Browser Guard – Virus of somesort. | #microsoft | #hacking | #cybersecurity


thanks for the assistance. hope youre enjoying your weekend. 

 

 

 

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe [319520 2018-10-27] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32RtkAudUService64.exe [1158960 2020-09-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [AvastUI.exe] => C:Program FilesAvast SoftwareAvastAvLaunch.exe [122592 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

HKLM…Run: [TuneupUI.exe] => C:Program FilesAvast SoftwareCleanupTuneupUI.exe [2429664 2021-05-29] (Avast Software s.r.o. -> AVAST Software)

HKLM-x32…Run: [Discord] => C:ProgramDataSquirrelMachineInstallsDiscord.exe [70858912 2021-06-05] (Discord Inc. -> Discord Inc.)

HKLM…PrintMonitorsHP DC11 Status Monitor: C:Windowssystem32hpinkstsDC11LM.dll [391984 2019-03-15] (HP Inc -> HP Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:Program FilesBraveSoftwareBrave-BrowserApplication91.1.25.70Installerchrmstp.exe [2021-06-03] (Brave Software, Inc. -> Brave Software, Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{C6CB981E-DB30-4876-8639-109F8933582C}] -> C:Program FilesBraveSoftwareBrave-Browser-NightlyApplication91.1.27.42Installerchrmstp.exe [2021-06-04] (Brave Software, Inc. -> Brave Software, Inc.)

BootExecute: autocheck autochk * icarus_rvrt.exe

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

HKUS-1-5-21-1307597374-3854856505-3781856823-1001SOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0C480BE7-D35D-4A98-B4DD-A232F8D3F85C} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon FilesAvast SoftwareOverseeroverseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)

Task: {10296667-2D04-4C53-8B2A-7A2D86022DC8} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {16B66D9F-22EA-44D7-A249-62111B214C5A} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {17DBD23B-81F2-44FD-B22F-CDA44B0AF913} – System32TasksSafer-NetworkingSpybot – Search and DestroyScan the system => C:Program Files (x86)Spybot – Search & Destroy 2SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {24020596-6834-4D3E-B229-4016AE0FBE54} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {24301BEB-4D49-42F1-84B0-958AEC62A1C5} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2E65550A-B443-410A-98EC-52144C07E6F8} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {45784279-E05F-4988-A67F-1E2EF0A82B86} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {5925C7C2-8768-4D80-A8DF-8A0E4045CACD} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5A66F87A-7780-4B1B-B775-3C07B32116C7} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5C3C04B9-5B94-46D7-B620-8E13DD01D64D} – System32TasksSUPERAntiSpyware Scheduled Task 96e4a435-51fc-43fe-bd67-6d0fbf4ac0c4 => C:Program FilesSUPERAntiSpywareSASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> “C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe” /TASK:96e4a435-51fc-43fe-bd67-6d0fbf4ac0c4

Task: {6798133D-6FDD-47AE-964A-3E0F1B828AEC} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {69BD93D7-93AA-44F9-80E6-C9E83B9D9E6F} – System32TasksSafer-NetworkingSpybot – Search and DestroyRefresh immunization => C:Program Files (x86)Spybot – Search & Destroy 2SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {7185AF35-3D9F-4963-ACB6-9D0B8863EFB6} – System32TasksAvast SoftwareAvast Cleanup BugReport => C:Program FilesAvast SoftwareCleanupAvBugReport.exe [4665568 2021-05-29] (Avast Software s.r.o. -> AVAST Software) -> –send “dumps|report” –silent –product 62 –programpath “C:Program FilesAvast SoftwareCleanupSetup..” –configpath “C:Program FilesAvast SoftwareCleanupSetup” –path “C:ProgramDataAvast SoftwareCleanuplog”  –path “C:ProgramDataAvast SoftwareIcarusLogs” –guid 262437c0-efa6-4fe5-8f24-9af2058aede9

Task: {85C0B2E5-6812-4AF8-99F4-CDBA04532F08} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {8C96E69E-2B87-4C41-9469-49D70B9C63A5} – System32TasksProtonVPN Update => C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )

Task: {95C7C439-68C1-4899-9574-1636ADB52D62} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A67F1AD5-DE5B-445C-868C-0F4263A63513} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {B15F06AF-B753-4D62-883D-05918EBC903E} – System32TasksEOSv3 Scheduler onTime => C:UsersbrendAppDataLocalESETESETOnlineScannerESETOnlineScanner.exe [18007456 2021-05-15] (ESET, spol. s r.o. -> ESET)

Task: {B62F815F-3D58-4118-B87F-FC8C5049364C} – System32TasksOneDrive Standalone Update Task-S-1-5-21-1307597374-3854856505-3781856823-500 => C:UsersbrendAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe

Task: {BB434A60-B7F4-4E7A-8301-85D01B5E5F5C} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {C49CA0A3-3248-48F6-BDBE-02442F7C7990} – System32TasksSUPERAntiSpyware Scheduled Task de45c6e7-44b7-42e1-b96c-5e2b2fa78bb7 => C:Program FilesSUPERAntiSpywareSASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> “C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe” /TASK:de45c6e7-44b7-42e1-b96c-5e2b2fa78bb7

Task: {C8F3F75E-8CFB-4CBC-BD36-5409C8508B7D} – System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [163528 2020-10-19] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {CD6EA0DE-484D-40B6-9AF2-D5A6D419ADAC} – System32TasksAvast Emergency Update => C:Program FilesAvast SoftwareAvastAvEmUpdate.exe [4808928 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

Task: {D372501B-9374-4232-BA3A-43FE7FA0F3B3} – System32TasksSafer-NetworkingSpybot – Search and DestroyCheck for updates => C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {E9509043-FE75-4C61-A117-5167EF9980C7} – System32TasksSafer-NetworkingSpybot Anti-BeaconRefresh Spybot Anti-Beacon immunization => C:Program Files (x86)Safer-Networking LtdSpybot Anti-BeaconSpybot3AntiBeacon.exe [9469648 2021-04-29] (Safer-Networking Ltd. -> )

Task: {EE5120FF-30A9-4058-98E4-FE101D278DE6} – System32TasksAMHelper => C:Program Files (x86)ZemanaAntiMalwareAntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

Task: {EEF72DAC-0742-48E1-B660-A20936DF6D85} – System32TasksEOSv3 Scheduler onLogOn => C:UsersbrendAppDataLocalESETESETOnlineScannerESETOnlineScanner.exe [18007456 2021-05-15] (ESET, spol. s r.o. -> ESET)

Task: {F052609C-9340-48F4-BE0B-03B4D6255E79} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {F8780B29-989E-4054-AEF1-3BC0C4EFA16F} – System32TasksAvast SoftwareAvast Cleanup Update => C:Program FilesCommon FilesAvast SoftwareIcarusavast-tuicarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)

Task: {FD4F7CF8-505F-4CE8-9511-E424DB71DBF3} – System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [163528 2020-10-19] (Brave Software, Inc. -> BraveSoftware Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

Task: C:WINDOWSTasksSUPERAntiSpyware Scheduled Task 96e4a435-51fc-43fe-bd67-6d0fbf4ac0c4.job => C:Program FilesSUPERAntiSpywareSASTask.exe C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

Task: C:WINDOWSTasksSUPERAntiSpyware Scheduled Task de45c6e7-44b7-42e1-b96c-5e2b2fa78bb7.job => C:Program FilesSUPERAntiSpywareSASTask.exe C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

TcpipParameters: [DhcpNameServer] 71.10.216.1 71.10.216.2

Tcpip..Interfaces{28cea9dc-3bd9-4db5-9695-81d8e14b2025}: [DhcpNameServer] 71.10.216.1 71.10.216.2

Tcpip..Interfaces{59c5fca1-353a-476a-9d76-18a984f296f7}: [DhcpNameServer] 71.10.216.1 71.10.216.2

Tcpip..Interfaces{c4cd3f97-0ba2-45cc-9666-23b3f72afdab}: [DhcpNameServer] 71.10.216.1 71.10.216.2

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge DefaultProfile: Profile 2

Edge Profile: C:UsersbrendAppDataLocalMicrosoftEdgeUser DataProfile 2 [2021-06-05]

Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

 

Chrome: 

=======

CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

 

Brave: 

=======

BRA DefaultProfile: Profile 19

BRA Profile: C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-06-05]

BRA Profile: C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser DataGuest Profile [2021-06-05]

BRA Profile: C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser DataProfile 19 [2021-06-05]

BRA DefaultSearchKeyword: Profile 19 -> :g

BRA Profile: C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser DataSystem Profile [2021-06-05]

BRA Extension: (Brave Local Data Files Updater) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-04-14]

BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-04]

BRA Extension: (Brave Tor Client Updater (Windows)) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Datacpoalefficncklhjfpglfiplenlpccdb [2021-05-02]

BRA Extension: (Brave Ads Resources) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataemgmepnebbddgnkhfmhdhmjifkglkamo [2021-05-24]

BRA Extension: (Brave NTP sponsored images) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Datagccbbckogglekeggclmmekihdgdpdgoe [2021-06-04]

BRA Extension: (Brave NTP Super Referrer mapping table) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataheplpbhjcbmiibdlchlanmdenffpiibo [2021-04-15]

BRA Extension: (Brave Ads Resources) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataiblokdlgekdjophgeonmanpnjihcjkjj [2021-05-27]

BRA Extension: (Brave SpeedReader Updater) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-05-05]

BRA Extension: (Brave Ads Resources) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Datakkjipiepeooghlclkedllogndmohhnhi [2021-05-24]

BRA Extension: (Brave Ads Resources) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataocilmpijebaopmdifcomolmpigakocmo [2021-05-27]

BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersbrendAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-06-01]

StartMenuInternet: Brave Nightly – C:Program FilesBraveSoftwareBrave-Browser-NightlyApplicationbrave.exe

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

R3 aswbIDSAgent; C:Program FilesAvast SoftwareAvastaswidsagent.exe [8151120 2021-05-31] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:Program FilesAvast SoftwareAvastAvastSvc.exe [622816 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Tools; C:Program FilesAvast SoftwareAvastaswToolsSvc.exe [370400 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R2 AvastWscReporter; C:Program FilesAvast SoftwareAvastwsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [163528 2020-10-19] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [163528 2020-10-19] (Brave Software, Inc. -> BraveSoftware Inc.)

R2 CCDCHUService; C:WINDOWSSystem32DriverStoreFileRepositoryacpi0002.inf_amd64_70d0eac3c24f02b8DCHUService.exe [89272 2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> )

R2 CleanupPSvc; C:Program FilesAvast SoftwareCleanupTuneupSvc.exe [12414176 2021-05-29] (Avast Software s.r.o. -> AVAST Software)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818288 2021-01-31] (EasyAntiCheat Oy -> Epic Games, Inc)

R2 HitmanProScheduler; C:Program FilesHitmanProhmpsched.exe [151496 2021-05-31] (SurfRight B.V. -> SurfRight B.V.)

R2 HKClipSvc; C:Program Files (x86)ControlCenterDriverx64HKClipSvc.exe [421728 2018-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.)

S4 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

S4 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

S4 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [99136 2020-10-23] (ProtonVPN AG -> )

S4 ProtonVPN Update Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )

S4 rkrtservice; C:Program FilesRogueKillerRogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )

S4 Rockstar Service; D:Program FilesRockstar GamesLauncherRockstarService.exe [1676696 2021-03-16] (Rockstar Games, Inc. -> Rockstar Games)

S4 SDScannerService; C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

S4 SDUpdateService; C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

S4 SDWSCService; C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 UWPService; C:WINDOWSSysWOW64Creative.UWPRPCService.exe [357288 2020-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvcvi.inf_amd64_44b6b6d5bb153aa6Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvcvi.inf_amd64_44b6b6d5bb153aa6Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AcpiBridge; C:WINDOWSSystem32driversAcpiBridge.sys [48720 2018-12-12] (WDKTestCert stone.cheng,131352419880621518 -> Insyde Software Corporation)

R1 amsdk; C:WINDOWSsystem32driversamsdk.sys [232792 2021-06-05] (Zemana D.O.O. Sarajevo -> Copyright 2018.)

R3 ANXUcmCxCD; C:WINDOWSSystem32driversANXUcmCxCD.sys [94096 2019-06-19] (Analogix semiconductor, Inc. -> )

R0 aswArDisk; C:WINDOWSSystem32driversaswArDisk.sys [35664 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswArPot; C:WINDOWSSystem32driversaswArPot.sys [216360 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswbidsdriver; C:WINDOWSSystem32driversaswbidsdriver.sys [365536 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R0 aswbidsh; C:WINDOWSSystem32driversaswbidsh.sys [250336 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R0 aswbuniv; C:WINDOWSSystem32driversaswbuniv.sys [99296 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R0 aswElam; C:WINDOWSSystem32driversaswElam.sys [17328 2021-05-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)

R1 aswKbd; C:WINDOWSSystem32driversaswKbd.sys [41296 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswMonFlt; C:WINDOWSSystem32driversaswMonFlt.sys [180944 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswNetHub; C:WINDOWSSystem32driversaswNetHub.sys [522864 2021-05-31] (Avast Software s.r.o. -> AVAST Software)

R1 aswRdr; C:WINDOWSSystem32driversaswRdr2.sys [107792 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R0 aswRvrt; C:WINDOWSSystem32driversaswRvrt.sys [82856 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswSnx; C:WINDOWSSystem32driversaswSnx.sys [851144 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R1 aswSP; C:WINDOWSSystem32driversaswSP.sys [471352 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R2 aswStm; C:WINDOWSSystem32driversaswStm.sys [215336 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R0 aswVmm; C:WINDOWSSystem32driversaswVmm.sys [326976 2021-05-25] (Avast Software s.r.o. -> AVAST Software)

R3 HKKbdFltr; C:WINDOWSsystem32DRIVERSHKKbdFltr.sys [47416 2018-12-12] (WDKTestCert stone.cheng,131710889793483852 -> Insyde Software Corp.)

R3 HKMouFltr; C:WINDOWSsystem32DRIVERSHKMouFltr.sys [46208 2018-12-13] (WDKTestCert stone.cheng,131710889912565784 -> Insyde Software Corp.)

R3 MBfilt; C:WINDOWSsystem32driversMBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)

S3 ProtonVPNSplitTunnel; C:Program Files (x86)Proton TechnologiesProtonVPNx64Win10ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)

R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

S0 Spybot3ELAM; C:WINDOWSSystem32driversSpybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows ® Win 7 DDK provider)

R3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

S3 xhunter1; C:Windowsxhunter1.sys [2719256 2020-03-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-06-05 15:58 – 2021-06-05 16:00 – 000000000 ____D C:UsersbrendDesktopfarbarlogs

2021-06-05 14:46 – 2021-06-05 14:47 – 500375944 _____ (Anaconda, Inc.) C:UsersbrendDownloadsAnaconda3-2021.05-Windows-x86_64.exe

2021-06-05 11:34 – 2021-06-05 11:34 – 000002775 _____ C:UsersPublicDesktopSophos Virus Removal Tool.lnk

2021-06-05 11:34 – 2021-06-05 11:34 – 000002775 _____ C:ProgramDataDesktopSophos Virus Removal Tool.lnk

2021-06-05 11:34 – 2021-06-05 11:34 – 000000000 ____D C:ProgramDataSophos

2021-06-05 11:34 – 2021-06-05 11:34 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSophos

2021-06-05 11:34 – 2021-06-05 11:34 – 000000000 ____D C:Program Files (x86)Sophos

2021-06-05 11:32 – 2021-06-05 11:33 – 188951352 _____ (Sophos Limited) C:UsersbrendDownloadsSophos Virus Removal Tool.exe

2021-06-05 11:24 – 2021-06-05 11:30 – 000014591 _____ C:UsersbrendDownloadsFixlog.txt

2021-06-05 11:16 – 2021-06-05 11:19 – 000045099 _____ C:UsersbrendDownloadsAddition.txt

2021-06-05 11:14 – 2021-06-05 11:19 – 000063732 _____ C:UsersbrendDownloadsFRST.txt

2021-06-05 11:13 – 2021-06-05 11:13 – 002300416 _____ (Farbar) C:UsersbrendDownloadsFRST64.exe

2021-06-05 10:05 – 2021-06-05 11:08 – 000002656 _____ C:UsersbrendDesktopProfile 2 – Brave.lnk

2021-06-05 09:49 – 2021-06-05 09:49 – 000795000 _____ (Sysinternals – www.sysinternals.com) C:UsersbrendDownloadsautoruns.exe

2021-06-05 09:48 – 2021-06-05 09:48 – 000031729 _____ C:UsersPublicDesktopmbst-clean-results.txt

2021-06-05 09:48 – 2021-06-05 09:48 – 000031729 _____ C:ProgramDataDesktopmbst-clean-results.txt

2021-06-05 09:45 – 2021-06-05 09:45 – 011644232 _____ C:UsersbrendDownloadsmb-support-1.8.4.896.exe

2021-06-05 07:56 – 2021-06-05 09:56 – 000000000 ____D C:UsersbrendAppDataLocalDiscord

2021-06-05 07:36 – 2021-06-05 07:40 – 000000000 ____D C:SUPERDelete

2021-06-05 07:25 – 2021-06-05 07:25 – 028377264 _____ (Python Software Foundation) C:UsersbrendDownloadspython-3.9.5-amd64.exe

2021-06-05 07:25 – 2021-06-05 07:25 – 000000475 _____ C:UsersbrendDocumentsretry.txt

2021-06-05 07:09 – 2021-06-05 07:09 – 000000000 ____D C:ProgramDataSquirrelMachineInstalls

2021-06-05 07:07 – 2021-06-05 07:07 – 027520376 _____ (Adlice Software ) C:UsersbrendDownloadsUCheck_setup.exe

2021-06-05 07:07 – 2021-06-05 07:07 – 000000000 ____D C:ProgramDataUCheck

2021-06-05 07:07 – 2021-06-05 07:07 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsUCheck

2021-06-05 07:07 – 2021-06-05 07:07 – 000000000 ____D C:Program FilesUCheck

2021-06-05 07:05 – 2021-06-05 07:05 – 000012872 _____ (SurfRight B.V.) C:WINDOWSsystem32bootdelete.exe

2021-06-05 06:05 – 2021-06-05 06:05 – 008534696 _____ (Malwarebytes) C:UsersbrendDownloadsAdwCleaner.exe

2021-06-05 05:40 – 2021-06-05 05:40 – 002080712 _____ (Malwarebytes) C:UsersbrendDownloadsMBSetup (1).exe

2021-06-05 05:40 – 2021-06-05 05:40 – 000000000 ____D C:Program FilesMalwarebytes

2021-06-05 05:01 – 2021-06-05 05:01 – 000255928 _____ (Malwarebytes) C:WINDOWSsystem32Drivers2372574A.sys

2021-06-05 05:01 – 2021-06-05 05:01 – 000000000 ____D C:UsersbrendDesktopmbarrio

2021-06-05 04:59 – 2021-06-05 04:59 – 014178840 _____ (Malwarebytes Corp.) C:UsersbrendDownloadsmbar-1.10.3.1001 (1).exe

2021-06-05 03:46 – 2021-06-05 10:31 – 000000548 _____ C:WINDOWSTasksSUPERAntiSpyware Scheduled Task de45c6e7-44b7-42e1-b96c-5e2b2fa78bb7.job

2021-06-05 03:46 – 2021-06-05 10:31 – 000000548 _____ C:WINDOWSTasksSUPERAntiSpyware Scheduled Task 96e4a435-51fc-43fe-bd67-6d0fbf4ac0c4.job

2021-06-05 03:46 – 2021-06-05 10:08 – 000003452 _____ C:WINDOWSsystem32TasksSUPERAntiSpyware Scheduled Task de45c6e7-44b7-42e1-b96c-5e2b2fa78bb7

2021-06-05 03:46 – 2021-06-05 10:08 – 000003194 _____ C:WINDOWSsystem32TasksSUPERAntiSpyware Scheduled Task 96e4a435-51fc-43fe-bd67-6d0fbf4ac0c4

2021-06-05 03:46 – 2021-06-05 03:46 – 000000000 ____D C:UsersbrendAppDataRoamingSUPERAntiSpyware.com

2021-06-05 03:44 – 2021-06-05 03:46 – 000000000 ____D C:Program FilesSUPERAntiSpyware

2021-06-05 03:44 – 2021-06-05 03:44 – 000001856 _____ C:UsersPublicDesktopSUPERAntiSpyware Free Edition.lnk

2021-06-05 03:44 – 2021-06-05 03:44 – 000001856 _____ C:ProgramDataDesktopSUPERAntiSpyware Free Edition.lnk

2021-06-05 03:44 – 2021-06-05 03:44 – 000000000 ____D C:ProgramDataSUPERAntiSpyware.com

2021-06-05 03:44 – 2021-06-05 03:44 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSUPERAntiSpyware

2021-06-05 03:43 – 2021-06-05 03:43 – 179702856 _____ (SUPERAntiSpyware) C:UsersbrendDownloadsSUPERAntiSpyware.exe

2021-06-05 02:56 – 2021-06-05 16:00 – 000126087 _____ C:WINDOWSZAM.krnl.trace

2021-06-05 02:56 – 2021-06-05 10:11 – 000002588 _____ C:WINDOWSsystem32TasksAMHelper

2021-06-05 02:56 – 2021-06-05 07:57 – 000000000 ____D C:UsersbrendAppDataLocalAMSDK

2021-06-05 02:56 – 2021-06-05 02:56 – 013922376 _____ (Zemana Ltd. ) C:UsersbrendDownloadsAntiMalware_Setup.exe

2021-06-05 02:56 – 2021-06-05 02:56 – 000232792 _____ (Copyright 2018.) C:WINDOWSsystem32Driversamsdk.sys

2021-06-05 02:56 – 2021-06-05 02:56 – 000001340 _____ C:UsersPublicDesktopZemana AntiMalware.lnk

2021-06-05 02:56 – 2021-06-05 02:56 – 000001340 _____ C:ProgramDataDesktopZemana AntiMalware.lnk

2021-06-05 02:56 – 2021-06-05 02:56 – 000000000 ____D C:UsersbrendAppDataLocalZemana

2021-06-05 02:56 – 2021-06-05 02:56 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsZemana AntiMalware

2021-06-05 02:56 – 2021-06-05 02:56 – 000000000 ____D C:Program Files (x86)Zemana

2021-06-05 02:54 – 2021-06-05 02:54 – 000000000 _____ C:UsersbrendDownloadsZemana.AntiMalware.Setup.exe

2021-06-05 02:53 – 2021-06-05 02:53 – 000472016 _____ (Bleeping Computer, LLC) C:UsersbrendDownloadssc-cleaner.exe

2021-06-05 02:53 – 2021-06-05 02:53 – 000464336 _____ (Bleeping Computer, LLC) C:UsersbrendDownloadsFixExec.exe

2021-06-05 02:53 – 2021-06-05 02:53 – 000001836 _____ C:UsersbrendDesktopsc-cleaner.txt

2021-06-05 02:53 – 2021-06-05 02:53 – 000001374 _____ C:UsersbrendDesktopFixExec.txt

2021-06-05 02:51 – 2021-06-05 02:53 – 000459188 _____ C:UsersbrendDownloadsnetadapter-log-2021-06-05-2-51-53.txt

2021-06-05 02:51 – 2021-06-05 02:51 – 002091520 _____ (Conner Bernhard) C:UsersbrendDownloadsNetAdapterRepair1.2.exe

2021-06-05 02:27 – 2021-06-05 02:27 – 000001086 _____ C:UsersPublicDesktopRevo Uninstaller.lnk

2021-06-05 02:27 – 2021-06-05 02:27 – 000001086 _____ C:ProgramDataDesktopRevo Uninstaller.lnk

2021-06-05 02:27 – 2021-06-05 02:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRevo Uninstaller

2021-06-05 02:27 – 2021-06-05 02:27 – 000000000 ____D C:Program FilesVS Revo Group

2021-06-05 02:26 – 2021-06-05 02:26 – 007495512 _____ (VS Revo Group ) C:UsersbrendDownloadsrevosetup.exe

2021-06-05 02:19 – 2021-06-05 02:19 – 000000558 _____ C:UsersbrendDesktopJRT.txt

2021-06-05 02:17 – 2021-06-05 02:17 – 005054744 _____ (AO Kaspersky Lab) C:UsersbrendDownloadstdsskiller (2).exe

2021-06-05 02:17 – 2021-06-05 02:17 – 001790024 _____ (Malwarebytes) C:UsersbrendDownloadsJRT (1).exe

2021-06-05 02:17 – 2021-06-05 02:17 – 000331220 _____ C:TDSSKiller.3.1.0.28_05.06.2021_02.17.05_log.txt

2021-06-05 02:14 – 2021-06-05 02:14 – 001802704 _____ (Bleeping Computer, LLC) C:UsersbrendDownloadsrkill.exe

2021-06-05 02:11 – 2021-06-05 02:11 – 002155520 _____ C:UsersbrendDownloadsqualys-browsercheck-1.10.44.1 (1).msi

2021-06-05 02:09 – 2021-06-05 02:09 – 002155520 _____ C:UsersbrendDownloadsqualys-browsercheck-1.10.44.1.msi

2021-06-05 01:57 – 2021-06-05 05:39 – 000000000 ____D C:ProgramDataMalwarebytes’ Anti-Malware (portable)

2021-06-05 01:57 – 2021-06-05 01:57 – 000255928 _____ (Malwarebytes) C:WINDOWSsystem32Drivers5175553E.sys

2021-06-05 01:56 – 2021-06-05 01:56 – 005054744 _____ (AO Kaspersky Lab) C:UsersbrendDownloadstdsskiller (1).exe

2021-06-05 01:52 – 2021-06-05 01:52 – 014178840 _____ (Malwarebytes Corp.) C:UsersbrendDownloadsmbar-1.10.3.1001.exe

2021-06-05 01:52 – 2021-06-05 01:52 – 005054744 _____ (AO Kaspersky Lab) C:UsersbrendDownloadstdsskiller.exe

2021-06-05 01:23 – 2021-06-05 01:23 – 000000000 ____D C:UsersbrendAppDataLocalMicrosoftEdge

2021-06-05 00:53 – 2021-06-05 00:54 – 328675328 _____ C:UsersbrendDownloadsLibreOffice_7.1.3_Win_x64.msi

2021-06-05 00:43 – 2021-06-05 00:49 – 000000000 ____D C:ProgramDataRogueKiller

2021-06-05 00:43 – 2021-06-05 00:43 – 000000906 _____ C:UsersPublicDesktopRogueKiller.lnk

2021-06-05 00:43 – 2021-06-05 00:43 – 000000906 _____ C:ProgramDataDesktopRogueKiller.lnk

2021-06-05 00:43 – 2021-06-05 00:43 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRogueKiller

2021-06-05 00:43 – 2021-06-05 00:43 – 000000000 ____D C:Program FilesRogueKiller

2021-06-05 00:42 – 2021-06-05 00:42 – 040488656 _____ (Adlice Software ) C:UsersbrendDownloadsRogueKiller_setup.exe

2021-06-05 00:36 – 2021-06-05 00:36 – 000388608 _____ (Trend Micro Inc.) C:UsersbrendDownloadsHijackThis.exe

2021-06-05 00:34 – 2021-06-05 00:34 – 000000000 ____D C:WINDOWSsystem32TasksWPD

2021-06-05 00:34 – 2021-06-05 00:34 – 000000000 ____D C:WINDOWSsystem32TasksLenovo

2021-06-05 00:31 – 2021-06-05 00:31 – 001875480 _____ (Malwarebytes ) C:UsersbrendDownloadsmbae-setup-1.10.1.41.exe

2021-06-05 00:30 – 2021-06-05 00:30 – 001790024 _____ (Malwarebytes) C:UsersbrendDownloadsJRT.exe

2021-06-05 00:29 – 2021-06-05 00:29 – 000448512 _____ (OldTimer Tools) C:UsersbrendDownloadsTFC.exe

2021-06-05 00:26 – 2021-06-05 00:26 – 000265587 _____ C:UsersbrendDownloadsbrowseraddonsview-x64.zip

2021-06-04 23:32 – 2021-06-04 23:30 – 000454622 ____R C:WINDOWSsystem32Driversetchosts.20210604-233215.backup

2021-06-04 23:30 – 2021-06-04 23:29 – 000454622 ____R C:WINDOWSsystem32Driversetchosts.20210604-233019.backup

2021-06-04 23:29 – 2021-06-04 23:28 – 000454622 ____R C:WINDOWSsystem32Driversetchosts.20210604-232939.backup

2021-06-04 23:28 – 2021-06-04 23:28 – 000454622 ____R C:WINDOWSsystem32Driversetchosts.20210604-232846.backup

2021-06-04 23:28 – 2021-06-04 23:26 – 000454622 ____R C:WINDOWSsystem32Driversetchosts.20210604-232801.backup

2021-06-04 23:26 – 2021-06-02 19:52 – 000000852 _____ C:WINDOWSsystem32Driversetchosts.20210604-232655.backup

2021-06-04 23:04 – 2021-06-05 07:42 – 000000000 ____D C:Program Files (x86)Spybot – Search & Destroy 2

2021-06-04 23:04 – 2021-06-04 23:25 – 000000000 ____D C:ProgramDataSpybot – Search & Destroy

2021-06-04 23:04 – 2021-06-04 23:04 – 000001471 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsSpybot-S&D Start Center.lnk

2021-06-04 23:04 – 2021-06-04 23:04 – 000001459 _____ C:UsersPublicDesktopSpybot-S&D Start Center.lnk

2021-06-04 23:04 – 2021-06-04 23:04 – 000001459 _____ C:ProgramDataDesktopSpybot-S&D Start Center.lnk

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:WINDOWSsystem32TasksSafer-Networking

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:UsersbrendAppDataLocalSafer-Networking Ltd

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:Safer-Networking Ltd

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpybot Anti-Beacon

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpybot – Search & Destroy 2

2021-06-04 23:04 – 2021-06-04 23:04 – 000000000 ____D C:Program Files (x86)Safer-Networking Ltd

2021-06-04 23:04 – 2019-06-21 08:34 – 000019904 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32DriversSpybot3ELAM.sys

2021-06-04 23:04 – 2018-02-06 19:04 – 000032168 _____ (Safer-Networking Ltd.) C:WINDOWSsystem32sdnclean64.exe

2021-06-02 22:36 – 2021-06-02 22:39 – 000000000 ____D C:UsersbrendAppDataLocalUnityModManagerNet

2021-06-02 20:19 – 2021-06-02 20:19 – 000002410 _____ C:UsersPublicDesktopmbst-fix-results.txt

2021-06-02 20:19 – 2021-06-02 20:19 – 000002410 _____ C:ProgramDataDesktopmbst-fix-results.txt

2021-06-02 20:18 – 2021-06-05 09:45 – 002300416 _____ (Farbar) C:UsersbrendDownloadsFRSTEnglish.exe

2021-05-31 05:39 – 2021-05-31 05:39 – 000001833 _____ C:UsersbrendDesktopFrostyModManager.exe – Shortcut.lnk

2021-05-31 02:04 – 2021-05-31 02:04 – 000000000 ____D C:UsersbrendAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR

2021-05-31 02:04 – 2021-05-31 02:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR

2021-05-31 02:04 – 2021-05-31 02:04 – 000000000 ____D C:Program FilesWinRAR

2021-05-31 00:50 – 2021-05-31 00:50 – 000000223 _____ C:UsersbrendDesktopMass Effect™ Andromeda Deluxe Edition.url

2021-05-30 20:44 – 2021-06-05 04:50 – 000458192 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-05-30 20:44 – 2021-05-30 20:44 – 000000000 ____D C:WINDOWSPanther

2021-05-30 15:30 – 2021-05-30 15:30 – 000000000 ____D C:Usersbrend.QtWebEngineProcess

2021-05-30 00:27 – 2021-05-30 00:27 – 002080712 _____ (Malwarebytes) C:UsersbrendDownloadsMBSetup.exe

2021-05-29 23:33 – 2021-05-29 23:33 – 006611920 _____ (EnigmaSoft Limited) C:UsersbrendDownloadsSpyHunter-5.10-5-6608-Installer.exe

2021-05-29 23:10 – 2021-05-29 23:10 – 000002208 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAvast Cleanup Premium.lnk

2021-05-29 23:10 – 2021-05-29 23:10 – 000002196 _____ C:UsersPublicDesktopAvast Cleanup Premium.lnk

2021-05-29 23:10 – 2021-05-29 23:10 – 000002196 _____ C:ProgramDataDesktopAvast Cleanup Premium.lnk

2021-05-29 23:09 – 2021-05-29 23:09 – 001149536 _____ (Avast Software) C:UsersbrendDownloadsavast_cleanup_online_setup.exe

2021-05-29 23:07 – 2021-05-29 23:07 – 002953520 _____ (AVAST Software) C:UsersbrendDownloadsavast-browser-cleanup.exe

2021-05-29 15:53 – 2021-05-29 20:43 – 000000000 ____D C:UsersbrendAppDataRoamingcyberpunkdreams

2021-05-29 15:42 – 2021-05-29 15:42 – 000000223 _____ C:UsersbrendDesktopcyberpunkdreams.url

2021-05-28 17:10 – 2021-05-28 17:10 – 000000000 ____D C:UsersbrendAppDataLocalFLiNGTrainer

2021-05-28 14:39 – 2021-05-28 14:39 – 000000222 _____ C:UsersbrendDesktopLittle Nightmares.url

2021-05-27 20:02 – 2021-05-27 20:02 – 000000222 _____ C:UsersbrendDesktopNo Man’s Sky.url

2021-05-27 18:16 – 2021-05-27 18:16 – 000000223 _____ C:UsersbrendDesktopLearn Programming Python.url

2021-05-27 18:05 – 2021-05-27 18:05 – 000000724 _____ C:UsersbrendDesktopkowabunga.txt

2021-05-25 20:33 – 2021-05-25 20:33 – 000000000 ____D C:UsersbrendAppDataLocalAvast Software

2021-05-25 13:08 – 2021-05-25 13:08 – 000339680 _____ (AVAST Software) C:WINDOWSsystem32aswBoot.exe

2021-05-25 13:08 – 2021-05-25 13:08 – 000215336 _____ (AVAST Software) C:WINDOWSsystem32DriversaswStm.sys

2021-05-20 01:30 – 2021-05-13 03:38 – 000037656 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhdap64.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 001855184 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-05-20 01:29 – 2021-05-13 11:22 – 001855184 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-05-20 01:29 – 2021-05-13 11:22 – 001453360 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 001435880 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-05-20 01:29 – 2021-05-13 11:22 – 001435880 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-05-20 01:29 – 2021-05-13 11:22 – 001192752 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 001094864 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 001094864 _____ C:WINDOWSsystem32vulkan-1.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 000948968 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-05-20 01:29 – 2021-05-13 11:22 – 000948968 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 001514800 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 001166112 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 000715544 _____ C:WINDOWSsystem32nvofapi64.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 000675104 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 000626968 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 000575768 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-05-20 01:29 – 2021-05-13 11:19 – 000564000 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-05-20 01:29 – 2021-05-13 11:18 – 002106144 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-05-20 01:29 – 2021-05-13 11:18 – 001590576 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-05-20 01:29 – 2021-05-13 11:18 – 000811824 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-05-20 01:29 – 2021-05-13 11:18 – 000689952 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-05-20 01:29 – 2021-05-13 11:18 – 000656176 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-05-20 01:29 – 2021-05-13 11:18 – 000445744 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-05-20 01:29 – 2021-05-13 11:17 – 008317232 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-05-20 01:29 – 2021-05-13 11:17 – 007434032 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-05-20 01:29 – 2021-05-13 11:17 – 004795184 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-05-20 01:29 – 2021-05-13 11:17 – 002823472 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-05-20 01:29 – 2021-05-13 11:16 – 000848688 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-05-20 01:29 – 2021-05-13 11:15 – 006159152 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-05-20 01:29 – 2021-05-13 03:38 – 000087164 _____ C:WINDOWSsystem32nvinfo.pb

2021-05-19 22:00 – 2021-05-19 22:00 – 000000000 ____D C:UsersbrendAppDataLocalFallout4

2021-05-19 21:09 – 2021-05-19 21:09 – 000000222 _____ C:UsersbrendDesktopFallout 4.url

2021-05-18 08:10 – 2021-05-18 10:05 – 000022418 _____ C:UsersbrendDocumentssongsforadyingplanet.odt

2021-05-18 07:30 – 2021-05-18 08:03 – 000009801 _____ C:UsersbrendDesktopSongsForADeadPlanet.txt

2021-05-15 11:00 – 2021-06-02 20:49 – 000000000 ____D C:Program Files (x86)Origin Games

2021-05-15 10:58 – 2021-06-02 20:55 – 000000000 ____D C:UsersbrendAppDataRoamingOrigin

2021-05-15 10:53 – 2021-06-02 20:49 – 000000000 ____D C:Program Files (x86)Origin

2021-05-15 10:53 – 2021-05-15 10:53 – 000001073 _____ C:UsersPublicDesktopOrigin.lnk

2021-05-15 10:53 – 2021-05-15 10:53 – 000001073 _____ C:ProgramDataDesktopOrigin.lnk

2021-05-15 10:53 – 2021-05-15 10:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOrigin

2021-05-15 10:52 – 2021-06-02 20:49 – 000000000 ____D C:UsersbrendAppDataLocalOrigin

2021-05-15 10:22 – 2021-06-05 10:11 – 000003082 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onLogOn

2021-05-15 10:22 – 2021-06-05 10:11 – 000002702 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onTime

2021-05-15 10:09 – 2021-06-02 20:23 – 000001389 _____ C:UsersbrendAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk

2021-05-15 10:09 – 2021-06-02 20:23 – 000001283 _____ C:UsersbrendDesktopESET Online Scanner.lnk

2021-05-15 10:09 – 2021-05-15 10:09 – 000000000 ____D C:UsersbrendAppDataLocalESET

2021-05-14 11:59 – 2021-05-31 02:35 – 000000000 ____D C:UsersbrendDocumentsBioWare

2021-05-12 18:50 – 2021-05-12 18:50 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2021-05-12 18:50 – 2021-05-12 18:50 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2021-05-12 18:50 – 2021-05-12 18:50 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll

2021-05-12 18:50 – 2021-05-12 18:50 – 001314120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2021-05-12 18:50 – 2021-05-12 18:50 – 001163776 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-05-12 18:50 – 2021-05-12 18:50 – 000700928 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-05-12 18:50 – 2021-05-12 18:50 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe

2021-05-12 18:50 – 2021-05-12 18:50 – 000011351 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-05-12 18:49 – 2021-05-12 18:49 – 001823816 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-05-12 18:49 – 2021-05-12 18:49 – 001393504 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-05-12 18:49 – 2021-05-12 18:49 – 000165888 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-05-12 18:49 – 2021-05-12 18:49 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe

2021-05-09 23:40 – 2021-05-09 23:40 – 000000000 ____D C:ProgramDataCD Projekt Red

2021-05-09 23:23 – 2021-06-04 11:31 – 000002459 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave Nightly.lnk

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-06-05 16:00 – 2021-01-24 11:00 – 000000000 ____D C:FRST

2021-06-05 12:25 – 2019-02-14 07:00 – 000000000 ____D C:ProgramDataNVIDIA

2021-06-05 12:20 – 2021-01-24 19:56 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-06-05 11:38 – 2021-01-24 20:05 – 000777858 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-06-05 11:38 – 2019-12-07 02:13 – 000000000 ____D C:WINDOWSINF

2021-06-05 11:31 – 2021-01-27 00:16 – 000000000 ____D C:ProgramDataAvast Software

2021-06-05 11:31 – 2021-01-24 20:01 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-06-05 11:31 – 2021-01-24 19:56 – 000008192 ___SH C:DumpStack.log.tmp

2021-06-05 11:31 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSServiceState

2021-06-05 11:31 – 2019-12-07 02:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-06-05 11:30 – 2019-12-07 02:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-06-05 11:29 – 2019-12-07 02:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-06-05 10:48 – 2020-11-16 11:08 – 000000000 ____D C:UsersbrendAppDataRoamingOpera Software

2021-06-05 10:31 – 2019-12-13 12:58 – 000000000 ____D C:UsersbrendAppDataRoamingDiscord

2021-06-05 10:30 – 2019-12-07 02:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-06-05 10:08 – 2021-01-24 20:01 – 000002916 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1307597374-3854856505-3781856823-500

2021-06-05 09:45 – 2019-03-18 20:30 – 000000000 ____D C:Program Files (x86)Steam

2021-06-05 07:56 – 2019-12-13 12:58 – 000002240 _____ C:UsersbrendDesktopDiscord.lnk

2021-06-05 07:56 – 2019-12-13 12:58 – 000000000 ____D C:UsersbrendAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-06-05 07:56 – 2019-12-13 12:57 – 000000000 ____D C:UsersbrendAppDataLocalSquirrelTemp

2021-06-05 07:53 – 2019-01-15 09:56 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-06-05 07:51 – 2019-03-28 11:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMySQL

2021-06-05 07:51 – 2019-03-28 11:30 – 000000000 ____D C:Program Files (x86)MySQL

2021-06-05 07:45 – 2021-05-02 16:04 – 000000000 ____D C:UsersbrendAppDataRoamingMicrosoftWindowsStart MenuProgramsPython 2.7

2021-06-05 07:40 – 2021-01-27 10:31 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job

2021-06-05 07:28 – 2021-01-27 10:30 – 000000000 ____D C:WINDOWSpss

2021-06-05 07:05 – 2020-11-29 01:37 – 000000000 ____D C:ProgramDataHitmanPro

2021-06-05 06:08 – 2021-01-24 10:14 – 000001872 _____ C:UsersbrendDesktopRkill.txt

2021-06-05 06:06 – 2021-01-25 21:34 – 000000000 ____D C:AdwCleaner

2021-06-05 05:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-06-05 02:14 – 2021-01-24 10:16 – 000000000 ____D C:UsersbrendDesktopmbar

2021-06-05 01:00 – 2019-04-30 10:46 – 000000000 ____D C:Program FilesGIMP 2

2021-06-05 00:36 – 2019-03-19 12:24 – 000000000 ____D C:UsersbrendAppDataLocalVirtualStore

2021-06-05 00:17 – 2019-03-19 12:24 – 000000000 ___RD C:UsersbrendAppDataLocalPackages

2021-06-04 23:04 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-06-04 22:10 – 2021-01-27 00:17 – 000004264 _____ C:WINDOWSsystem32TasksAvast Emergency Update

2021-06-04 19:54 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-06-04 14:31 – 2020-09-04 00:07 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-06-04 14:31 – 2020-09-04 00:07 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-06-04 14:31 – 2020-09-04 00:07 – 000002283 _____ C:ProgramDataDesktopMicrosoft Edge.lnk

2021-06-04 14:31 – 2019-12-07 02:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-06-04 04:22 – 2021-01-27 00:17 – 000000000 ____D C:WINDOWSsystem32TasksAvast Software

2021-06-04 04:22 – 2021-01-24 20:01 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000003366 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineUA

2021-06-04 04:22 – 2021-01-24 20:01 – 000003196 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000003152 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000003142 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineCore

2021-06-04 04:22 – 2021-01-24 20:01 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2021-01-24 20:01 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-04 04:22 – 2019-03-19 13:03 – 000000000 ____D C:UsersbrendAppDataLocalCrashDumps

2021-06-03 19:32 – 2021-04-14 13:55 – 000002371 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk

2021-06-03 19:32 – 2021-04-14 13:55 – 000002330 _____ C:UsersPublicDesktopBrave.lnk

2021-06-03 19:32 – 2021-04-14 13:55 – 000002330 _____ C:ProgramDataDesktopBrave.lnk

2021-06-02 20:55 – 2019-03-24 12:31 – 000000000 ____D C:ProgramDataOrigin

2021-06-02 20:19 – 2021-01-24 19:57 – 000000000 ____D C:Usersbrend

2021-06-02 20:10 – 2019-03-28 11:30 – 000000000 ____D C:ProgramDataMySQL

2021-06-02 20:06 – 2019-03-28 11:50 – 000000023 _____ C:WINDOWSODBCINST.INI

2021-06-02 19:58 – 2021-02-09 00:25 – 000000000 ___RD C:UsersbrendOneDrive

2021-06-02 19:57 – 2019-03-22 14:37 – 000000000 ____D C:Program FilesGit

2021-05-31 05:08 – 2021-01-27 00:17 – 000522864 _____ (AVAST Software) C:WINDOWSsystem32DriversaswNetHub.sys

2021-05-31 00:51 – 2019-03-24 12:27 – 000000000 ____D C:UsersbrendAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2021-05-30 20:44 – 2019-08-25 15:49 – 000000000 ____D C:Program Files7-Zip

2021-05-29 23:20 – 2021-02-07 04:07 – 000003274 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d6f2c62ef53d3e

2021-05-29 23:20 – 2021-01-24 20:01 – 000003468 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-05-29 23:20 – 2021-01-24 20:01 – 000003244 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-05-29 23:20 – 2021-01-24 20:01 – 000002894 _____ C:WINDOWSsystem32TasksProtonVPN Update

2021-05-29 23:11 – 2021-04-18 07:41 – 000000000 ____D C:UsersbrendAppDataLocalStar Citizen

2021-05-29 23:11 – 2021-04-17 07:16 – 000000000 ____D C:UsersbrendAppDataRoamingRSI Launcher

2021-05-29 23:11 – 2021-01-31 15:55 – 000000000 ____D C:WINDOWSMinidump

2021-05-29 23:11 – 2020-12-02 20:24 – 000000000 ____D C:ProgramDataVirtualBox

2021-05-29 23:11 – 2019-04-01 17:54 – 000000000 ____D C:UsersbrendAppDataRoamingCode

2021-05-29 23:10 – 2021-01-27 00:18 – 000000000 ____D C:UsersbrendAppDataRoamingAvast Software

2021-05-29 23:10 – 2021-01-27 00:17 – 000000000 ____D C:Program FilesCommon FilesAvast Software

2021-05-29 23:10 – 2021-01-27 00:17 – 000000000 ____D C:Program FilesAvast Software

2021-05-28 02:02 – 2021-01-21 16:51 – 000000000 ____D C:UsersbrendAppDataRoamingatomic

2021-05-26 02:58 – 2019-03-19 12:24 – 000000000 ____D C:UsersbrendAppDataLocalConnectedDevicesPlatform

2021-05-25 13:08 – 2021-01-27 00:17 – 000851144 _____ (AVAST Software) C:WINDOWSsystem32DriversaswSnx.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000471352 _____ (AVAST Software) C:WINDOWSsystem32DriversaswSP.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000365536 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbidsdriver.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000326976 _____ (AVAST Software) C:WINDOWSsystem32DriversaswVmm.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000250336 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbidsh.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000216360 _____ (AVAST Software) C:WINDOWSsystem32DriversaswArPot.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000180944 _____ (AVAST Software) C:WINDOWSsystem32DriversaswMonFlt.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000107792 _____ (AVAST Software) C:WINDOWSsystem32DriversaswRdr2.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000099296 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbuniv.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000082856 _____ (AVAST Software) C:WINDOWSsystem32DriversaswRvrt.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000041296 _____ (AVAST Software) C:WINDOWSsystem32DriversaswKbd.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000035664 _____ (AVAST Software) C:WINDOWSsystem32DriversaswArDisk.sys

2021-05-25 13:08 – 2021-01-27 00:17 – 000017328 _____ (AVAST Software) C:WINDOWSsystem32DriversaswElam.sys

2021-05-19 22:00 – 2019-03-31 15:34 – 000000000 ____D C:UsersbrendDocumentsMy Games

2021-05-19 09:25 – 2021-01-21 16:50 – 000002447 _____ C:UsersbrendDesktopAtomic Wallet.lnk

2021-05-16 02:57 – 2019-03-24 12:32 – 000000000 ____D C:UsersbrendAppDataLocalD3DSCache

2021-05-15 10:36 – 2019-02-14 06:59 – 000000000 ____D C:Intel

2021-05-15 09:42 – 2019-03-19 12:24 – 000000000 __SHD C:UsersbrendIntelGraphicsProfiles

2021-05-13 11:15 – 2021-01-24 19:17 – 007212224 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-05-13 03:38 – 2020-12-04 11:25 – 000136472 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys

2021-05-13 00:22 – 2019-12-07 02:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-05-13 00:20 – 2019-12-07 02:50 – 000000000 ____D C:WINDOWSsystem32OpenSSH

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ___RD C:WINDOWSPrintDialog

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSystemResources

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSProvisioning

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSDiagTrack

2021-05-13 00:20 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-05-12 18:51 – 2019-12-07 02:52 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll

2021-05-12 18:45 – 2019-03-19 14:29 – 000000000 ____D C:WINDOWSsystem32MRT

2021-05-12 18:43 – 2019-03-19 14:28 – 132732536 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-05-12 00:48 – 2021-04-17 07:16 – 000000000 ____D C:UsersbrendAppDataRoamingrsilauncher

2021-05-11 02:47 – 2019-08-27 16:33 – 000000000 ____D C:UsersbrendAppDataLocalBattle.net

2021-05-11 02:45 – 2019-08-27 16:32 – 000000000 ____D C:Program Files (x86)Battle.net

2021-05-09 23:23 – 2021-04-14 13:55 – 000000000 ____D C:Program FilesBraveSoftware

2021-05-09 23:23 – 2020-10-19 17:25 – 000000000 ____D C:UsersbrendAppDataLocalBraveSoftware

2021-05-06 00:55 – 2020-03-06 19:19 – 000000000 ____D C:UsersbrendDocumentsStarCraft II

2021-05-06 00:52 – 2021-01-24 19:43 – 000000000 ___SD C:WINDOWSsystem32lxss

2021-05-06 00:52 – 2020-03-08 19:31 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-05-06 00:52 – 2019-03-22 08:36 – 000000000 ____D C:UsersbrendAppDataLocalNVIDIA

 

==================== Files in the root of some directories ========

 

2021-01-24 16:07 – 2021-01-24 16:08 – 000000016 _____ () C:UsersbrendAppDataRoamingobs-virtualcam.txt

2021-01-28 19:03 – 2021-01-28 19:03 – 000003230 _____ () C:UsersbrendAppDataLocalrecently-used.xbel

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2021 01

Ran by DarkSeid (05-06-2021 16:01:23)

Running from C:UsersbrendDesktopfarbarlogs

Windows 10 Home Version 20H2 19042.985 (X64) (2021-01-25 03:01:58)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-1307597374-3854856505-3781856823-500 – Administrator – Disabled)

DarkSeid (S-1-5-21-1307597374-3854856505-3781856823-1001 – Administrator – Enabled) => C:Usersbrend

DefaultAccount (S-1-5-21-1307597374-3854856505-3781856823-503 – Limited – Disabled)

Guest (S-1-5-21-1307597374-3854856505-3781856823-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-1307597374-3854856505-3781856823-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Spybot – Search and Destroy (Enabled – Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Avast Antivirus (Enabled – Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Atomic Wallet 2.29.0 (HKUS-1-5-21-1307597374-3854856505-3781856823-1001…{0ba5fe9b-2a0d-54e2-a47a-d2764be56a7d}) (Version: 2.29.0 – atomicwallet.io)

Avast Cleanup Premium (HKLM…Avast Cleanup) (Version: 21.1.9940.2746 – Avast Software)

Avast Free Antivirus (HKLM-x32…Avast Antivirus) (Version: 21.4.2464 – Avast Software)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Blender (HKLM…{64FCD268-AF5F-403D-B51B-00BC2D47DD0B}) (Version: 2.91.0 – Blender Foundation)

Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 91.1.25.70 – Brave Software Inc)

Brave Nightly (HKLM-x32…BraveSoftware Brave-Browser-Nightly) (Version: 91.1.27.42 – Brave Software Inc)

ControlCenter 3.0 Driver v1.13 (HKLM-x32…{52CF73F1-9FE1-4917-AE56-55BF319988EC}) (Version: 1.13.0 – Control Center)

Diablo II (HKLM-x32…Diablo II) (Version: 0.0.0.0 – Blizzard Entertainment)

Discord (HKUS-1-5-21-1307597374-3854856505-3781856823-1001…Discord) (Version: 1.0.9002 – Discord Inc.)

Epic Games Launcher (HKLM-x32…{5B340CD5-07E3-41AA-9117-0A0EC863E454}) (Version: 1.1.220.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 – Google LLC) Hidden

HitmanPro 3.8 (HKLM…HitmanPro38) (Version: 3.8.23.318 – SurfRight B.V.)

Intel® Chipset Device Software (HKLM-x32…{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 – Intel® Corporation)

Intel® Dynamic Platform and Thermal Framework (HKLM-x32…{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10101.6917 – Intel Corporation)

Intel® HID Event Filter (HKLM-x32…3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.375 – Intel Corporation)

Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1842.12.0.1168 – Intel Corporation)

Intel® Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6374 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.9.1027 – Intel Corporation)

Intel® Serial IO (HKLM…{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 – Intel Corporation)

Intel® Trusted Connect Service Client x86 (HKLM-x32…{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 – Intel Corporation) Hidden

Intel® Trusted Connect Services Client (HKLM-x32…{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 – Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32…{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 – Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32…{cc6edfa9-9806-4a53-9313-f8e2d11d69c4}) (Version: 20.120.0 – Intel Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

LBRY 0.48.2 (HKLM…e406725b-d361-5b1c-81f7-0a4c5ac54cb3) (Version: 0.48.2 – LBRY Inc.)

LOOT version 0.16.0 (HKLM-x32…{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.16.0 – LOOT Team)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.41 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Windows Desktop Runtime – 3.1.11 (x64) (HKLM-x32…{e746e6a9-8254-4477-bbe0-a05900ec44e3}) (Version: 3.1.11.29516 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation)

NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.22.0.32 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 – NVIDIA Corporation)

NVIDIA Graphics Driver 466.47 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.60 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

NVIDIA USBC Driver 1.46.831.832 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 – NVIDIA Corporation)

Origin (HKLM-x32…Origin) (Version: 10.5.100.48178 – Electronic Arts, Inc.)

Project Diablo 2 (HKLM-x32…{822B3055-5F16-4934-A1FC-378AB0181A66}_is1) (Version: 1.0 – projectdiablo2.com)

ProtonVPN (HKLM-x32…{D19979C9-8B5B-4500-AA6A-EF331F658074}) (Version: 1.17.5 – Proton Technologies AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.17.5) (Version: 1.17.5 – Proton Technologies AG)

ProtonVPNTap (HKLM-x32…{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 – Proton Technologies AG)

Python 2.7.18 (64-bit) (HKLM…{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 – Python Software Foundation)

Python 3.7.3 Add to Path (32-bit) (HKLM-x32…{2DB1318D-E51C-419B-99D5-D15F7120BD09}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Core Interpreter (32-bit debug) (HKLM-x32…{781EB95F-B4AF-40FA-9F54-00F94309BDE1}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Core Interpreter (32-bit symbols) (HKLM-x32…{4953149C-FF53-47F0-AE87-BA0D10C5042F}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32…{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Core Interpreter (64-bit) (HKLM…{C0018D52-93E9-4331-A17F-C040CE3A5B0F}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Development Libraries (32-bit debug) (HKLM-x32…{5F6E2AD7-0231-4C17-B7CA-208BDD81E14B}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Development Libraries (32-bit) (HKLM-x32…{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Development Libraries (64-bit) (HKLM…{1B267487-4679-4044-A552-84DD4038CA43}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Documentation (32-bit) (HKLM-x32…{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Documentation (64-bit) (HKLM…{191BD530-3F3D-43AE-A903-0F96D4FC8B25}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Executables (32-bit debug) (HKLM-x32…{A37BCC61-603A-461B-AB57-A69245AA845C}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Executables (32-bit symbols) (HKLM-x32…{E354575A-53D7-4BC2-8192-FC61BF4D8869}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Executables (32-bit) (HKLM-x32…{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Executables (64-bit) (HKLM…{0BCF826B-3863-44FA-8562-F51BBF326AC1}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32…{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 pip Bootstrap (64-bit) (HKLM…{71ACF08D-4328-4A9E-9146-96765CB5EAD2}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Standard Library (32-bit debug) (HKLM-x32…{8C9C7C76-D74A-4DD1-ABC4-77861CD51331}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Standard Library (32-bit symbols) (HKLM-x32…{433F0D39-FE8E-4183-B032-D99E33ADB098}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Standard Library (32-bit) (HKLM-x32…{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Standard Library (64-bit) (HKLM…{CAD7D30A-2F6F-4565-A83D-92EABF40C587}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Tcl/Tk Support (32-bit debug) (HKLM-x32…{9F10336E-63ED-4379-84A9-C49F608CB052}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Tcl/Tk Support (32-bit symbols) (HKLM-x32…{FCF5A835-ADE6-4AE2-B33F-A38C32FCCED8}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32…{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Tcl/Tk Support (64-bit) (HKLM…{DA3783AD-20F9-4119-BE30-9C3ACF888C3B}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Test Suite (32-bit debug) (HKLM-x32…{5070E86E-3458-4639-81F3-7822D37BC5C8}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Test Suite (32-bit symbols) (HKLM-x32…{30FD277B-26A7-4879-B6C0-CEFD3F719835}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Test Suite (32-bit) (HKLM-x32…{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Test Suite (64-bit) (HKLM…{19E966E1-0536-4D97-8B2C-34B6D0AC6B00}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32…{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python 3.7.3 Utility Scripts (64-bit) (HKLM…{CA54F025-DD88-408B-85F4-682C2B3A4E76}) (Version: 3.7.3150.0 – Python Software Foundation) Hidden

Python Launcher (HKLM-x32…{A28C27E4-A725-482A-9C65-61EDC0E4D583}) (Version: 3.7.6657.0 – Python Software Foundation)

Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21310 – Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8633 – Realtek Semiconductor Corp.)

REDlauncher (HKUS-1-5-21-1307597374-3854856505-3781856823-1001…{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  – GOG.com)

Revo Uninstaller 2.2.5 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 – VS Revo Group, Ltd.)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.36.344 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.7.9 – Rockstar Games)

RogueKiller version 14.8.6.0 (HKLM…8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.6.0 – Adlice Software)

RSI Launcher 1.4.10 (HKLM…81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.10 – Cloud Imperium Games)

Shadow Era Launcher 1.60 (HKLM-x32…{69EE23BB-4A14-4631-B2B3-B14748F56FF7}_is1) (Version: 1.60 – Wulven Game Studios)

Sophos Virus Removal Tool (HKLM-x32…{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 – Sophos Limited)

Spybot – Search & Destroy (HKLM-x32…{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 – Safer-Networking Ltd.)

Spybot Anti-Beacon (HKLM-x32…{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.7 – Safer-Networking Ltd.)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Streamlabs OBS 0.27.0 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.0 – General Workings, Inc.)

SUPERAntiSpyware (HKLM…{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1228 – SUPERAntiSpyware.com)

UCheck version 4.0.3.0 (HKLM…C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.0.3.0 – Adlice Software)

WinRAR 6.02 beta 1 (64-bit) (HKLM…WinRAR archiver) (Version: 6.02.1 – win.rar GmbH)

Zemana AntiMalware version 3.2.28 (HKLM-x32…{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 – Zemana)

 

Packages:

=========

Control Center 3.0 -> C:Program FilesWindowsAppsCLEVOCO.ControlCenter3.0_3.2.0.0_x64__6h6z29zh29qx0 [2020-09-04] (CLEVO CO.)

Fan Speed Setting -> C:Program FilesWindowsAppsCLEVOCO.504814C03D814_3.2.0.0_x64__6h6z29zh29qx0 [2021-01-22] (CLEVO CO.)

Flexikey -> C:Program FilesWindowsAppsCLEVOCO.Flexikey_3.10.0.0_x86__6h6z29zh29qx0 [2020-12-18] (CLEVO CO.)

Fn hot keys and OSD -> C:Program FilesWindowsAppsCLEVOCO.FnhotkeysandOSD_3.29.0.0_x64__6h6z29zh29qx0 [2021-02-03] (CLEVO CO.) [Startup Task]

HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-07] (HP Inc.)

Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-07] (INTEL CORP) [Startup Task]

Intel® Graphics Control Panel -> C:Program FilesWindowsAppsAppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-20] (INTEL CORP)

Led Keyboard Setting -> C:Program FilesWindowsAppsCLEVOCO.LedKeyboardSetting_3.9.0.0_x64__6h6z29zh29qx0 [2020-10-19] (CLEVO CO.)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-04] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-19] (Microsoft Corporation)

Phototastic Collage -> C:Program FilesWindowsAppsThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-21] (Thumbmunkeys Ltd)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.16.228.0_x64__dt26b99r8h8gj [2021-06-04] (Realtek Semiconductor Corp)

Sound Blaster Connect -> C:Program FilesWindowsAppsCreativeTechnologyLtd.SoundBlasterConnect_2.2.15.0_x86__13fcda18mhdz2 [2020-09-04] (Creative Technology Ltd.)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAvast SoftwareAvastashShell.dll [2021-05-25] (Avast Software s.r.o. -> AVAST Software)

ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAvast SoftwareAvastashShell.dll [2021-05-25] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:Program Files (x86)ZemanaAntiMalwareAM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAvast SoftwareAvastashShell.dll [2021-05-25] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:Program Files (x86)Spybot – Search & Destroy 2SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAvast SoftwareAvastashShell.dll [2021-05-25] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvcvi.inf_amd64_44b6b6d5bb153aa6nvshext.dll [2021-05-13] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:Program Files (x86)ZemanaAntiMalwareAM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAvast SoftwareAvastashShell.dll [2021-05-25] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-05-30] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersbrendDesktopProfile 2 – Brave.lnk -> C:Program FilesBraveSoftwareBrave-Browser-NightlyApplicationbrave.exe (Brave Software, Inc.) -> –profile-directory=”Profile 19″

ShortcutWithArgument: C:UsersbrendAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcutse4ed22b324357c2eMicrosoft Edge.lnk -> C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe (Microsoft Corporation) -> –profile-directory=”Profile 2″

ShortcutWithArgument: C:UsersbrendAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts786049a870132e87Profile 1 – Brave.lnk -> C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc.) -> –profile-directory=”Profile 19″

ShortcutWithArgument: C:UsersbrendAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts5026628f80ae5f53The  Dude – Brave.lnk -> C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc.) -> –profile-directory=”Profile 14″

 

==================== Loaded Modules (Whitelisted) =============

 

2019-02-14 07:11 – 2019-02-14 07:11 – 002644480 _____ (TODO: <公司名稱>) [File not signed] C:Program FilesWindowsAppsCLEVOCO.FnhotkeysandOSD_3.29.0.0_x64__6h6z29zh29qx0FnKeyaudio10ec.dll

2020-09-04 00:15 – 2020-09-04 00:15 – 002492416 _____ (TODO: <公司名稱>) [File not signed] C:Program FilesWindowsAppsCLEVOCO.FnhotkeysandOSD_3.29.0.0_x64__6h6z29zh29qx0FnKeyInsydeDCHU.dll

2021-01-22 01:29 – 2021-01-22 01:29 – 002844160 _____ (TODO: <公司名稱>) [File not signed] C:Program FilesWindowsAppsCLEVOCO.FnhotkeysandOSD_3.29.0.0_x64__6h6z29zh29qx0FnKeypowerlife.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:ProgramDataMTA San Andreas All:NT [40]

AlternateDataStreams: C:ProgramDataMTA San Andreas All:NT2 [902]

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [468]

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimal55765085.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalamsdk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalaswSP.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetwork55765085.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkamsdk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkaswSP.sys => “”=”Driver”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-1307597374-3854856505-3781856823-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.msn.com/

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU.DEFAULT…07guard.com -> install.007guard.com

IE restricted site: HKU.DEFAULT…08i.com -> 008i.com

IE restricted site: HKU.DEFAULT…08k.com -> www.008k.com

IE restricted site: HKU.DEFAULT…0hq.com -> www.00hq.com

IE restricted site: HKU.DEFAULT…10402.com -> 010402.com

IE restricted site: HKU.DEFAULT…32439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU.DEFAULT…scan.com -> www.0scan.com

IE restricted site: HKU.DEFAULT…1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU.DEFAULT…1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU.DEFAULT…1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU.DEFAULT…1001namen.com -> www.1001namen.com

IE restricted site: HKU.DEFAULT…100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU.DEFAULT…100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU.DEFAULT…10sek.com -> www.10sek.com

IE restricted site: HKU.DEFAULT…12-26.net -> user1.12-26.net

IE restricted site: HKU.DEFAULT…12-27.net -> user1.12-27.net

IE restricted site: HKU.DEFAULT…123fporn.info -> www.123fporn.info

IE restricted site: HKU.DEFAULT…123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU.DEFAULT…123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU.DEFAULT…123simsen.com -> www.123simsen.com

 

There are 7940 more sites.

 

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…07guard.com -> install.007guard.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…08i.com -> 008i.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…08k.com -> www.008k.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…0hq.com -> www.00hq.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…10402.com -> 010402.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…32439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…scan.com -> www.0scan.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…1001namen.com -> www.1001namen.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…100888290cs.com -> mir.100888290cs.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…10sek.com -> www.10sek.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…12-26.net -> user1.12-26.net

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…12-27.net -> user1.12-27.net

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…123fporn.info -> www.123fporn.info

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKUS-1-5-21-1307597374-3854856505-3781856823-1001…123simsen.com -> www.123simsen.com

 

There are 7940 more sites.

 

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2021-06-05 06:06 – 2021-06-05 07:42 – 000001531 _____ C:WINDOWSsystem32driversetchosts

0.0.0.0 app-sj01.marketo.com‍

0.0.0.0 analytics.rollout.io

0.0.0.0 a.fiksu.com

0.0.0.0 sdk.fiksu.com

0.0.0.0 static.hotjar.com

0.0.0.0 flow.lavasoft.com

0.0.0.0 telemetry.malwarebytes.com

0.0.0.0 ws.mcafee.com

0.0.0.0 analytics.ccs.mcafee.com

0.0.0.0 analyticsdcs.ccs.mcafee.com

0.0.0.0 h.online-metrix.net

0.0.0.0 analytics.paddle.com

0.0.0.0 carcharodon.trendmicro.com

0.0.0.0 cdn.segment.com

0.0.0.0 api.segment.io

0.0.0.0 mobile-service.segment.com

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-1307597374-3854856505-3781856823-1001Control PanelDesktop\Wallpaper -> C:UsersbrendAppDataLocalPackagesMicrosoft.Windows.Photos_8wekyb3d8bbweLocalStatePhotosAppBackground1491401505_Starfield2.png

DNS Servers: 71.10.216.1 – 71.10.216.2

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “TuneupUI.exe”

HKLM…StartupApprovedRun32: => “SDTray”

HKLM…StartupApprovedRun32: => “Discord”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Steam”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “EpicGamesLauncher”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Discord”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “LBRY”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “6080010F2B4A9CA7227C37C1DEFB6E637AF0A3D6._service_run”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Wargaming.net Game Center”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Gaijin.Net Updater”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Spotify”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “Voicemod”

HKUS-1-5-21-1307597374-3854856505-3781856823-1001…StartupApprovedRun: => “SUPERAntiSpyware”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [Microsoft-Windows-Unified-Telemetry-Client] => (Block) C:WINDOWSsystem32svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{997AC0EB-C40F-435D-A58B-5C2E06DF95C5}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [{C4AA7A90-0FF5-4DF2-9204-68E351E6B59A}] => (Allow) C:Program Files (x86)Steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [UDP Query User{9F1E175B-31E8-48E2-AEBC-4EF818C18883}C:program files (x86)steamsteam.exe] => (Allow) C:program files (x86)steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{7BB2767D-4E52-4698-AF83-1577B199A95E}C:program files (x86)steamsteam.exe] => (Allow) C:program files (x86)steamsteam.exe (Valve -> Valve Corporation)

FirewallRules: [{4D99EC0D-24C4-446A-9FE6-0B271AF71181}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{CC8C1DC2-3C89-4419-9312-4D8E704B071B}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

StandardProfileAuthorizedApplications: [C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfileAuthorizedApplications: [C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

StandardProfileAuthorizedApplications: [C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe] => Enabled:Spybot – Search & Destroy tray access

StandardProfileAuthorizedApplications: [C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

 

==================== Restore Points =========================

 

05-06-2021 02:09:53 Installed Qualys BrowserCheck

05-06-2021 02:17:57 JRT Pre-Junkware Removal

05-06-2021 02:28:05 Revo Uninstaller’s restore point – Baldur’s Gate II: Enhanced Edition

05-06-2021 02:29:04 Revo Uninstaller’s restore point – Baldur’s Gate: Enhanced Edition

05-06-2021 02:29:32 Revo Uninstaller’s restore point – Baldur’s Gate: Enhanced Edition – Faces of Good and Evil

05-06-2021 02:29:59 Revo Uninstaller’s restore point – Baldur’s Gate: Siege of Dragonspear

05-06-2021 02:31:55 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 02:32:30 Revo Uninstaller’s restore point – PlanetSide 2

05-06-2021 02:32:54 Revo Uninstaller’s restore point – Project Diablo 2

05-06-2021 02:33:18 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 02:33:45 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 02:33:57 Removed MySQL for Visual Studio 1.2.8

05-06-2021 02:34:50 Revo Uninstaller’s restore point – RAGE Multiplayer

05-06-2021 02:35:02 Removed RAGE Multiplayer

05-06-2021 02:35:23 Revo Uninstaller’s restore point – RAGE Multiplayer

05-06-2021 02:35:51 Revo Uninstaller’s restore point – Qualys BrowserCheck

05-06-2021 02:36:04 Removed Qualys BrowserCheck

05-06-2021 07:04:42 Checkpoint by HitmanPro

05-06-2021 07:05:23 Checkpoint by HitmanPro

05-06-2021 07:46:48 Revo Uninstaller’s restore point – Python 3.7.3 (32-bit)

05-06-2021 07:47:32 Revo Uninstaller’s restore point – Python 3.7.3 (64-bit)

05-06-2021 07:49:35 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 07:49:51 Removed MySQL for Visual Studio 1.2.8

05-06-2021 07:50:22 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 07:51:20 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 07:53:41 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 07:54:29 Revo Uninstaller’s restore point – MySQL for Visual Studio 1.2.8

05-06-2021 10:29:46 Revo Uninstaller’s restore point – Malwarebytes version 4.4.0.117

05-06-2021 11:24:31 Restore Point Created by FRST

05-06-2021 11:33:44 Installed Sophos Virus Removal Tool.

 

==================== Faulty Device Manager Devices ============

 

Name: Chicony USB2.0 Camera

Description: USB Video Device

Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}

Manufacturer: Microsoft

Service: usbvideo

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (06/05/2021 11:30:40 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

 

Error: (06/05/2021 11:30:40 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

]

 

Error: (06/05/2021 11:30:40 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

 

Error: (06/05/2021 11:30:40 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

]

 

Error: (06/05/2021 11:24:30 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.

.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {2035c1e6-86db-4691-8b90-e98322b644c6}

 

Error: (06/05/2021 10:31:26 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

 

Error: (06/05/2021 10:31:26 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

 

Error: (06/05/2021 10:31:26 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

]

 

 

System errors:

=============

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Extreme Tuning Utility Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Capability Licensing Service TCP IP Interface service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/05/2021 11:24:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Intel® SGX AESM service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

 

Error: (06/05/2021 11:24:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

Error: (06/05/2021 11:24:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Content Protection HECI Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

Windows Defender:

================

Date: 2021-06-05 01:42:10

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-04 01:15:20

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-02 06:57:46

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-02 06:53:34

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-01 04:50:48

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-05 07:40:23

Description: 

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode 

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

 

Date: 2021-06-05 07:29:56

Description: 

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode 

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

 

Date: 2021-06-03 20:31:06

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.339.1944.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18100.6

Error code: 0x80070643

Error description: Fatal error during installation. 

 

Date: 2021-06-03 20:31:05

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.341.8.0

Previous security intelligence Version: 1.339.1944.0

Update Source: User

Security intelligence Type: AntiSpyware

Update Type: Delta

Current Engine Version: 1.1.18200.4

Previous Engine Version: 1.1.18100.6

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-03 20:31:05

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.341.8.0

Previous security intelligence Version: 1.339.1944.0

Update Source: User

Security intelligence Type: AntiVirus

Update Type: Delta

Current Engine Version: 1.1.18200.4

Previous Engine Version: 1.1.18100.6

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

CodeIntegrity:

===============

Date: 2021-06-05 16:03:09

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume5Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe) attempted to load DeviceHarddiskVolume5Program FilesAvast SoftwareAvastaswhook.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: INSYDE Corp. 1.07.02LS1 12/22/2018

Motherboard: Notebook P9XXEN_EF_ED

Processor: Intel® Core™ i7-8750H CPU @ 2.20GHz

Percentage of memory in use: 38%

Total physical RAM: 16187.55 MB

Available physical RAM: 9911.03 MB

Total Virtual: 19899.55 MB

Available Virtual: 11987.55 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:231.7 GB) (Free:62.83 GB) NTFS

Drive d: () (Fixed) (Total:931.51 GB) (Free:165.62 GB) NTFS

 

\?Volume{55e99fbe-f5ad-454b-ad81-2eb5ffd29716} (Windows RE tools) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS

\?Volume{9505d4df-57b9-444b-a4c5-860ac57f060c} () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

\?Volume{9c2b2170-371d-43cc-99ca-c0affe75e97d} (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 95220A76)

 

Partition: GPT.

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 95220A14)

Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt =======================





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

− three = one