trojan-virus-worm\ please help me check it once, thank you

When I was online or playing games,
I suddenly lost the right to use the keyboard and couldn’t type to switch the hotkeys.
I found that the system became very slow

I’m in trouble, I don’t know if it’s infected.

 

 

==================================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021

Ran by dj (administrator) on MSI (Micro-Star International Co., Ltd. P65 Creator 9SD) (16-12-2021 20:27:51)

Running from C:UsersdjDesktop

Loaded Profiles: dj

Platform: Microsoft Windows 11 專業版 Version 21H2 22000.348 (X64) Language: 中文 (繁體台灣)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicService.exe

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicSvc64.exe

(A-Volute SAS -> Nahimic) C:WindowsSysWOW64NahimicSvc32.exe

(A-Volute) C:Program FilesWindowsAppsA-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etmNahimic3.exe

(Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorylms.inf_amd64_fddb643595e0b8d0LMS.exe

(Malwarebytes Inc -> Malwarebytes) C:UsersdjDownloadsadwcleaner_8.3.1.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowsnotepad_10.2103.6.0_x64__8wekyb3d8bbweNotepadNotepad.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(NortonLifeLock Inc. -> Broadcom) C:Program FilesNorton SecurityEngine22.21.10.40NortonSecurity.exe <2>

(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:Program FilesNorton SecurityEngine22.21.10.40nsWscSvc.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmii.inf_amd64_bb73eaf36634aebeDisplay.NvContainerNVDisplay.Container.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_f162aa0e5e56c27aRtkAudUService64.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_f162aa0e5e56c27aRtkAudUService64.exe [1272160 2021-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [MsiTrueColor] => C:Program FilesPortrait DisplaysMSI True ColorMsiTrueColor.exe [5888640 2019-06-19] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)

HKUS-1-5-19…Run: [] => [X]

HKUS-1-5-20…Run: [] => [X]

HKUS-1-5-21-3208085953-1005275366-908118176-1001…Run: [SteelSeries Engine] => C:Program FilesSteelSeriesSteelSeries EngineSteelSeriesEngine.exe (No File)

HKUS-1-5-21-3208085953-1005275366-908118176-1001…Run: [Discord] => C:UsersdjAppDataLocalDiscordUpdate.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)

HKUS-1-5-21-3208085953-1005275366-908118176-1001…Run: [] => [X]

HKUS-1-5-18…Run: [] => [X]

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication96.0.4664.110Installerchrmstp.exe [2021-12-14] (Google LLC -> Google LLC)

HKLMSoftware…AuthenticationCredential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0B44C843-C65C-433B-86D8-741B42CD8B46} – System32TasksNahimicSvc64Run => C:WINDOWSsystem32NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)

Task: {13386803-2EB8-4491-8C84-1DBF9FE46AE0} – MicrosoftWindowsManagementProvisioningPostResetBoot -> No File <==== ATTENTION

Task: {29341040-88BB-4DF7-A851-30CF15437781} – NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {2BCCB92D-B713-44F4-97EB-02F377FA4B50} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-11-26] (Google LLC -> Google LLC)

Task: {2E7F3FBF-4B12-4C81-8255-52E8FD2DDE43} – System32TasksRemediationAntimalwareMigrationTask => C:Program FilesCommon FilesAVNorton Security OnlineUpgrade.exe [2352488 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {31DF39BF-D75B-4283-B75C-D3AEAD55F07B} – NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {3ABE6BE3-2377-4026-9DFC-7CCCD3701B91} – System32TasksPurple => C:Program Files (x86)NCSOFTPurplePurpleLauncher.exe [191272 2021-12-07] (NCSOFT Corporation -> NCSOFT)

Task: {3F883C81-64E3-4051-B752-A4D41FAA4EFB} – System32TasksNahimicSvc32Run => C:WINDOWSSysWOW64NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)

Task: {4BB11946-2BC1-4975-B9A5-7C18E5BCE9EA} – System32TasksNahimicTask32 => C:WINDOWSsystem32..SysWOW64NahimicSvc32.exe [833704 2021-10-08] (A-Volute SAS -> Nahimic)

Task: {4E9F0339-B74F-46A0-B1C9-1BBE9870269E} – NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {502F4839-7F1D-452E-B0BB-7091B7BFD2D6} – NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {70EB9CD0-7F07-480B-9C6A-4B3F734375DC} – NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {7821CC6B-D8BE-4F0F-B2B9-6C2A45FD6DB3} – NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {86B86209-5260-4AF7-A4CF-2513A11889D1} – Creator_Center_updater -> No File <==== ATTENTION

Task: {8FC35B1B-C3BB-4461-AFE3-260F64C0E65F} – NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {94D88D73-9BC2-48C1-BA29-0BBA3B2D5D07} – MicrosoftWindowsSMBUninstallSMB1ClientTask -> No File <==== ATTENTION

Task: {96A96698-0296-4E83-996A-30460A93F6E1} – System32TasksNorton Security with BackupNorton Security Online Autofix => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Task: {9F5839F8-BB2A-4EA2-8834-AD9E2A4EEAD7} – NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {AC3E0A8C-D48C-4C45-A068-3ED96F7D47B2} – NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {AC5B4832-15F3-4AF9-8483-E1609756BC71} – MSISCMTsk -> No File <==== ATTENTION

Task: {AE0994F2-285F-49C6-9A24-01EC39E86678} – NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {AF38C951-B796-402E-8114-2BEF7D2A7BDD} – System32TasksDriver Booster SkipUAC (dj) => C:Program Files (x86)IObitDriver Booster9.0.1DriverBooster.exe [8295960 2021-10-22] (IObit CO., LTD -> IObit)

Task: {B8BF55B5-8067-457F-B417-B7059B0586A0} – System32TasksDriver Booster Update => C:Program Files (x86)IObitDriver Booster9.0.1AutoUpdate.exe [2462744 2021-09-13] (IObit CO., LTD -> IObit)

Task: {C2D7EF4F-1A0F-4AF6-B016-4CC2DA505183} – System32TasksMEGAMEGAsync Update Task S-1-5-21-3208085953-1005275366-908118176-1001 => C:UsersdjAppDataLocalMEGAsyncMEGAupdater.exe [1820848 2021-07-06] (Mega Limited -> Mega Limited)

Task: {C5747685-E7C7-42DA-9944-FACCAA9573D4} – System32TasksNorton WSC Integration => C:Program FilesNorton SecurityEngine22.21.10.40WSCStub.exe [646520 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {C8755667-EDCD-4814-B75B-D3277BB8CF1A} – System32TasksNorton Security with BackupNorton Security Online Error Analyzer => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Task: {CB0D0012-CE0A-40EF-96A7-7206F17A5CB3} – MSI_Creator Center -> No File <==== ATTENTION

Task: {D69D8667-4121-464B-806D-7AA23F2B8767} – NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION

Task: {E044CD4D-2397-4100-BD0D-4A3303702697} – OneDrive Standalone Update Task-S-1-5-21-1264237550-749065703-2515229331-500 -> No File <==== ATTENTION

Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} – MicrosoftWindowsHelloFaceFODCleanupTask -> No File <==== ATTENTION

Task: {E83A0D99-DE43-4590-8DE7-57E549C09F6F} – System32TasksNahimicTask64 => C:WINDOWSsystem32.NahimicSvc64.exe [1094824 2021-10-08] (A-Volute SAS -> Nahimic)

Task: {EB389587-6DF1-4CA8-9B72-D7739F566B3A} – MicrosoftWindowsMobile Broadband AccountsMNO Metadata Parser -> No File <==== ATTENTION

Task: {F45C76D9-1837-41B4-8A25-655B6D8A36DD} – System32TasksIntel PTT EK Recertification => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_75ffca5eec865b4blibIntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)

Task: {F48E338C-6FE8-4DA6-AB2D-1A2EFCC93942} – System32TasksNorton Security with BackupNorton Security Online Error Processor => C:Program FilesNorton SecurityEngine22.21.10.40SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)

Task: {F5AF6E4F-A26E-493C-A71B-3E620142B809} – MicrosoftWindowsSpeechHeadsetButtonPress -> No File <==== ATTENTION

Task: {F86F03D1-6B29-48C2-84BE-46494CCA91DD} – MicrosoftWindowsSMBUninstallSMB1ServerTask -> No File <==== ATTENTION

Task: {FDF23357-23B8-4346-94BE-E71D47A8E5E8} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-11-26] (Google LLC -> Google LLC)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{579f6248-6ce8-4c72-9f8a-b2a5ccb2bc1c}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{d8dc0065-2c41-4770-89b6-30d7e86b865e}: [DhcpNameServer] 192.168.1.1

 

Edge: 

=======

Edge Profile: C:UsersdjAppDataLocalMicrosoftEdgeUser DataDefault [2021-12-16]

 

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.50918.0npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

 

Chrome: 

=======

CHR DefaultProfile: Profile 1

CHR Profile: C:UsersdjAppDataLocalGoogleChromeUser DataDefault [2021-12-16]

CHR HomePage: Default -> hxxps://ipv6.google.com/

CHR StartupUrls: Default -> “hxxp://tw.yahoo.com/”

CHR Session Restore: Default -> is enabled.

CHR Extension: (Google 翻譯) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsaapbdbdomjkkjkaonfhkkikfgjllcleb [2021-11-26]

CHR Extension: (簡報) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-11-26]

CHR Extension: (Dr.Web Link Checker) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsaleggpabliehgbeagmfhnodcijcmbonb [2021-11-26]

CHR Extension: (文件) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-11-26]

CHR Extension: (Google 雲端硬碟) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-11-26]

CHR Extension: (Chrome 安全保鏢) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsbfpoaihndjklkeidejbgjaadeidhfenm [2021-11-26]

CHR Extension: (YouTube) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-26]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2021-11-26]

CHR Extension: (圖片助手(ImageAssistant) 批量圖片下載器) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsdbjbempljhcmhlfpfacalomonjpalpko [2021-11-26]

CHR Extension: (MyJDownloader Browser Extension) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsfbcohnmimjicjdomonkcbcpbpnhggkip [2021-11-26]

CHR Extension: (試算表) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-11-26]

CHR Extension: (Norton Safe Web) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsfnpbeacklnhmkkilekogeiekaglbmmka [2021-11-26]

CHR Extension: (Qualys BrowserCheck for Windows) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsfoklmnihmhdobgonljkdamiiohnobkff [2021-11-26]

CHR Extension: (Google 文件離線版) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-26]

CHR Extension: (Malwarebytes Browser Guard) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-12-16]

CHR Extension: (Google Play) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionskomhbcfkdcgmcdoenjcjheifdiabikfi [2021-11-26]

CHR Extension: (飛比購物幫手網路購物即時比價工具) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionslmldjiibpfhdjjdjapcdlpjgeaihflpi [2021-12-16]

CHR Extension: (Chrome 線上應用程式商店付款系統) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-11-26]

CHR Extension: (Unblock Youku) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionspdnfnkhpgegpcingjbfihlkjeighnddk [2021-11-26]

CHR Extension: (Gmail) – C:UsersdjAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-11-26]

CHR Profile: C:UsersdjAppDataLocalGoogleChromeUser DataGuest Profile [2021-12-16]

CHR Profile: C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1 [2021-12-16]

CHR DefaultSearchURL: Profile 1 -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}

CHR DefaultSearchKeyword: Profile 1 -> nortonsafe

CHR DefaultSuggestURL: Profile 1 -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=zh_tw&q={searchTerms}

CHR Extension: (簡報) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-12-16]

CHR Extension: (文件) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2021-12-16]

CHR Extension: (Google 雲端硬碟) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-12-16]

CHR Extension: (YouTube) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-16]

CHR Extension: (試算表) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-12-16]

CHR Extension: (Norton Safe Web) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsfnpbeacklnhmkkilekogeiekaglbmmka [2021-12-16]

CHR Extension: (Google 文件離線版) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-16]

CHR Extension: (Malwarebytes Browser Guard) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsihcjicgdanjaechkgeegckofjjedodee [2021-12-16]

CHR Extension: (Grammarly for Chrome) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionskbfnbcaeplbcioakkpcpgfkobkghlhen [2021-12-16]

CHR Extension: (Norton Safe) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsmpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-12-16]

CHR Extension: (Chrome 線上應用程式商店付款系統) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-12-16]

CHR Extension: (Gmail) – C:UsersdjAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-12-16]

CHR Profile: C:UsersdjAppDataLocalGoogleChromeUser DataSystem Profile [2021-12-16]

CHR HKLM…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

CHR HKLM-x32…ChromeExtension: [iikflkcanblccfahdhdonehdalibjnif]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 Micro Star SCM; C:WindowsSysWOW64MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]

S2 MSI Foundation Service; C:Program Files (x86)MSICreator CenterMSIAPP_ServiceMSIAPService.exe [47568 2018-10-30] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)

S2 MSITrueColorService; C:Program FilesPortrait DisplaysMSI True ColorMsiTrueColorService.exe [205440 2019-06-19] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)

R2 NahimicService; C:WINDOWSsystem32NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)

R2 NortonSecurity; C:Program FilesNorton SecurityEngine22.21.10.40NortonSecurity.exe [343336 2021-10-29] (NortonLifeLock Inc. -> Broadcom)

S3 npggsvc; C:WINDOWSSysWOW64GameMon.des [11117232 2021-09-14] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)

R2 nsWscSvc; C:Program FilesNorton SecurityEngine22.21.10.40nsWscSvc.exe [1059176 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S2 Sendevsvc; C:Program Files (x86)MSICreator CenterSendevsvcSendevsvc.exe [302888 2019-01-31] (Micro-Star International CO., LTD. -> ) [File not signed]

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [6078544 2021-11-25] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_bb73eaf36634aebeDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_bb73eaf36634aebeDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 ampa; C:WINDOWSsystem32ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R1 BHDrvx64; C:Program FilesNorton SecurityNortonData22.20.2.57DefinitionsBASHDefs20211215.011BHDrvx64.sys [2018784 2021-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 ccSet_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028ccSetx64.sys [192256 2021-10-29] (Symantec Corporation -> Symantec Corporation)

R1 eeCtrl; C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys [509904 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 EraserUtilRebootDrv; C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [145376 2021-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 Hsp; C:WINDOWSSystem32driversHsp.sys [110904 2021-11-25] (Microsoft Windows -> Microsoft Corporation)

R1 IDSVia64; C:Program FilesNorton SecurityNortonData22.20.2.57DefinitionsIPSDefs20211215.061IDSvia64.sys [1480144 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 Nahimic_Mirroring; C:WINDOWSSystem32driversNahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows ® Win 7 DDK provider)

S3 nsvst_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028nsvst.sys [56080 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [48552 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)

R3 SRTSP; C:WINDOWSSystem32driversNGCx6416150A0.028SRTSP64.SYS [892600 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SRTSPX; C:WINDOWSSystem32driversNGCx6416150A0.028SRTSPX64.SYS [48824 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R0 SymEFASI; C:WINDOWSSystem32driversNGCx6416150A0.028SYMEFASI64.SYS [2030792 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S0 SymELAM; C:WINDOWSSystem32driversNGCx6416150A0.028SymELAM.sys [31984 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)

R3 SymEvent; C:WINDOWSsystem32DriversSYMEVENT64x86.SYS [93120 2021-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 SymEvnt; C:Program FilesNorton SecurityNortonData22.20.2.57SymPlatformSymEvnt.sys [712432 2021-07-14] (Symantec Corporation -> Symantec Corporation)

R1 SymIRON; C:WINDOWSSystem32driversNGCx6416150A0.028Ironx64.SYS [319152 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SymNetS; C:WINDOWSSystem32driversNGCx6416150A0.028symnets.sys [575344 2021-10-29] (Symantec Corporation -> Symantec Corporation)

S3 USBAAPL64; C:WINDOWSSystem32Driversusbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48520 2021-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [435424 2021-11-26] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-11-26] (Microsoft Windows -> Microsoft Corporation)

R3 WINIO; C:Program Files (x86)MSICreator Centerwinio64.sys [15160 2015-06-12] (Micro-Star Int’l Co. Ltd. -> )

S3 wpCtrlDrv_NGC; C:WINDOWSSystem32driversNGCx6416150A0.028wpCtrlDrv.sys [1015760 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 VBoxNetFlt; SystemRootsystem32DRIVERSVBoxNetFlt.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-12-16 20:27 – 2021-12-16 20:28 – 000024028 _____ C:UsersdjDesktopFRST.txt

2021-12-16 20:25 – 2021-12-16 20:25 – 008540344 _____ (Malwarebytes) C:UsersdjDownloadsadwcleaner_8.3.1.exe

2021-12-16 20:22 – 2021-12-16 20:22 – 000132597 _____ C:UsersdjDesktopflash-disinfector-.exe

2021-12-16 20:17 – 2021-12-16 20:17 – 000002327 _____ C:UsersdjDesktopJc – Chrome.lnk

2021-12-16 16:55 – 2021-12-16 16:55 – 000000000 ____D C:WINDOWSsystem32TasksRemediation

2021-12-16 08:15 – 2021-12-16 08:15 – 004146112 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32avgremoverx.exe

2021-12-16 08:14 – 2021-12-16 08:14 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job

2021-12-16 08:13 – 2021-12-16 08:13 – 014162768 _____ (AVG Technologies CZ, s.r.o.) C:UsersdjDesktopavgclear.exe

2021-12-16 08:05 – 2021-12-16 08:05 – 000007607 _____ C:UsersdjAppDataLocalResmon.ResmonCfg

2021-12-15 19:35 – 2021-12-15 19:37 – 000001024 ____H C:WINDOWSAMTAG.BIN

2021-12-15 19:35 – 2013-11-29 10:31 – 000017008 _____ C:WINDOWSSysWOW64ampa.sys

2021-12-15 19:35 – 2013-11-29 10:31 – 000017008 _____ C:WINDOWSsystem32ampa.sys

2021-12-15 19:34 – 2021-01-18 15:59 – 000000000 ____D C:UsersdjDesktopUSBOX_2021_V6_210111

2021-12-15 19:02 – 2021-12-15 19:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip

2021-12-15 19:02 – 2021-12-15 19:02 – 000000000 ____D C:Program Files7-Zip

2021-12-15 18:55 – 2021-12-15 18:55 – 1841390924 _____ C:UsersdjDesktop10111.7z

2021-12-15 16:14 – 2021-12-15 16:14 – 000000000 ___HD C:$Windows.~WS

2021-12-15 16:10 – 2021-12-15 16:12 – 000000000 ____D C:Win

2021-12-15 16:05 – 2021-12-15 16:06 – 000005385 _____ C:WINDOWSdiagwrn.xml

2021-12-15 16:05 – 2021-12-15 16:06 – 000001908 _____ C:WINDOWSdiagerr.xml

2021-12-15 15:58 – 2021-12-15 15:58 – 000000000 ____D C:Program Files (x86)LAV Filters

2021-12-15 15:55 – 2021-12-15 15:55 – 000000000 ____D C:UsersdjAppDataLocalElevatedDiagnostics

2021-12-15 14:53 – 2021-12-15 17:23 – 000000000 ____D C:ESD

2021-12-15 14:48 – 2021-12-15 14:48 – 000000000 ____D C:$WINDOWS.~BT

2021-12-15 13:20 – 2021-12-15 13:20 – 000000000 ___HD C:$WinREAgent

2021-12-14 05:32 – 2021-12-16 08:23 – 000000000 ____D C:WINDOWSsystem32TasksNorton Security with Backup

2021-12-14 05:31 – 2021-12-14 05:31 – 000003378 _____ C:WINDOWSsystem32TasksNorton WSC Integration

2021-12-14 05:31 – 2021-12-14 05:31 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsNorton Security

2021-12-14 05:25 – 2021-12-14 05:25 – 000000000 ____D C:Program FilesMicrosoft Silverlight

2021-12-14 05:25 – 2021-12-14 05:25 – 000000000 ____D C:Program Files (x86)Microsoft Silverlight

2021-12-14 05:24 – 2021-12-14 05:24 – 005728384 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 001874648 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-12-14 05:24 – 2021-12-14 05:24 – 001874648 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-12-14 05:24 – 2021-12-14 05:24 – 001466808 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 001450200 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-12-14 05:24 – 2021-12-14 05:24 – 001450200 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-12-14 05:24 – 2021-12-14 05:24 – 001206400 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 001111272 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 001111272 _____ C:WINDOWSsystem32vulkan-1.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 000966416 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 000966416 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-12-14 05:24 – 2021-12-14 05:24 – 000658360 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 008815696 _____ (Intel Corporation) C:WINDOWSsystem32DriversNetwtw08.sys

2021-12-14 05:23 – 2021-12-14 05:23 – 008725928 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 007845816 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 006434528 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 004938880 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 002850432 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 002685460 _____ C:WINDOWSsystem32DriversNetwfw08.dat

2021-12-14 05:23 – 2021-12-14 05:23 – 002116536 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 001599416 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 001529400 _____ (Intel Corporation) C:WINDOWSsystem32IntelIHVRouter08.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 001523328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 001172608 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000981120 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-12-14 05:23 – 2021-12-14 05:23 – 000802232 _____ C:WINDOWSsystem32nvofapi64.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000795104 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000707712 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-12-14 05:23 – 2021-12-14 05:23 – 000678328 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000636856 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-12-14 05:23 – 2021-12-14 05:23 – 000452208 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-12-14 05:23 – 2021-12-14 05:23 – 000085718 _____ C:WINDOWSsystem32nvinfo.pb

2021-12-14 05:22 – 2021-12-14 05:22 – 000053200 _____ (ELAN Microelectronic Corp.) C:WINDOWSsystem32DriversETDSMBus.sys

2021-12-13 23:45 – 2021-12-14 05:24 – 000000000 ____D C:WINDOWSLastGood

2021-12-13 01:50 – 2021-12-13 01:50 – 000003588 _____ C:WINDOWSsystem32TasksOneDrive Reporting Task-S-1-5-21-3208085953-1005275366-908118176-1001

2021-12-07 19:36 – 2021-12-15 19:56 – 000000000 ____D C:UsersdjDownloadsFRST-OlderVersion

2021-12-07 14:01 – 2021-12-16 08:22 – 000000000 ____D C:UsersdjDesktop2

2021-12-07 13:58 – 2021-12-07 13:58 – 000001123 _____ C:UsersdjDesktopMEGAsync.lnk

2021-12-07 13:58 – 2021-12-07 13:58 – 000000000 ____D C:WINDOWSsystem32TasksMEGA

2021-12-07 13:58 – 2021-12-07 13:58 – 000000000 ____D C:UsersdjAppDataLocalMEGAsync

2021-12-07 13:58 – 2021-12-07 13:58 – 000000000 ____D C:UsersdjAppDataLocalMega Limited

2021-12-07 12:29 – 2021-12-07 12:29 – 000000000 ____D C:UsersdjAppDataLocalMSI_Remind_Manager

2021-12-07 12:28 – 2021-12-07 12:28 – 000003142 _____ C:WINDOWSsystem32TasksDriver Booster Update

2021-12-07 12:28 – 2021-12-07 12:28 – 000002910 _____ C:WINDOWSsystem32TasksDriver Booster SkipUAC (dj)

2021-12-07 12:28 – 2021-12-07 12:28 – 000002324 _____ C:UsersPublicDesktopDriver Booster 9.lnk

2021-12-07 12:27 – 2021-12-16 20:27 – 000000000 ____D C:UsersdjAppDataRoamingIObit

2021-12-07 12:27 – 2021-12-15 16:10 – 000000000 ____D C:ProgramDataProductData

2021-12-07 12:27 – 2021-12-07 12:27 – 000000000 ____D C:UsersdjAppDataRoaminginstinfo

2021-12-07 12:27 – 2021-12-07 12:27 – 000000000 ____D C:ProgramDataIObit

2021-12-07 12:27 – 2021-12-07 12:27 – 000000000 ____D C:ProgramData{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}

2021-12-07 12:27 – 2021-12-07 12:27 – 000000000 ____D C:Program Files (x86)IObit

2021-12-07 12:12 – 2021-12-07 12:23 – 000000000 ____D C:UsersdjAppDataLocalNPE

2021-12-07 11:31 – 2021-12-07 11:31 – 000000000 ____H C:UsersdjDesktopNiceHashQuickMinerInstaller.exe

2021-12-06 00:03 – 2021-12-07 11:06 – 000000000 ____D C:UsersdjAppDataRoamingPotPlayerMini64

2021-12-06 00:03 – 2021-12-06 00:03 – 000001025 _____ C:UsersPublicDesktopPotPlayer 64 bit.lnk

2021-12-06 00:03 – 2021-12-06 00:03 – 000000000 ____D C:UsersdjAppDataRoamingDaum

2021-12-06 00:03 – 2021-12-06 00:03 – 000000000 ____D C:Program FilesDAUM

2021-11-29 12:32 – 2021-11-29 12:32 – 000000000 ____D C:UsersdjAppDataRoamingNVIDIA

2021-11-27 17:08 – 2021-11-27 17:08 – 000003840 _____ C:WINDOWSsystem32TasksIntel PTT EK Recertification

2021-11-26 23:39 – 2021-12-14 05:33 – 000000000 ____D C:UsersdjAppDataRoamingdiscord

2021-11-26 23:39 – 2021-12-14 05:32 – 000000000 ____D C:UsersdjAppDataLocalDiscord

2021-11-26 23:39 – 2021-11-26 23:39 – 000002219 _____ C:UsersdjDesktopDiscord.lnk

2021-11-26 23:39 – 2021-11-26 23:39 – 000000000 ____D C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-11-26 23:39 – 2021-11-26 23:39 – 000000000 ____D C:UsersdjAppDataLocalSquirrelTemp

2021-11-26 13:32 – 2021-11-26 13:32 – 000000000 ____D C:UsersdjAppDataLocalLineCall

2021-11-26 07:18 – 2021-12-16 20:14 – 000000000 ____D C:UsersdjAppDataLocalCrashDumps

2021-11-26 05:21 – 2021-12-14 05:31 – 000000000 ____D C:WINDOWSsystem32DriversNGCx64

2021-11-26 05:21 – 2021-12-07 15:08 – 000093120 _____ (Broadcom) C:WINDOWSsystem32DriversSYMEVENT64x86.SYS

2021-11-26 05:21 – 2021-12-07 15:08 – 000010235 _____ C:WINDOWSsystem32DriversSYMEVENT64x86.CAT

2021-11-26 05:21 – 2021-11-26 05:21 – 000000000 ____D C:Program FilesNorton Security

2021-11-26 05:21 – 2021-11-26 05:21 – 000000000 ____D C:Program FilesCommon FilesSymantec Shared

2021-11-26 05:13 – 2021-12-14 05:31 – 000002436 _____ C:UsersPublicDesktopNorton Security.lnk

2021-11-26 05:13 – 2021-11-26 05:13 – 000000000 ____D C:ProgramDataPCSettings

2021-11-26 04:49 – 2021-11-26 09:37 – 000000000 ____D C:UsersdjAppDataLocalNoxSrv

2021-11-26 04:45 – 2021-12-13 23:45 – 000002380 _____ C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsNahimic Companion.lnk

2021-11-26 04:45 – 2021-11-26 04:45 – 000000000 ____D C:UsersdjAppDataLocalNhNotifSys

2021-11-26 04:45 – 2021-11-26 04:45 – 000000000 ____D C:UsersdjAppDataLocalMicro-Star_International_

2021-11-26 04:44 – 2021-12-07 12:52 – 000000000 ____D C:UsersdjAppDataLocalNVIDIA Corporation

2021-11-26 04:44 – 2021-11-26 04:45 – 000000000 ____D C:UsersdjAppDataLocalIntel

2021-11-26 04:43 – 2021-09-14 00:22 – 011117232 _____ (INCA Internet Co., Ltd.) C:WINDOWSSysWOW64GameMon.des

2021-11-26 04:30 – 2021-11-26 04:30 – 000233968 _____ (Nox Limited Corporation) C:WINDOWSsystem32DriversVBoxNetLwf.sys

2021-11-26 04:29 – 2021-11-26 09:51 – 000000000 ____D C:UsersdjAppDataLocalNox

2021-11-26 04:29 – 2021-11-26 09:51 – 000000000 ____D C:Program Files (x86)Nox

2021-11-26 01:37 – 2021-11-26 01:37 – 000000000 ____D C:UsersdjAppDataLocalUnrealEngine

2021-11-26 01:37 – 2021-11-26 01:37 – 000000000 ____D C:UsersdjAppDataLocalLineageR

2021-11-26 01:37 – 2021-11-26 01:37 – 000000000 ____D C:Program FilesCommon FilesINCA Shared

2021-11-26 00:26 – 2021-12-14 06:02 – 000000000 ____D C:Program FilesCommon FilesAV

2021-11-26 00:26 – 2020-01-21 23:33 – 025070632 _____ (Intel Corporation) C:WINDOWSsystem32mfxplugin64_hw.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 021440824 _____ (Intel Corporation) C:WINDOWSsystem32libmfxhw64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 020340992 _____ (Intel Corporation) C:WINDOWSSysWOW64libmfxhw32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 011914280 _____ (Intel Corporation) C:WINDOWSSysWOW64mfxplugin32_hw.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 003218264 _____ (Intel Corporation) C:WINDOWSsystem32mfx_mft_h265ve_64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 003212440 _____ (Intel Corporation) C:WINDOWSsystem32mfx_mft_vp9ve_64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 003198840 _____ (Intel Corporation) C:WINDOWSsystem32mfx_mft_h264ve_64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 003013672 _____ (Intel Corporation) C:WINDOWSsystem32mfx_mft_mjpgvd_64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002996088 _____ (Intel Corporation) C:WINDOWSsystem32mfx_mft_encrypt_64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002606128 _____ (Intel Corporation) C:WINDOWSSysWOW64mfx_mft_h265ve_32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002601008 _____ (Intel Corporation) C:WINDOWSSysWOW64mfx_mft_vp9ve_32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002591920 _____ (Intel Corporation) C:WINDOWSSysWOW64mfx_mft_h264ve_32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002439232 _____ (Intel Corporation) C:WINDOWSSysWOW64mfx_mft_mjpgvd_32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 002435376 _____ (Intel Corporation) C:WINDOWSSysWOW64mfx_mft_encrypt_32.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 000212496 _____ (Intel Corporation) C:WINDOWSsystem32intel_gfx_api-x64.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 000184176 _____ (Intel Corporation) C:WINDOWSSysWOW64intel_gfx_api-x86.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 000169000 _____ C:WINDOWSSysWOW64libGLESv2.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 000141864 _____ C:WINDOWSSysWOW64libGLESv1_CM.dll

2021-11-26 00:26 – 2020-01-21 23:33 – 000136744 _____ C:WINDOWSSysWOW64libEGL.dll

2021-11-26 00:26 – 2020-01-21 19:16 – 000072329 _____ C:WINDOWSSysWOW64h265e_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000071888 _____ C:WINDOWSSysWOW64vp9e_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000070661 _____ C:WINDOWSSysWOW64he_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000066157 _____ C:WINDOWSSysWOW64mj_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000057143 _____ C:WINDOWSSysWOW64dev_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000056359 _____ C:WINDOWSsystem32dev_64.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000014145 _____ C:WINDOWSsystem32h265e_64.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000013996 _____ C:WINDOWSsystem32vp9e_64.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000013581 _____ C:WINDOWSsystem32he_64.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000013309 _____ C:WINDOWSsystem32mj_64.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000001125 _____ C:WINDOWSSysWOW64cpa_32.vp

2021-11-26 00:26 – 2020-01-21 19:16 – 000001125 _____ C:WINDOWSsystem32cpa_64.vp

2021-11-26 00:22 – 2021-11-26 00:22 – 000000000 ____D C:UsersdjAppDataLocalOneDrive

2021-11-26 00:18 – 2021-11-26 00:18 – 000000000 ____D C:UsersdjAppDataRoamingPurpleBox

2021-11-26 00:17 – 2021-11-26 00:17 – 000000000 ____D C:WINDOWSLastGood.Tmp

2021-11-26 00:17 – 2021-11-26 00:17 – 000000000 ____D C:WINDOWSFirmware

2021-11-26 00:13 – 2021-11-26 00:13 – 000002158 _____ C:UsersdjDesktop天堂W.lnk

2021-11-26 00:11 – 2021-12-14 08:16 – 000002230 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-11-26 00:11 – 2021-12-14 08:16 – 000002189 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-11-26 00:10 – 2021-11-26 00:10 – 000000000 ____D C:Program FilesGoogle

2021-11-26 00:09 – 2021-12-16 20:14 – 000000000 ____D C:Program Files (x86)Google

2021-11-26 00:09 – 2021-11-26 00:58 – 000000000 ____D C:UsersdjAppDataLocalGoogle

2021-11-26 00:09 – 2021-11-26 00:09 – 001341272 _____ (Google LLC) C:UsersdjDownloadsChromeSetup.exe

2021-11-26 00:09 – 2021-11-26 00:09 – 000003064 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-11-26 00:09 – 2021-11-26 00:09 – 000002940 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-11-26 00:08 – 2021-11-26 00:10 – 000000000 ___HD C:WINDOWSmsdownld.tmp

2021-11-26 00:08 – 2021-11-26 00:10 – 000000000 ____D C:WINDOWSSysWOW64directx

2021-11-26 00:06 – 2021-12-16 08:18 – 000003198 _____ C:WINDOWSsystem32TasksPurple

2021-11-26 00:06 – 2021-12-07 12:44 – 000000000 ____D C:UsersdjAppDataLocalNVIDIA

2021-11-26 00:06 – 2021-11-26 00:06 – 000000016 _____ C:ProgramDatamntemp

2021-11-26 00:06 – 2021-11-26 00:06 – 000000000 ____D C:UsersdjAppDataLocalNCSOFT

2021-11-26 00:04 – 2021-12-16 08:17 – 000000000 ____D C:UsersdjAppDataLocalPurpleDome

2021-11-26 00:04 – 2021-11-26 01:37 – 000000000 ____D C:UsersdjAppDataLocalPurple

2021-11-26 00:04 – 2021-11-26 00:04 – 000000000 ____D C:UsersdjAppDataRoamingPurple

2021-11-26 00:04 – 2021-11-26 00:04 – 000000000 ____D C:UsersdjAppDataLocalToastNotificationManagerCompat

2021-11-26 00:04 – 2021-11-26 00:04 – 000000000 ____D C:UsersdjAppDataLocalPeerDistRepub

2021-11-26 00:04 – 2021-11-26 00:04 – 000000000 ____D C:UsersdjAppDataLocalCEF

2021-11-26 00:00 – 2021-11-26 00:12 – 000000000 ____D C:Program Files (x86)NCSOFT

2021-11-26 00:00 – 2021-11-26 00:00 – 000002100 _____ C:UsersdjDesktopPURPLE.lnk

2021-11-25 23:51 – 2021-11-25 23:51 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-25 23:49 – 2021-11-25 23:49 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-11-25 23:46 – 2021-12-16 00:06 – 000000000 ____D C:UsersdjAppDataLocalD3DSCache

2021-11-25 23:45 – 2021-11-25 23:45 – 000000000 ____D C:UsersdjAppDataLocalPortrait Displays

2021-11-25 23:44 – 2021-12-13 01:50 – 000003348 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3208085953-1005275366-908118176-1001

2021-11-25 23:44 – 2021-12-13 01:50 – 000002291 _____ C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-25 23:44 – 2021-11-25 23:44 – 000000000 ____D C:UsersdjAppDataRoamingPortrait Displays

2021-11-25 23:44 – 2021-11-25 23:44 – 000000000 ____D C:UsersdjAppDataLocalVirtualStore

2021-11-25 23:44 – 2021-11-25 23:44 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-11-25 23:42 – 2021-12-16 20:27 – 000003112 _____ C:WINDOWSsystem32TasksNahimicTask32

2021-11-25 23:42 – 2021-12-16 20:27 – 000003092 _____ C:WINDOWSsystem32TasksNahimicTask64

2021-11-25 23:42 – 2021-12-16 08:24 – 001408416 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-11-25 23:42 – 2021-11-28 01:52 – 000000000 ____D C:UsersdjAppDataLocalPublishers

2021-11-25 23:42 – 2021-11-28 01:46 – 000000000 ____D C:UsersdjAppDataLocalPackages

2021-11-25 23:42 – 2021-11-26 04:44 – 000000000 ____D C:UsersdjAppDataLocalConnectedDevicesPlatform

2021-11-25 23:42 – 2021-11-25 23:42 – 000003152 _____ C:WINDOWSsystem32TasksNahimicSvc64Run

2021-11-25 23:42 – 2021-11-25 23:42 – 000003152 _____ C:WINDOWSsystem32TasksNahimicSvc32Run

2021-11-25 23:42 – 2021-11-25 23:42 – 000000020 ___SH C:Usersdjntuser.ini

2021-11-25 23:42 – 2021-11-25 23:42 – 000000000 ____D C:UsersdjAppDataRoamingAdobe

2021-11-25 23:42 – 2021-11-25 23:42 – 000000000 ____D C:UsersdjAppDataLocalComms

2021-11-25 23:38 – 2021-11-25 23:38 – 000000000 _SHDL C:UsersDefault User

2021-11-25 23:38 – 2021-11-25 23:38 – 000000000 _SHDL C:UsersAll Users

2021-11-25 23:38 – 2021-11-25 23:38 – 000000000 _SHDL C:ProgramData桌面

2021-11-25 23:38 – 2021-11-25 23:38 – 000000000 _SHDL C:ProgramData「開始」功能表

2021-11-25 23:36 – 2021-11-26 09:51 – 000000000 ____D C:Usersdj

2021-11-25 23:36 – 2021-11-25 23:36 – 000000000 _SHDL C:UsersdjAppDataRoamingMicrosoftWindowsStart Menu程式集

2021-11-25 23:36 – 2021-11-25 23:36 – 000000000 _SHDL C:Usersdj「開始」功能表

2021-11-25 23:36 – 2021-06-05 20:04 – 000001281 _____ C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools.lnk

2021-11-25 23:36 – 2021-06-05 20:04 – 000000407 _____ C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsFile Explorer.lnk

2021-11-25 23:32 – 2021-11-25 23:32 – 000000000 ____D C:WINDOWSsystem32configbbimigrate

2021-11-25 23:30 – 2021-12-16 20:27 – 000000000 ____D C:ProgramDataNVIDIA

2021-11-25 23:30 – 2021-12-16 08:17 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-11-25 23:30 – 2021-12-16 00:00 – 000000000 ____D C:ProgramDataA-Volute

2021-11-25 23:30 – 2021-12-14 05:32 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-11-25 23:30 – 2021-12-12 23:42 – 000002425 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-11-25 23:30 – 2021-12-12 23:42 – 000002263 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-11-25 23:30 – 2021-12-09 05:36 – 000003136 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-11-25 23:30 – 2021-12-09 05:36 – 000003012 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-11-25 23:30 – 2021-12-07 12:52 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-11-25 23:30 – 2021-11-27 18:11 – 000018960 _____ (Logitech, Inc.) C:WINDOWSsystem32DriversLNonPnP.sys

2021-11-25 23:30 – 2021-11-26 05:04 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-11-25 23:30 – 2021-11-26 04:44 – 000309528 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____H C:ProgramDataDP45977C.lfl

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSSysWOW64RTCOM

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32TasksIntel

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32DAX3

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32DAX2

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32A-Volute

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:ProgramDataValidity

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 ____D C:Program FilesRealtek

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 _____ C:WINDOWSsystem32GfxValDisplayLog.bin

2021-11-25 23:30 – 2021-11-25 23:30 – 000000000 _____ C:WINDOWSsystem32fpfftResultsFile.txt

2021-11-25 23:29 – 2021-12-15 17:23 – 000000000 ____D C:WINDOWSPanther

2021-11-25 23:29 – 2021-11-25 23:42 – 000000000 ____D C:Windows.old

2021-11-25 23:28 – 2021-11-25 23:28 – 000000000 ____D C:WINDOWSServiceProfiles

2021-11-25 23:25 – 2021-11-25 23:29 – 000000000 ____D C:WINDOWSSetup

2021-11-25 23:25 – 2021-11-25 23:25 – 000008192 _____ C:WINDOWSsystem32configuserdiff

2021-11-25 23:24 – 2021-12-16 08:24 – 000421706 _____ C:WINDOWSsystem32prfh0404.dat

2021-11-25 23:24 – 2021-12-16 08:24 – 000139282 _____ C:WINDOWSsystem32prfc0404.dat

2021-11-25 23:24 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64MailContactsCalendarSync

2021-11-25 23:24 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32OpenSSH

2021-11-25 23:24 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32MailContactsCalendarSync

2021-11-25 23:24 – 2021-11-25 23:24 – 000119764 _____ C:WINDOWSsystem32prfi0404.dat

2021-11-25 23:24 – 2021-11-25 23:24 – 000033402 _____ C:WINDOWSsystem32prfd0404.dat

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSSysWOW64zh-HANT

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSSysWOW64XPSViewer

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSSysWOW64FxsTmp

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32zh-HANT

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32FxsTmp

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSaddins

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:ProgramDatassh

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:Program FilesReference Assemblies

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:Program FilesMSBuild

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-11-25 23:24 – 2021-11-25 23:24 – 000000000 ____D C:Program Files (x86)MSBuild

2021-11-25 23:23 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64winrm

2021-11-25 23:23 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64WCN

2021-11-25 23:23 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64slmgr

2021-11-25 23:23 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64Printing_Admin_Scripts

2021-11-25 23:23 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSsystem32winrm

2021-11-25 23:23 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32WCN

2021-11-25 23:23 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32slmgr

2021-11-25 23:23 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32Printing_Admin_Scripts

2021-11-25 23:23 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSSysWOW64sysprep

2021-11-25 23:23 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSSysWOW64409

2021-11-25 23:23 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSsystem32409

2021-11-25 23:23 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSDigitalLocker

2021-11-25 23:22 – 2021-12-16 20:27 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-11-25 23:22 – 2021-12-16 08:24 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-25 23:22 – 2021-12-15 20:12 – 000000000 ____D C:WINDOWSSystemTemp

2021-11-25 23:22 – 2021-12-15 20:03 – 000000000 ___HD C:Program FilesWindowsApps

2021-11-25 23:22 – 2021-12-15 15:58 – 000000000 ___RD C:Program Files (x86)

2021-11-25 23:22 – 2021-12-06 22:54 – 000000000 ____D C:WINDOWSsystem32configsystemprofile

2021-11-25 23:22 – 2021-11-27 17:08 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-11-25 23:22 – 2021-11-27 07:01 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-11-25 23:22 – 2021-11-26 09:32 – 000000000 ____D C:WINDOWSRegistration

2021-11-25 23:22 – 2021-11-26 05:04 – 000000000 ____D C:Program FilesWindows Defender

2021-11-25 23:22 – 2021-11-26 04:49 – 000000000 ____D C:WINDOWSappcompat

2021-11-25 23:22 – 2021-11-25 23:59 – 000000000 ___RD C:WINDOWSPrintDialog

2021-11-25 23:22 – 2021-11-25 23:42 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-11-25 23:22 – 2021-11-25 23:42 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-25 23:22 – 2021-11-25 23:38 – 000000000 ____D C:ProgramDataUSOPrivate

2021-11-25 23:22 – 2021-11-25 23:35 – 000000000 ___SD C:WINDOWSSysWOW64F12

2021-11-25 23:22 – 2021-11-25 23:35 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs

2021-11-25 23:22 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-11-25 23:22 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-11-25 23:22 – 2021-11-25 23:35 – 000000000 ____D C:WINDOWSServiceState

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ___SD C:WINDOWSsystem32F12

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ___SD C:WINDOWSsystem32dsc

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32spool

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32DriversDriverData

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSsystem32Dism

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSOCR

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSIME

2021-11-25 23:22 – 2021-11-25 23:34 – 000000000 ____D C:WINDOWSHelp

2021-11-25 23:22 – 2021-11-25 23:32 – 000000000 ____D C:Program FilesWindows Photo Viewer

2021-11-25 23:22 – 2021-11-25 23:32 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-11-25 23:22 – 2021-11-25 23:32 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer

2021-11-25 23:22 – 2021-11-25 23:30 – 000000000 ____D C:WINDOWSsystem32configTxR

2021-11-25 23:22 – 2021-11-25 23:29 – 000028672 _____ C:WINDOWSsystem32configBCD-Template

2021-11-25 23:22 – 2021-11-25 23:29 – 000000000 __RHD C:UsersPublicLibraries

2021-11-25 23:22 – 2021-11-25 23:29 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-11-25 23:22 – 2021-11-25 23:29 – 000000000 ____D C:WINDOWSCSC

2021-11-25 23:22 – 2021-11-25 23:29 – 000000000 ____D C:WINDOWSContainers

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64vi-VN

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64id-ID

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64gl-ES

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64eu-ES

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSysWOW64ca-ES

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSSystemResources

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32vi-VN

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32setup

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32id-ID

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32gl-ES

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32eu-ES

2021-11-25 23:22 – 2021-11-25 23:25 – 000000000 ____D C:WINDOWSsystem32ca-ES

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSSysWOW64MUI

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSSysWOW64Com

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32Sysprep

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32MUI

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSsystem32Com

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:WINDOWSGlobalization

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-11-25 23:22 – 2021-11-25 23:24 – 000000000 ____D C:Program Files (x86)Windows Defender

2021-11-25 23:22 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-11-25 23:22 – 2021-11-25 23:23 – 000000000 ____D C:WINDOWSBrowserCore

2021-11-25 23:22 – 2021-11-25 23:23 – 000000000 ____D C:Program FilesWindows NT

2021-11-25 23:22 – 2021-11-25 23:23 – 000000000 ____D C:Program Files (x86)Windows NT

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 __SHD C:WINDOWSBitLockerDiscoveryVolumeContents

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 __SHD C:Program FilesWindows Sidebar

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 __SHD C:Program Files (x86)Windows Sidebar

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSSysWOW64Nui

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSSysWOW64lxss

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSSysWOW64Configuration

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSsystem32UNP

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSsystem32Nui

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSsystem32lxss

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSsystem32Configuration

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSsystem32AppV

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___SD C:WINDOWSDownloaded Program Files

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___RD C:WINDOWSOffline Web Pages

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ___HD C:WINDOWSLanguageOverlayCache

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSWUModels

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSWeb

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSWaaS

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSVss

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSUUS

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWStracing

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSTAPI

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64SMI

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64ras

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64NDF

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64Msdtc

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64migwiz

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64Keywords

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64Ipmi

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64InputMethod

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64inetsrv

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64IME

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64icsxml

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicyUsers

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicy

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64downlevel

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64Bthprops

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64AppLocker

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSystemApps

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32winevt

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32ShellExperiences

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Sgrm

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32SecurityHealth

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32SecureBootUpdates

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32ras

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32ProximityToast

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32PointOfService

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Pbr

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32NDF

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32MsDtc

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Keywords

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Ipmi

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32InputMethod

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32inetsrv

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32IME

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32icsxml

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32ias

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Hydrogen

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32DriverState

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32downlevel

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32DDFs

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32configRegBack

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32configJournal

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32Bthprops

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32AppLocker

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSystem

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSKB

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSShellExperiences

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSShellComponents

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsecurity

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSschemas

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSSchCache

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSResources

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSrescache

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSRemotePackages

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSProvisioning

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSPLA

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSPerformance

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSModemLogs

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSMedia

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSL2Schemas

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSInputMethod

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSInboxApps

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSIdentityCRL

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSGameBarPresenceWriter

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSDiagTrack

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSCursors

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSBranding

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:ProgramDataWindowsHolographicDevices

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:ProgramDataUSOShared

2021-11-25 23:22 – 2021-11-25 23:22 – 000000000 ____D C:Program FilesModifiableWindowsApps

2021-11-25 23:22 – 2021-11-25 23:21 – 000215943 _____ C:WINDOWSSysWOW64dssec.dat

2021-11-25 23:22 – 2021-11-25 23:21 – 000215943 _____ C:WINDOWSsystem32dssec.dat

2021-11-25 23:22 – 2021-11-25 23:21 – 000021047 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml

2021-11-25 23:22 – 2021-11-25 23:21 – 000003683 _____ C:WINDOWSsystem32Driversetclmhosts.sam

2021-11-25 23:22 – 2021-11-25 23:21 – 000003103 _____ C:WINDOWSSysWOW64mmc.exe.config

2021-11-25 23:22 – 2021-11-25 23:21 – 000003103 _____ C:WINDOWSsystem32mmc.exe.config

2021-11-25 23:22 – 2021-11-25 23:21 – 000000858 _____ C:WINDOWSsystem32DefaultQuestions.json

2021-11-25 23:22 – 2021-11-25 23:21 – 000000741 _____ C:WINDOWSSysWOW64NOISE.DAT

2021-11-25 23:22 – 2021-11-25 23:21 – 000000741 _____ C:WINDOWSsystem32NOISE.DAT

2021-11-25 23:21 – 2021-12-16 08:24 – 000000000 ____D C:WINDOWSINF

2021-11-25 23:19 – 2021-12-16 08:17 – 088604672 _____ C:WINDOWSsystem32configSOFTWARE

2021-11-25 23:19 – 2021-12-16 08:17 – 023592960 _____ C:WINDOWSsystem32configSYSTEM

2021-11-25 23:19 – 2021-12-16 08:17 – 000524288 _____ C:WINDOWSsystem32configDEFAULT

2021-11-25 23:19 – 2021-12-16 08:17 – 000262144 _____ C:WINDOWSsystem32configBBI

2021-11-25 23:19 – 2021-12-16 08:17 – 000065536 _____ C:WINDOWSsystem32configSECURITY

2021-11-25 23:19 – 2021-12-16 08:17 – 000065536 _____ C:WINDOWSsystem32configSAM

2021-11-25 23:19 – 2021-12-15 13:24 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-25 23:19 – 2021-12-14 05:32 – 000032768 _____ C:WINDOWSsystem32configELAM

2021-11-25 23:19 – 2021-11-25 23:57 – 000000000 ____D C:WINDOWSservicing

2021-11-25 23:19 – 2021-11-25 23:22 – 000000000 ____D C:WINDOWSsystem32SMI

2021-11-25 23:18 – 2021-11-25 23:38 – 000000000 ___HD C:$SysReset

2021-11-25 21:20 – 2021-11-25 21:20 – 000040960 _____ C:WINDOWSsystem32prxyqry.dll

2021-11-25 21:20 – 2021-11-25 21:20 – 000015040 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-25 21:20 – 2021-11-25 21:20 – 000013824 _____ C:WINDOWSSysWOW64prxyqry.dll

2021-11-25 21:17 – 2021-11-25 21:17 – 000215552 _____ C:WINDOWSsystem32CloudIdWxhExtension.dll

2021-11-25 19:51 – 2021-12-14 05:23 – 007582680 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-11-25 19:49 – 2021-11-25 19:49 – 000497512 _____ (Intel) C:WINDOWSsystem32libvpl.dll

2021-11-25 19:49 – 2021-11-25 19:49 – 000450456 _____ C:WINDOWSsystem32ze_tracing_layer.dll

2021-11-25 19:49 – 2021-11-25 19:49 – 000431336 _____ (Intel) C:WINDOWSSysWOW64libvpl.dll

2021-11-25 19:49 – 2021-11-25 19:49 – 000369560 _____ C:WINDOWSsystem32ze_loader.dll

2021-11-25 19:49 – 2021-11-25 19:49 – 000140176 _____ C:WINDOWSsystem32ze_validation_layer.dll

2021-11-25 19:48 – 2021-11-25 19:48 – 000304208 _____ C:WINDOWSsystem32ControlLib.dll

2021-11-25 19:48 – 2021-11-25 19:48 – 000125568 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys

2021-11-25 19:48 – 2021-11-25 19:48 – 000038016 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhdap64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 007178376 _____ (Dolby Laboratories) C:WINDOWSsystem32R4EEP64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 007101648 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPP64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 006270096 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPP64AF3.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 005954144 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32DriversRTKVHD64.sys

2021-11-25 19:45 – 2021-11-25 19:45 – 005346904 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyDAX2APOv211.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003843944 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RltkAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003445648 _____ (DTS, Inc.) C:WINDOWSsystem32slcnt64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003375928 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtkApi64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003334136 _____ (Realtek Semiconductor Corp.) C:WINDOWSSysWOW64RltkAPO.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003168296 _____ (DTS, Inc.) C:WINDOWSsystem32sltech64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 003159680 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtPgEx64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 002930056 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RCoInstII64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 002444592 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyDAX2APOv201.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001971272 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPD64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001965064 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPD64AF3.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001787864 _____ (DTS) C:WINDOWSsystem32DTSS2SpeakerDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001610864 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyAPOv251gm.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001598304 _____ (DTS) C:WINDOWSsystem32DTSS2HeadphoneDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001596096 _____ (Harman International Industries, Incorporated.) C:WINDOWSsystem32HarmanAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001544160 _____ (Dolby Laboratories) C:WINDOWSsystem32DAX3APOProp.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001516176 _____ (DTS) C:WINDOWSsystem32DTSBoostDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001435048 _____ (Synopsys, Inc.) C:WINDOWSsystem32SRRPTR64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001414992 _____ (Sound Research, Corp.) C:WINDOWSsystem32SEHDHF64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001403728 _____ (Sound Research, Corp.) C:WINDOWSsystem32SECOMN64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001382144 _____ (TOSHIBA Corporation) C:WINDOWSsystem32tosade.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001372296 _____ (Dolby Laboratories) C:WINDOWSsystem32DAX3APOv251.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001353224 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RTCOM64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001337544 _____ (Toshiba Client Solutions Co., Ltd.) C:WINDOWSsystem32tossaeapo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001327944 _____ (Sound Research, Corp.) C:WINDOWSsystem32SEAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001287504 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyAPOvlldpgm.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001259632 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyDAX2APOvlldp.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001195872 _____ (Sound Research, Corp.) C:WINDOWSsystem32SEHDRA64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001159088 _____ (Dolby Laboratories) C:WINDOWSsystem32DolbyDAX2APOProp.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001110080 _____ (DTS, Inc.) C:WINDOWSsystem32sl3apo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001078592 _____ (Sound Research, Corp.) C:WINDOWSSysWOW64SEHDHF32.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 001061480 _____ (Sound Research, Corp.) C:WINDOWSSysWOW64SECOMN32.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000964928 _____ (Sony Corporation) C:WINDOWSsystem32SFSS_APO.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000873368 _____ (TOSHIBA Corporation) C:WINDOWSsystem32tadefxapo264.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000852040 _____ (Toshiba Client Solutions Co., Ltd.) C:WINDOWSsystem32tosasfapo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000751208 _____ (DTS) C:WINDOWSsystem32DTSBassEnhancementDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000734680 _____ (DTS) C:WINDOWSsystem32DTSSymmetryDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000715552 _____ (DTS) C:WINDOWSsystem32DTSVoiceClarityDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000692072 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtDataProc64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000604704 _____ (Toshiba Client Solutions Co., Ltd.) C:WINDOWSsystem32tossaemaxapo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000541024 _____ (SRS Labs, Inc.) C:WINDOWSsystem32SRSTSX64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000511552 _____ (DTS) C:WINDOWSsystem32DTSNeoPCDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000487376 _____ (Harman International Industries, Incorporated.) C:WINDOWSsystem32HarmanAPOUI64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000467064 _____ (Synopsys, Inc.) C:WINDOWSsystem32SRAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000453184 _____ (Dolby Laboratories) C:WINDOWSsystem32R4EED64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000452640 _____ (DTS) C:WINDOWSsystem32DTSLimiterDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000448512 _____ (DTS) C:WINDOWSsystem32DTSGainCompensatorDLL64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000447088 _____ (Toshiba Client Solutions Co., Ltd.) C:WINDOWSsystem32toseaeapo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000416416 _____ (Harman) C:WINDOWSsystem32HMUI.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000406360 _____ (Dolby Laboratories) C:WINDOWSsystem32HiFiDAX2APIPCLL.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000392776 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RTEEP64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000381312 _____ (Synopsys, Inc.) C:WINDOWSsystem32SRCOM64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000378288 _____ (Dolby Laboratories) C:WINDOWSsystem32HiFiDAX2API.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000367520 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPO64AF3.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000366024 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32HMAPO.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000360248 _____ (Harman) C:WINDOWSsystem32HMClariFi.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000343616 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtlCPAPI64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000341056 _____ (Synopsys, Inc.) C:WINDOWSSysWOW64SRCOM.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000341056 _____ (Synopsys, Inc.) C:WINDOWSsystem32SRCOM.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000332920 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPO64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000327176 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RP3DHT64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000327176 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RP3DAA64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000315880 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPA64F3.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000278176 _____ (Dolby Laboratories) C:WINDOWSsystem32DDPA64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000266456 _____ (TODO: <Company name>) C:WINDOWSsystem32slprp64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000261144 _____ (DTS) C:WINDOWSsystem32DTSGFXAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000261104 _____ (DTS) C:WINDOWSsystem32DTSLFXAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000260120 _____ (DTS) C:WINDOWSsystem32DTSGFXAPONS64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000231824 _____ (Synopsys, Inc.) C:WINDOWSsystem32SFNHK64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000230608 _____ (SRS Labs, Inc.) C:WINDOWSsystem32SRSTSH64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000220296 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RTEED64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000218176 _____ (SRS Labs, Inc.) C:WINDOWSsystem32SRSHP64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000203744 _____ (Harman) C:WINDOWSsystem32HMHVS.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000192888 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtkCfg64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000190840 _____ (Harman) C:WINDOWSsystem32HMEQ_Voice.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000190840 _____ (Harman) C:WINDOWSsystem32HMEQ.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000179504 _____ (Harman) C:WINDOWSsystem32HMLimiter.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000174848 _____ (SRS Labs, Inc.) C:WINDOWSsystem32SRSWOW64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000158600 _____ (TOSHIBA Corporation) C:WINDOWSsystem32tadefxapo.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000157248 _____ (Dolby Laboratories) C:WINDOWSsystem32R4EEL64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000154264 _____ (Harman) C:WINDOWSsystem32HarmanAudioInterface.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000139664 _____ (Dolby Laboratories) C:WINDOWSsystem32R4EEA64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000122224 _____ (Real Sound Lab SIA) C:WINDOWSsystem32CONEQMSAPOGUILibrary.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000118496 _____ C:WINDOWSsystem32AcpiServiceVnA64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000116448 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RTEEL64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000105216 _____ C:WINDOWSsystem32audioLibVc.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000093808 _____ (Dolby Laboratories, Inc.) C:WINDOWSsystem32RTEEG64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000090824 _____ (Synopsys, Inc.) C:WINDOWSsystem32SFCOM64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000090080 _____ (Dolby Laboratories) C:WINDOWSsystem32R4EEG64A.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000088224 _____ (Synopsys, Inc.) C:WINDOWSsystem32SFAPO64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000083528 _____ (Virage Logic Corporation / Sonic Focus) C:WINDOWSSysWOW64SFCOM.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000075448 _____ (TOSHIBA CORPORATION.) C:WINDOWSsystem32tepeqapo64.dll

2021-11-25 19:45 – 2021-11-25 19:45 – 000023600 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RtkCoLDR64.dll

2021-11-25 19:44 – 2021-11-25 19:45 – 005804772 _____ C:WINDOWSsystem32Driversrtvienna.dat

2021-11-25 19:44 – 2021-11-25 19:44 – 072520616 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RCoRes64.dat

2021-11-25 19:44 – 2021-11-25 19:44 – 043252949 _____ C:WINDOWSsystem32DriversRTAIODAT.DAT

2021-11-25 19:44 – 2021-11-25 19:44 – 003676976 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RTSnMg64.cpl

2021-11-25 19:44 – 2021-11-25 19:44 – 001854072 _____ (Logitech, Inc.) C:WINDOWSsystem32LkmdfCoInst.dll

2021-11-25 19:44 – 2021-11-25 19:44 – 000094840 _____ (Logitech, Inc.) C:WINDOWSsystem32DriversLEqdUsb.sys

2021-11-25 19:12 – 2021-12-07 12:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDriver Booster 9

2021-11-25 14:05 – 2021-11-25 14:12 – 705906200 _____ (Duodian Technology Co. Ltd.) C:UsersdjDownloadsnox_setup_v7.0.1.8_full_intl.exe

2021-11-25 00:59 – 2021-11-25 01:03 – 468884616 _____ (NC Soft) C:UsersdjDownloadsLineageW_PURPLE_Installer (1).exe

2021-11-23 20:59 – 2021-11-23 20:59 – 000988112 _____ (Bleeping Computer, LLC) C:UsersdjDownloadsrkill64.exe

2021-11-20 07:45 – 2021-12-15 15:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLAV Filters

2021-11-20 07:45 – 2021-11-20 07:45 – 000000000 ___RD C:UsersDefaultOneDrive

2021-11-20 07:44 – 2021-11-20 07:44 – 013999432 _____ (1f0.de ) C:UsersdjDownloadsLAVFilters-0.75.1-Installer.exe

2021-11-20 07:37 – 2021-12-06 00:03 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPotPlayer

2021-11-20 07:35 – 2021-11-20 07:35 – 030466120 _____ (Kakao) C:UsersdjDownloadsPotPlayerSetup64.exe

2021-11-18 06:49 – 2021-11-18 06:56 – 705976376 _____ (Duodian Technology Co. Ltd.) C:UsersdjDownloadsnox_setup_v7.0.1.7_full_intl.exe

2021-11-17 08:24 – 2021-11-17 08:30 – 468884616 _____ (NC Soft) C:UsersdjDownloadsLineageW_PURPLE_Installer.exe

2021-11-17 08:12 – 2021-11-26 00:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPurple

2021-11-17 08:07 – 2021-11-17 08:10 – 263965112 _____ (NCSOFT Corporation) C:UsersdjDownloadsPurpleInstaller_0_9_4_625.exe

2021-11-17 07:22 – 2021-11-17 07:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

2021-11-17 07:00 – 2021-12-15 19:58 – 000001300 _____ C:UsersdjDesktop諾頓安裝檔.lnk

2021-11-17 07:00 – 2021-11-17 07:00 – 003667608 _____ (Symantec Corporation) C:UsersdjDownloadsNSBUDownloader.exe

2021-11-17 07:00 – 2021-11-17 07:00 – 000000000 ____D C:UsersPublicDownloadsNorton

2021-11-17 06:44 – 2021-11-17 06:44 – 000286720 _____ C:WINDOWSsystem32AggregatorHost.exe

2021-11-17 06:44 – 2021-11-17 06:44 – 000077824 _____ C:WINDOWSsystem32runexehelper.exe

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-12-16 20:28 – 2021-10-17 21:59 – 000000000 ____D C:FRST

2021-12-16 20:19 – 2021-10-17 19:37 – 002311168 _____ (Farbar) C:UsersdjDesktopFRST64.exe

2021-12-16 19:37 – 2019-07-06 04:52 – 000000000 ____D C:ProgramDataCommon

2021-12-16 08:17 – 2021-10-16 14:29 – 000012288 ___SH C:DumpStack.log.tmp

2021-12-16 08:17 – 2021-10-04 22:32 – 000000000 __SHD C:UsersdjIntelGraphicsProfiles

2021-12-16 08:17 – 2019-07-06 04:10 – 000000000 ____D C:Intel

2021-12-15 19:58 – 2019-07-06 03:53 – 000000000 ____D C:ProgramDataNorton

2021-12-15 19:58 – 2019-07-06 03:53 – 000000000 ____D C:Program Files (x86)NortonInstaller

2021-12-15 05:26 – 2021-10-10 23:01 – 000000001 _____ C:UsersPublicDocumentsdgc_DC.txt

2021-12-14 05:32 – 2021-10-17 21:12 – 000000000 ___RD C:UsersdjDesktop1

2021-12-14 05:25 – 2021-10-18 07:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight

2021-12-14 05:25 – 2019-07-06 03:21 – 000000000 ____D C:ProgramDataPackage Cache

2021-12-14 05:23 – 2021-10-18 01:23 – 000048552 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvad64v.sys

2021-12-07 13:58 – 2021-10-18 00:30 – 000000000 ____D C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsMEGAsync

2021-11-29 09:54 – 2021-10-17 22:04 – 000000011 _____ C:UsersdjDesktop新文字文件 (2).txt

2021-11-26 13:06 – 2019-01-22 12:17 – 000000000 ____D C:ProgramDataPackages

2021-11-26 09:45 – 2021-10-18 13:54 – 000000295 _____ C:Usersdjd4ac4633ebd6440fa397b84f1bc94a3c.7z

2021-11-26 09:37 – 2021-10-09 13:41 – 000000000 ____D C:Usersdj.android

2021-11-26 09:37 – 2021-10-09 13:40 – 000000000 ____D C:Usersdjvmlogs

2021-11-26 05:13 – 2019-07-06 03:53 – 000000000 ____D C:ProgramDataNortonInstaller

2021-11-26 04:45 – 2019-07-06 04:52 – 000000000 ____D C:ProgramDataMSI

2021-11-26 04:44 – 2021-10-14 17:12 – 000000114 _____ C:UsersdjDesktop新文字文件.txt

2021-11-26 00:29 – 2021-10-19 02:08 – 000000000 ____D C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome 應用程式

2021-11-25 23:44 – 2021-10-04 22:34 – 000000000 ___RD C:UsersdjOneDrive

2021-11-25 23:42 – 2019-07-06 03:22 – 000000000 ____D C:Program FilesIntel

2021-11-25 23:42 – 2019-01-22 12:16 – 000000000 __RHD C:UsersPublicAccountPictures

2021-11-25 23:36 – 2018-09-15 15:33 – 000000000 ____D C:WINDOWSsystem32Tasks_Migrated

2021-11-25 23:35 – 2019-07-06 03:24 – 000000000 ____D C:ProgramDataIntel

2021-11-25 23:35 – 2018-09-15 15:33 – 000000000 ____D C:WINDOWSSysWOW64Macromed

2021-11-25 23:34 – 2019-07-06 03:58 – 000000000 ____D C:WINDOWSRE_DRIVE

2021-11-25 23:34 – 2019-07-06 03:54 – 000000000 ____D C:UsersPublicSymantec

2021-11-25 23:34 – 2018-09-15 15:33 – 000000000 ____D C:WINDOWSsystem32Macromed

2021-11-25 23:32 – 2019-07-06 04:06 – 000000000 ____D C:ProgramDataPortrait Displays

2021-11-25 23:32 – 2019-07-06 04:06 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMSI True Color

2021-11-25 23:32 – 2019-07-06 04:06 – 000000000 ____D C:Program FilesPortrait Displays

2021-11-25 23:32 – 2019-07-06 03:54 – 000000000 ____D C:Program Files (x86)MSI

2021-11-25 23:32 – 2019-07-06 03:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMSI Recovery Image Backup

2021-11-25 23:32 – 2019-07-06 03:52 – 000000000 ____D C:Program Files (x86)BurnRecovery

2021-11-25 23:32 – 2019-07-06 03:27 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2021-11-25 23:32 – 2019-07-06 03:27 – 000000000 ____D C:ProgramDataDownloaded Installations

2021-11-25 23:32 – 2019-07-06 03:27 – 000000000 ____D C:Program Files (x86)Realtek

2021-11-25 23:32 – 2019-07-06 03:26 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-11-25 23:32 – 2019-07-06 03:25 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-11-25 23:32 – 2019-07-06 03:25 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-11-25 23:32 – 2019-07-06 03:23 – 000000000 ____D C:Program FilesCommon FilesIntel Corporation

2021-11-25 23:32 – 2018-09-15 15:33 – 000000000 ____D C:Program FilesWindows Security

2021-11-25 23:29 – 2021-10-16 07:47 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner

2021-11-25 23:29 – 2019-07-06 03:54 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMSI

2021-11-23 21:04 – 2021-10-17 19:37 – 000001200 _____ C:UsersdjDesktopRkill.txt

 

==================== Files in the root of some directories ========

 

2021-12-16 08:05 – 2021-12-16 08:05 – 000007607 _____ () C:UsersdjAppDataLocalResmon.ResmonCfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021

Ran by dj (16-12-2021 20:28:44)

Running from C:UsersdjDesktop

Microsoft Windows 11 專業版 Version 21H2 22000.348 (X64) (2021-11-25 15:42:20)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-3208085953-1005275366-908118176-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-3208085953-1005275366-908118176-503 – Limited – Disabled)

dj (S-1-5-21-3208085953-1005275366-908118176-1001 – Administrator – Enabled) => C:Usersdj

Guest (S-1-5-21-3208085953-1005275366-908118176-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-3208085953-1005275366-908118176-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Norton Security Online (Enabled – Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Security Online (Enabled – Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}

AV: Norton Security (Enabled – Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}

AV: Norton Security Online (Enabled – Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Norton Security Online (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}

FW: Norton Security Online (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

FW: Norton Security Online (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 21.06 (x64) (HKLM…7-Zip) (Version: 21.06 – Igor Pavlov)

AR8171 Driver Installation (HKLM-x32…{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.45 – Rivet Networks)

AR8171 Drivers (HKLM…{9E192139-20DC-4BEC-8908-D44B23AA9F4D}) (Version: 1.0.0.45 – Rivet Networks) Hidden

Creator Center (HKLM-x32…InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.0.1906.1001 – Micro-Star International Co., Ltd.)

Discord (HKUS-1-5-21-3208085953-1005275366-908118176-1001…Discord) (Version: 1.0.9003 – Discord Inc.)

Driver Booster 9 (HKLM-x32…Driver Booster_is1) (Version: 9.0.1 – IObit)

Google Chrome (HKLM-x32…Google Chrome) (Version: 96.0.4664.110 – Google LLC)

Intel® Chipset Device Software (HKLM-x32…{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 – Intel® Corporation)

Intel® Serial IO (HKLM…{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 – Intel Corporation)

LAV Filters 0.75.1 (HKLM-x32…lavfilters_is1) (Version: 0.75.1 – Hendrik Leppkes)

MEGAsync (HKLM-x32…MEGAsync) (Version:  – Mega Limited)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.53 – Microsoft Corporation)

Microsoft Edge WebView2 執行階段 (HKLM-x32…Microsoft EdgeWebView) (Version: 96.0.1054.53 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-3208085953-1005275366-908118176-1001…OneDriveSetup.exe) (Version: 21.230.1107.0004 – Microsoft Corporation)

Microsoft Silverlight (HKLM…{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.29.30040 (HKLM-x32…{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.29.30040 (HKLM-x32…{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 – Microsoft Corporation)

MSI Recovery Image Backup (HKLM-x32…{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1905.901 – Application) Hidden

MSI Recovery Image Backup (HKLM-x32…InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1905.901 – Application)

MSI True Color (HKLM…{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 2.5.0.0 – Portrait Displays, Inc.)

NiceHash Miner 3.0.6.9 (only current user) (HKUS-1-5-21-3208085953-1005275366-908118176-1001…8abad8e2-b957-48ed-92ba-4339c2a40e78) (Version: 3.0.6.9 – H-BIT, d.o.o.)

NiceHash QuickMiner (HKLM…NiceHash QuickMiner) (Version: v0.5.2.0 – NiceHash)

Norton Security Online (HKLM-x32…NGC) (Version: 22.21.10.40 – Symantec Corporation)

NVIDIA GeForce Experience 3.16.0.140 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 – NVIDIA Corporation)

NVIDIA Graphics Driver 417.77 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.77 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.4 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 – NVIDIA Corporation)

NVIDIA PhysX 系統軟體 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

PotPlayer-64 bit (HKLM…PotPlayer64) (Version: 211118 – Kakao Corp.)

PURPLE (HKLM-x32…Purple_plaync) (Version:  – NCSOFT)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 – Realtek Semiconductor Corp.)

天堂W (HKLM-x32…MGS_LW_PURPLE) (Version:  – NCSOFT Corp.)

 

Packages:

=========

Evernote -> C:Program FilesWindowsAppsEvernote.Evernote_10.26.5.0_x86__q4d96b2w5wcc2 [2021-12-12] (Evernote)

Intel® Graphics Control Panel -> C:Program FilesWindowsAppsappup.intelgraphicscontrolpanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-11-26] (INTEL CORP)

Intel® 顯示晶片控制中心 -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2021-12-06] (INTEL CORP) [Startup Task]

LINE -> C:Program FilesWindowsAppsNAVER.LINEwin8_7.4.1.0_x86__8ptj331gd3tyt [2021-12-02] (LINE Corporation)

LinkedIn -> C:Program FilesWindowsApps7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-11-26] (LinkedIn)

Microsoft Access -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Access_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsmicrosoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-25] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsmicrosoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-25] (Microsoft Corporation) [MS Ad]

Microsoft Excel -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Excel_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft Office Desktop Apps -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft Outlook -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Outlook_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft PowerPoint -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.PowerPoint_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft Publisher -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Publisher_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-12] (Microsoft Studios) [MS Ad]

Microsoft Sudoku -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]

Microsoft Ultimate Word Games -> C:Program FilesWindowsAppsMicrosoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]

Microsoft Word -> C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Word_16051.14701.20226.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation)

Microsoft 遠端桌面 -> C:Program FilesWindowsAppsMicrosoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-11-26] (Microsoft Corporation)

MSI Driver & App Center -> C:Program FilesWindowsAppsmsiappadm.msidriverappcenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2021-11-26] (msiappadm)

MSI Help Desk -> C:Program FilesWindowsAppsmsiappadm.msihelpdesk_2.2103.3101.0_x64__7f61qv3vk9gn2 [2021-11-26] (msiappadm)

Music Maker Jam -> C:Program FilesWindowsAppsMAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-11-26] (MAGIX)

Nahimic -> C:Program FilesWindowsAppsA-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etm [2021-12-16] (A-Volute)

Norton Studio -> C:Program FilesWindowsAppssymanteccorporation.nortonstudio_2.2.0.0_x86__v68kp9n051hdp [2021-11-26] (Symantec Corporation)

NVIDIA Control Panel -> C:Program FilesWindowsAppsnvidiacorp.nvidiacontrolpanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-26] (NVIDIA Corp.)

PhotoDirector8 for MSI -> C:Program FilesWindowsAppscyberlink.photodirector8formsi_8.0.4020.0_x64__jtmmp2jxy9gb6 [2021-11-26] (CyberLink)

PowerDirector for MSI -> C:Program FilesWindowsAppscyberlink.powerdirectorformsi_15.0.4024.0_x64__jtmmp2jxy9gb6 [2021-11-26] (CyberLink)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2021-11-26] (Realtek Semiconductor Corp)

Thunderbolt™ 控制中心 -> C:Program FilesWindowsAppsappup.thunderboltcontrolcenter_1.0.34.0_x64__8j3eq9eme6ctt [2021-11-26] (INTEL CORP)

翻譯 -> C:Program FilesWindowsAppsMicrosoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020420-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020421-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020422-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020423-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020424-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{00020425-0000-0000-C000-000000000046}InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208085953-1005275366-908118176-1001_ClassesCLSID{80172dde-4e20-4df0-81a2-0a48553e80bb}localserver32 -> C:UsersdjAppDataLocalNhNotifSysnahimicnahimicNotifSys.exe (A-Volute SAS -> A-Volute)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersdjAppDataLocalMEGAsyncShellExtX64.dll [2021-07-06] (Mega Limited -> )

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvmii.inf_amd64_bb73eaf36634aebenvshext.dll [2021-12-14] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:Program FilesNorton SecurityEngine22.21.10.40buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:Program FilesNorton SecurityEngine22.21.10.40NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersdjDesktopJc – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Default”

ShortcutWithArgument: C:UsersdjAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome 應用程式Chrome 安全保鏢.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=bfpoaihndjklkeidejbgjaadeidhfenm

 

==================== Loaded Modules (Whitelisted) =============

 

2021-12-15 19:50 – 2021-12-15 19:51 – 020160512 _____ () [File not signed] C:Program FilesWindowsAppsA-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etmNahimic3.dll

2021-12-15 19:02 – 2021-11-24 22:00 – 000093696 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalAppXSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalBFE => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalBITS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalcamsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalClipSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimaldps => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimallfsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMpsSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmsiserver => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalsemgrsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalSharedAccess => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalshellhwdetection => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalTokenBroker => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalTweakingRemoveSafeBoot => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalvss => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalWSService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkAppXSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkBITS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkcamsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkClipSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkdps => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworklfsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmsiserver => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSamSs => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksemgrsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkshellhwdetection => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrv => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrv2 => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrvnet => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkTokenBroker => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkTweakingRemoveSafeBoot => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkvss => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkWSService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-3208085953-1005275366-908118176-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE

BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:Program FilesNorton SecurityEngine3222.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Toolbar: HKLM-x32 – Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:Program FilesNorton SecurityEngine3222.21.10.40coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2018-09-15 15:31 – 2018-09-15 15:31 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-3208085953-1005275366-908118176-1001Control PanelDesktop\Wallpaper -> C:WINDOWSwebwallpaperWindowsimg19.jpg

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “SecurityHealth”

HKLM…StartupApprovedRun: => “RtkAudUService”

HKUS-1-5-21-3208085953-1005275366-908118176-1001…StartupApprovedRun: => “SteelSeries Engine”

HKUS-1-5-21-3208085953-1005275366-908118176-1001…StartupApprovedRun: => “Discord”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{EF1198CE-91AF-4204-A1E4-B45F7E58EFCE}] => (Allow) C:Program FilesWindowsAppsmicrosoftteams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3494E553-E9AD-4E47-8181-E435221B3AAB}] => (Allow) C:Program FilesWindowsAppsmicrosoftteams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D18DE711-FAA4-46A7-ABA9-45008D2CD827}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{D460D3ED-EC86-41F0-B5A1-201F51AC06DD}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{1FB9D915-29E0-4746-A2FF-A175A50DB674}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{BDD5168E-B3C0-463C-B209-4F9AAD011AEE}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{C26B6D7C-1780-412F-9CF7-D269A79C7373}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{E7ADDD1A-4122-426C-B864-EB99043BC72B}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{13D41180-772B-4778-9E86-3A826EFAC719}] => (Allow) C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbweOffice16OUTLOOK.exe => No File

FirewallRules: [{C1035FB2-3E7C-425B-B462-070886DCE703}] => (Allow) C:Program Files (x86)NoxbinNox.exe => No File

FirewallRules: [{AB2978F3-481A-4E00-A95F-E0F5D0116097}] => (Allow) C:Program Files (x86)BignoxBigNoxVMRTNoxVMHandle.exe => No File

FirewallRules: [{E1AD7780-E310-42B3-B0D8-23430219353E}] => (Allow) C:Program Files (x86)NCSOFTPurpleyetiyeti_v1.0.0.183_globalpurpleon.exe (NCSOFT Corporation -> NCSOFT)

FirewallRules: [{37054CBC-7150-4D8B-B15F-67AAFE07DAF9}] => (Allow) C:Program FilesWindowsAppsMicrosoft.Office.Desktop.Outlook_16051.14701.20226.0_x86__8wekyb3d8bbweOffice16OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{CE89EA0C-D10A-40A5-BE03-31C549FE90F9}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication96.0.1054.53msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{BC2E1C4E-5685-4052-A736-6705860540F7}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{84C92F76-2CE4-4274-820F-901101AB6549}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{5FE92681-94AA-416F-AF2C-7D65FEB6EFCC}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{89ED3A98-A4E1-400C-99CE-AE293476832F}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{F774982E-9AF0-4A07-9E51-DA7B4D0F98CF}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{1F4A191C-5B74-4B76-A154-5155CBA0CCEB}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{A3278829-6B1F-41FC-9C23-3020CAB71C22}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{D91F4D11-EC7D-4409-AAD3-1CDABE746805}] => (Allow) C:Program Files (x86)NCSOFTPurple.9.4.667cefsharp.browsersubprocess.exe (The CefSharp Authors) [File not signed]

FirewallRules: [{14D4CB4F-5915-4424-9551-5C1FBA424988}] => (Allow) C:Program Files (x86)NCSOFTPurplepurple-boxPurpleBox.exe (NCSOFT Corporation -> NCSoft)

 

==================== Restore Points =========================

 

06-12-2021 10:43:10 排定的檢查點

07-12-2021 12:16:21 NPE v6.5.0.2114

14-12-2021 05:20:06 Driver Booster : NVIDIA GeForce GTX 1660 Ti with Max-Q Design

16-12-2021 08:08:25 Driver Booster : Intel® Serial IO I2C Host Controller – A36A

16-12-2021 20:27:08 AdwCleaner_BeforeCleaning_16/12/2021_20:27:06

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (12/16/2021 08:14:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: 失敗的應用程式名稱: Purple.exe版本: 0.9.4.667時間戳記: 0xcf92f7dc

失敗的模組名稱: KERNELBASE.dll版本: 10.0.22000.348時間戳記: 0x71e3e134

例外狀況代碼: 0xc000041d

錯誤位移: 0x0013eb22

失敗的處理程序識別碼: 0x630

失敗的應用程式開始時間: 0x01d7f21254b4897f

失敗的應用程式路徑: C:Program Files (x86)NCSOFTPurple.9.4.667Purple.exe

失敗的模組路徑: C:WINDOWSSystem32KERNELBASE.dll

報告識別碼: 4aa5b4ed-50ae-417f-83f5-3837934fec7d

失敗的套件完整名稱: 

失敗的套件相關應用程式識別碼:

 

Error: (12/16/2021 08:14:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: 失敗的應用程式名稱: Purple.exe版本: 0.9.4.667時間戳記: 0xcf92f7dc

失敗的模組名稱: KERNELBASE.dll版本: 10.0.22000.348時間戳記: 0x71e3e134

例外狀況代碼: 0xe0434352

錯誤位移: 0x0013eb22

失敗的處理程序識別碼: 0x630

失敗的應用程式開始時間: 0x01d7f21254b4897f

失敗的應用程式路徑: C:Program Files (x86)NCSOFTPurple.9.4.667Purple.exe

失敗的模組路徑: C:WINDOWSSystem32KERNELBASE.dll

報告識別碼: bc1c0e39-24dd-44c9-821f-1808b69d6825

失敗的套件完整名稱: 

失敗的套件相關應用程式識別碼:

 

Error: (12/16/2021 08:14:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Purple.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Runtime.InteropServices.COMException

   at System.Windows.Media.Composition.DUCE+Channel.SyncFlush()

   at System.Windows.Interop.HwndTarget.UpdateWindowSettings(Boolean, System.Nullable`1<ChannelSet>)

   at System.Windows.Interop.HwndTarget.UpdateWindowPos(IntPtr)

   at System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)

   at System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)

   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)

   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)

   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)

   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

 

Error: (12/16/2021 08:14:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: 失敗的應用程式名稱: LineageR.exe版本: 4.25.4.0時間戳記: 0x00000000

失敗的模組名稱: LineageR.exe版本: 4.25.4.0時間戳記: 0x00000000

例外狀況代碼: 0xc0000005

錯誤位移: 0x00000000028172d6

失敗的處理程序識別碼: 0xa90

失敗的應用程式開始時間: 0x01d7f213cdfc88e6

失敗的應用程式路徑: C:Program Files (x86)NCSOFTLineageWLineageRBinariesWin64LineageR.exe

失敗的模組路徑: C:Program Files (x86)NCSOFTLineageWLineageRBinariesWin64LineageR.exe

報告識別碼: 6b68f011-3d09-4705-b0d8-5317cf81c541

失敗的套件完整名稱: 

失敗的套件相關應用程式識別碼:

 

Error: (12/16/2021 08:14:16 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: 失敗的應用程式名稱: LineageR.exe版本: 4.25.4.0時間戳記: 0x00000000

失敗的模組名稱: LineageR.exe版本: 4.25.4.0時間戳記: 0x00000000

例外狀況代碼: 0xc0000005

錯誤位移: 0x00000000028172d6

失敗的處理程序識別碼: 0x4058

失敗的應用程式開始時間: 0x01d7f260510b30a4

失敗的應用程式路徑: C:Program Files (x86)NCSOFTLineageWLineageRBinariesWin64LineageR.exe

失敗的模組路徑: C:Program Files (x86)NCSOFTLineageWLineageRBinariesWin64LineageR.exe

報告識別碼: d378f644-f1f5-4041-941e-c9c347c0f1d7

失敗的套件完整名稱: 

失敗的套件相關應用程式識別碼:

 

Error: (12/16/2021 08:13:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: 失敗的應用程式名稱: dwm.exe版本: 10.0.22000.1時間戳記: 0x7cbe2305

失敗的模組名稱: dwmcore.dll版本: 10.0.22000.282時間戳記: 0x6cdf0960

例外狀況代碼: 0xc00001ad

錯誤位移: 0x0000000000266734

失敗的處理程序識別碼: 0x57c

失敗的應用程式開始時間: 0x01d7f212503e1e6c

失敗的應用程式路徑: C:WINDOWSsystem32dwm.exe

失敗的模組路徑: C:WINDOWSsystem32dwmcore.dll

報告識別碼: 941df833-c9bf-4abf-8413-7df56d15f656

失敗的套件完整名稱: 

失敗的套件相關應用程式識別碼:

 

Error: (12/16/2021 08:14:21 AM) (Source: VSS) (EventID: 8193) (User: )

Description: 磁碟區陰影複製服務錯誤: 呼叫常式 CoCreateInstance 時發生意外的錯誤。  hr = 0x8007045b, 系統關機進行中。

 

Error: (12/16/2021 08:14:21 AM) (Source: VSS) (EventID: 13) (User: )

Description: 磁碟區陰影複製服務資訊: 無法啟動 CLSID 為 {4e14fba2-2e22-11d1-9964-00c04fbbb345} 且名稱為 CEventSystem 的 COM 伺服器。[0x8007045b, 系統關機進行中。

]

 

 

System errors:

=============

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: NVIDIA LocalSystem Container 服務意外終止服務曾完成這項動作 1 次。以下的修正操作將在 6000 毫秒內執行: 重新啟動服務。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Nahimic service 服務意外終止服務曾完成這項動作 1 次。以下的修正操作將在 3000 毫秒內執行: 重新啟動服務。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Windows Presentation Foundation Font Cache 3.0.0.0 服務意外終止服務曾完成這項動作 1 次。以下的修正操作將在 0 毫秒內執行: 重新啟動服務。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Sensor dev service 服務意外地終止。已經發生 1 次。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Intel® Dynamic Application Loader Host Interface Service 服務意外地終止。已經發生 1 次。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Intel® Content Protection HECI Service 服務意外地終止。已經發生 1 次。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: NVIDIA Telemetry Container 服務意外終止服務曾完成這項動作 1 次。以下的修正操作將在 1000 毫秒內執行: 重新啟動服務。

 

Error: (12/16/2021 08:27:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Realtek Audio Universal Service 服務意外終止服務曾完成這項動作 1 次。以下的修正操作將在 0 毫秒內執行: 重新啟動服務。

 

 

CodeIntegrity:

===============

Date: 2021-12-16 08:20:32

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.21.10.40symamsi.dll that did not meet the Microsoft signing level requirements. ਍

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. E16Q4IMS.318 05/18/2020

Motherboard: Micro-Star International Co., Ltd. MS-16Q4

Processor: Intel® Core™ i7-9750H CPU @ 2.60GHz

Percentage of memory in use: 29%

Total physical RAM: 16224.45 MB

Available physical RAM: 11409.75 MB

Total Virtual: 23648.45 MB

Available Virtual: 17318.61 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:935.09 GB) (Free:793.85 GB) NTFS

 

\?Volume{c9ff085c-7432-4595-bd73-2589dd864d2c} (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.34 GB) NTFS

\?Volume{ebe1123b-1a33-42d2-84ef-b66c20e4d530} (BIOS_RVY) (Fixed) (Total:17.48 GB) (Free:0.3 GB) NTFS

\?Volume{db4a6efa-a786-4cc9-869a-87c97c56c556} (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 9B6B7D64)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 


https://www.bleepingcomputer.com/forums/t/765411/trojan-virus-worm-please-help-me-check-it-once-thank-you/

Erlando F Rasatro

Next Post

How to set up a VPN for increased security and privacy

Wed Feb 2 , 2022
Virtual private networks (VPNs) can offer an additional layer of security and privacy for your online activity. Whether you’re working on a public Wi-Fi network and want to escape prying eyes, or you’re worried about privacy in general, a VPN can offer a lot of benefits. In a nutshell, a […]