F2D08C329463}E:the sims 4 island livinggamebints4_x64.exe] => (Allow) E:the sims 4 island livinggamebints4_x64.exe => No File

FirewallRules: [{54D3C906-730A-4545-BE80-5D37F4EF3442}] => (Allow) D:Steam GamesSteamsteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{DE8E5125-E4FF-4B84-A9C7-57694D8C872B}] => (Allow) D:Steam GamesSteamsteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{406E7D4C-5313-4DC8-9788-8C5326B8574A}C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [TCP Query User{BE965456-0BA7-49A3-AF32-CA675905D022}C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [{8C765058-EBDC-49C7-AFB3-9A9553C97CB0}] => (Allow) D:Steam GamesSteamsteamappscommonMafia IIIlauncher.exe (2K Games) [File not signed]

FirewallRules: [{4F6ECDF4-A6A3-4A45-83C0-D18FE400D7C7}] => (Allow) D:Steam GamesSteamsteamappscommonMafia IIIlauncher.exe (2K Games) [File not signed]

FirewallRules: [UDP Query User{92AB6788-F44B-43E7-A6D7-6A207EE5E7F2}D:steam gamessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:steam gamessteamsteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{78BEB908-31AD-40B8-B653-C42436652223}D:steam gamessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:steam gamessteamsteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{886BA011-EE86-44DF-8738-8D6AC580EB09}] => (Allow) D:Steam GamesSteamsteamappscommonPlanet CoasterPlanetCoaster.exe (Frontier Developments) [File not signed]

FirewallRules: [{F516BCD2-EF46-48D4-A27C-D0C977AE8E21}] => (Allow) D:Steam GamesSteamsteamappscommonPlanet CoasterPlanetCoaster.exe (Frontier Developments) [File not signed]

FirewallRules: [{781E1F98-B0F2-4D7F-8A3D-051798C394C8}] => (Allow) D:Steam GamesSteamsteamappscommonYu-Gi-Oh! Duel Linksdlpc.exe () [File not signed]

FirewallRules: [{2BB30453-D433-4B87-9B94-3B7456347913}] => (Allow) D:Steam GamesSteamsteamappscommonYu-Gi-Oh! Duel Linksdlpc.exe () [File not signed]

FirewallRules: [{AE29D15C-8257-4C4E-9774-2BF93DCBBA28}] => (Allow) D:Steam GamesSteambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{6BAE6C46-018F-42DB-A00E-48672377063D}] => (Allow) D:Steam GamesSteambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{573DFEFD-8D8C-4804-9C5C-D44AAE79007C}] => (Allow) D:Steam GamesSteamSteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{29C7D96E-AA89-4034-A699-7405B485E321}] => (Allow) D:Steam GamesSteamSteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{FF4E265D-9BED-41E5-A98B-616CAC76BB72}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{0A6916B6-01F8-450D-BB7A-B5F7E7E34ABA}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [UDP Query User{9837C1F5-F109-4F33-888C-1E4CFEC2F604}C:program files (x86)electronic artseadmcore.exe] => (Allow) C:program files (x86)electronic artseadmcore.exe (Electronic Arts) [File not signed]

FirewallRules: [TCP Query User{F966D549-DC83-452A-85EA-DCA2C8C9812D}C:program files (x86)electronic artseadmcore.exe] => (Allow) C:program files (x86)electronic artseadmcore.exe (Electronic Arts) [File not signed]

FirewallRules: [{AE8C34BC-ACB4-4A43-A2D0-82C09EDC7509}] => (Allow) C:UsersscottAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{B9428937-3308-43EB-9441-118E34FAB86F}] => (Allow) C:UsersscottAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{DCE649F0-ECD9-4B28-A0A9-2E9D6451C8A6}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe => No File

FirewallRules: [{57DC1CE6-9422-4664-A900-60824715780C}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe => No File

FirewallRules: [{3A7CE6AA-F28D-41D0-819A-4506962FE6E2}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe => No File

FirewallRules: [{9535E231-B162-4767-981B-F90D5B094171}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe => No File

FirewallRules: [{0CE0CD08-704E-41D1-A721-C8E922776127}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamUserAgent.exe => No File

FirewallRules: [{D6F58F83-5AD4-4378-8891-1F4973B6C7B7}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{641BCB6F-2207-45E6-B0F1-9B3D9ABF9572}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{7D6BC653-B637-4D69-95CB-29F6A129AAE8}] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )

FirewallRules: [{7D1E8511-C6C1-43E5-A8C4-A297ECAD4FB1}] => (Allow) C:Program Files (x86)SteamSteam.exe => No File

FirewallRules: [{64C15539-1AFB-493A-9AFD-6B05B945A4E7}] => (Allow) C:Program Files (x86)SteamSteam.exe => No File

FirewallRules: [{D0BB3EC2-1E52-4745-A8CB-8F37783CFA27}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{5FCFC011-1ACC-4063-B31A-D65F2CADC780}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{35D66A13-CE26-4559-A502-BEFAB94B81A6}] => (Allow) C:Program Files (x86)SteamsteamappscommonYu-Gi-Oh! Duel Linksdlpc.exe => No File

FirewallRules: [{FD01972E-0CC5-407F-8BB2-519B023DF505}] => (Allow) C:Program Files (x86)SteamsteamappscommonYu-Gi-Oh! Duel Linksdlpc.exe => No File

FirewallRules: [{953B4BB5-ADAD-45B8-9417-0386DDD6AB06}] => (Allow) D:Steam GamesSteamsteamappscommonNiohnioh_launcher.exe (KOEI TECMO GAMES CO., LTD. -> KOEI TECMO GAMES CO., LTD.)

FirewallRules: [{4859D924-6225-4BDB-A0FA-B9E39FC3BA07}] => (Allow) D:Steam GamesSteamsteamappscommonNiohnioh_launcher.exe (KOEI TECMO GAMES CO., LTD. -> KOEI TECMO GAMES CO., LTD.)

FirewallRules: [{2BB97784-7268-46DD-BD51-690864A2618B}] => (Allow) D:Steam GamesSteamsteamappscommonNiohnioh.exe (KOEI TECMO GAMES CO., LTD. -> KOEI TECMO GAMES CO., LTD.)

FirewallRules: [{D0C6C47C-91B5-48F3-AE47-704B8B1B0EC3}] => (Allow) D:Steam GamesSteamsteamappscommonNiohnioh.exe (KOEI TECMO GAMES CO., LTD. -> KOEI TECMO GAMES CO., LTD.)

FirewallRules: [{3F982B6F-B0DA-4B18-9B5C-EF6315C042A5}] => (Allow) D:Steam GamesSteamsteamappscommonSleepingDogsDefinitiveEditionsdhdship.exe (SQUARE ENIX LIMITED) [File not signed]

FirewallRules: [{66E15689-61A5-46C1-BA9D-29FD324CB7B6}] => (Allow) D:Steam GamesSteamsteamappscommonSleepingDogsDefinitiveEditionsdhdship.exe (SQUARE ENIX LIMITED) [File not signed]

FirewallRules: [{FA3A1A9E-DB6D-4D5F-8FD9-9855C4F295B0}] => (Allow) D:Steam GamesSteamsteamappscommonGrand Theft Auto VGTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{93CCCBFC-269A-40DD-B434-2A00A9B40F61}] => (Allow) D:Steam GamesSteamsteamappscommonGrand Theft Auto VGTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{F02AE2B9-D9BA-40F2-BD17-5431AC894E0D}] => (Allow) D:Steam GamesSteamsteamappscommonPlanet ZooPlanetZoo.exe (Frontier Developments) [File not signed]

FirewallRules: [{D70E4A50-4A25-4201-AF64-C2536B42B121}] => (Allow) D:Steam GamesSteamsteamappscommonPlanet ZooPlanetZoo.exe (Frontier Developments) [File not signed]

FirewallRules: [{86AC83B3-384B-4CD3-8ABB-1F26D629C7F9}] => (Allow) D:Steam GamesSteamsteamappscommonL.A.NoirePlayLAN.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{82220C68-D0B3-4F79-952F-D29F762EAE34}] => (Allow) D:Steam GamesSteamsteamappscommonL.A.NoirePlayLAN.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{926015D9-E9F3-4E44-A911-C2735AE11664}E:samurai shodownsamuraishodownsamuraishodownbinarieswin64samuraishodown-win64-shipping.exe] => (Allow) E:samurai shodownsamuraishodownsamuraishodownbinarieswin64samuraishodown-win64-shipping.exe => No File

FirewallRules: [UDP Query User{D67483AB-D877-4026-BCEC-DF697099F3CA}E:samurai shodownsamuraishodownsamuraishodownbinarieswin64samuraishodown-win64-shipping.exe] => (Allow) E:samurai shodownsamuraishodownsamuraishodownbinarieswin64samuraishodown-win64-shipping.exe => No File

FirewallRules: [{29971094-37B5-4F40-A64B-52D746E081E4}] => (Allow) D:zmodeler3ZModeler3.exe => No File

FirewallRules: [{28B544F8-E35A-4F03-A038-CF6E0D8EED8D}] => (Allow) D:zmodeler3ZModeler3.exe => No File

FirewallRules: [{EFBD647B-1FD7-4E19-A19A-1A411FCC3411}] => (Allow) D:zmodeler3ZModeler3.exe => No File

FirewallRules: [{BFF68BE2-D729-40F6-9A9F-1CF752D53A44}] => (Allow) D:zmodeler3ZModeler3.exe => No File

FirewallRules: [{579E5E5A-5694-4144-B6D4-E867C0324EDF}] => (Allow) D:Steam GamesSteamsteamappscommonStar Wars – The Old Republiclauncher.exe (Electronic Arts, Inc. -> BioWare)

FirewallRules: [{1B3D4663-8D48-48C1-85AE-09059E824526}] => (Allow) D:Steam GamesSteamsteamappscommonStar Wars – The Old Republiclauncher.exe (Electronic Arts, Inc. -> BioWare)

FirewallRules: [TCP Query User{AB585D3A-4EED-4A8D-A58F-08AF49CBD498}C:windowssystem32sihost.exe] => (Block) C:windowssystem32sihost.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [UDP Query User{CFDA8192-A06C-489B-A133-72673C347932}C:windowssystem32sihost.exe] => (Block) C:windowssystem32sihost.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C73E5409-6D65-4BF7-AEB8-0C81987349D9}] => (Allow) D:Steam GamesSteamsteamappscommonSoulcaliburVISoulcaliburVIBinariesWin64SoulcaliburVI.exe () [File not signed]

FirewallRules: [{0EAC40C6-0777-4281-8776-23DBCF7805A4}] => (Allow) D:Steam GamesSteamsteamappscommonSoulcaliburVISoulcaliburVIBinariesWin64SoulcaliburVI.exe () [File not signed]

FirewallRules: [{E2BBE992-93F2-4595-B06E-A3704F657A73}] => (Allow) D:Steam GamesSteamsteamappscommonMafia Definitive Edition2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{EC0E51E5-C765-4D4C-BE1F-558CFB6C6687}] => (Allow) D:Steam GamesSteamsteamappscommonMafia Definitive Edition2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{7D417A1F-DA81-45C3-879B-D4F9EB6D9C3A}] => (Allow) D:Steam GamesSteamsteamappscommonMafia II Definitive Edition2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{6734A3D0-7BFD-4312-91CF-0F2F88428F02}] => (Allow) D:Steam GamesSteamsteamappscommonMafia II Definitive Edition2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{1CC14F77-1E7E-4773-A2DD-8E6982DBB59B}] => (Allow) D:Steam GamesSteamsteamappscommonMafia III2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{C0329008-F391-4EC3-86A9-B3E93735AE5F}] => (Allow) D:Steam GamesSteamsteamappscommonMafia III2KLauncherLauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)

FirewallRules: [{17BB9C1B-5E37-4864-BD3A-BC92F3CF852C}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{986D468F-8400-4C47-80F3-6885F54E10F3}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{043E91F9-2F63-47EE-ADD1-65B5309AAEBB}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{7C3900C1-2E0F-4803-A235-C056EED61DFA}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{424F5783-378D-4B77-84B1-9965513DB332}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

ATTENTION: System Restore is disabled (Total:118 GB) (Free:24.86 GB) (21%)

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 17) (User: )

Description: Security Center failed to validate caller with error %1.

 

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:32 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

Error: (01/05/2022 01:19:32 PM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.

 

 

System errors:

=============

Error: (01/06/2022 08:40:30 PM) (Source: Netwtw06) (EventID: 5005) (User: )

Description: Intel® Dual Band Wireless-AC 8260 : Has encountered an internal error and has failed.

5005 – Driver internal error

 

Error: (01/06/2022 08:40:30 PM) (Source: Netwtw06) (EventID: 5035) (User: )

Description: 5035 – Driver OSC Pending OID watchdog

 

Error: (01/06/2022 11:05:06 AM) (Source: Application Popup) (EventID: 56) (User: )

Description: ACPI5

 

Error: (01/06/2022 09:30:26 AM) (Source: Netwtw06) (EventID: 5005) (User: )

Description: Intel® Dual Band Wireless-AC 8260 : Has encountered an internal error and has failed.

5005 – Driver internal error

 

Error: (01/06/2022 09:30:26 AM) (Source: Netwtw06) (EventID: 5035) (User: )

Description: 5035 – Driver OSC Pending OID watchdog

 

Error: (01/06/2022 09:30:26 AM) (Source: Netwtw06) (EventID: 5002) (User: )

Description: Intel® Dual Band Wireless-AC 8260 : Has determined that the network adapter is not functioning properly.

5002 – uCode SW error (SysAssert, NMI)

 

Error: (01/05/2022 07:02:42 PM) (Source: Netwtw06) (EventID: 5005) (User: )

Description: Intel® Dual Band Wireless-AC 8260 : Has encountered an internal error and has failed.

5005 – Driver internal error

 

Error: (01/05/2022 07:02:42 PM) (Source: Netwtw06) (EventID: 5035) (User: )

Description: 5035 – Driver OSC Pending OID watchdog

 

 

Windows Defender:

================

Date: 2022-01-05 09:19:37

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2022-01-05 04:27:00

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Custom Scan

 

Date: 2022-01-05 04:27:00

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Full Scan

 

Date: 2022-01-04 02:19:34

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-12-31 21:34:02

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Event[0]:

 

Date: 2022-01-05 11:07:33

Description: 

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode 

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

 

Date: 2021-12-25 03:49:41

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.355.800.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18800.4

Error code: 0x8024402f

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

 

==================== Memory info =========================== 

 

BIOS: LENOVO CDCN53WW 09/19/2016

Motherboard: LENOVO Allsparks 7A

Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz

Percentage of memory in use: 18%

Total physical RAM: 32595.78 MB

Available physical RAM: 26708.81 MB

Total Virtual: 37459.78 MB

Available Virtual: 31256.9 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:118 GB) (Free:24.86 GB) NTFS

Drive d: () (Fixed) (Total:931.39 GB) (Free:174.28 GB) NTFS

Drive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:613.73 GB) NTFS

Drive f: (Extreme SSD) (Fixed) (Total:3725.97 GB) (Free:3098.37 GB) exFAT

 

\?Volume{6928a397-e5f4-4365-8811-35087e280745} (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS

\?Volume{04942020-540b-4f93-8db9-06578ad813d0} (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 119.2 GB) (Disk ID: 3ADB3DF5)

 

Partition: GPT.

 

==========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: 61994A64)

 

Partition: GPT.

 

==========================================================

Disk: 2 (Size: 3726 GB) (Disk ID: 16F2A91F)

 

Partition: GPT.

 

==========================================================

Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)

 

Partition: GPT.

 

==================== End of Addition.txt =======================


https://www.bleepingcomputer.com/forums/t/766382/need-help-removing-virusmalware/

Erlando F Rasatro

Next Post

Microsoft Store Not Working in Windows 11? Here's How to Fix

Fri Mar 25 , 2022
The newly revamped Microsoft Store is one of the best features of Windows 11. It now hosts popular Win32 programs like VLC, WinZip, OBS Studio (for screen recording on Windows 11), iCloud, etc., making it a viable way to download and install programs. Having said that, several users are complaining […]