double files and pretty sure i have a trojan or malware :’) | #firefox | #chrome | #microsoftedge

Hello, i have alot of background tasks and weird programs in folders they shouldn’t be.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021

Ran by hundenabbe (administrator) on ALBIN (ASUS System Product Name) (24-11-2021 22:20:09)

Running from C:UsershundeDesktop

Loaded Profiles: hundenabbe

Platform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Language: Svenska (Sverige)

Default browser: Edge

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsair.Service.CpuIdRemote64.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsair.Service.DisplayAdapter.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsair.Service.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsairMsiPluginService.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCueLLAccessService.exe

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:Program FilesCorsairCORSAIR iCUE 4 SoftwareiCUE.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <36>

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_ffc75848a6342fdfjhi_service.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeWebViewApplication96.0.1054.29msedgewebview2.exe <6>

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32CredentialEnrollmentManager.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32DataExchangeHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <5>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SystemSettingsAdminFlows.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.345_none_04b3f78d4c83ab0fTiWorker.exe

(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:WindowsSystem32CorsairGamingAudioCfgService64.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderScansMsMpEngCP.exe

(Microsoft Windows) C:Program FilesWindowsAppsmicrosoftwindows.client.webexperience_421.20045.455.0_x64__cw5n1h2txyewyDashboardWidgets.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_b7184c0e1c94c102Display.NvContainerNVDisplay.Container.exe <2>

(Spotify AB -> Spotify Ltd) C:UsershundeAppDataRoamingSpotifySpotify.exe <6>

(Valve Corp. -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe

(Valve Corp. -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve Corp. -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [CORSAIR iCUE 4 Software] => C:Program FilesCorsairCORSAIR iCUE 4 SoftwareiCUE Launcher.exe [181984 2021-10-18] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

HKUS-1-5-21-3031266484-823856351-4240318321-1001…Run: [Spotify] => C:UsershundeAppDataRoamingSpotifySpotify.exe [18750392 2021-11-24] (Spotify AB -> Spotify Ltd)

HKUS-1-5-21-3031266484-823856351-4240318321-1001…Run: [Discord] => C:UsershundeAppDataLocalDiscordUpdate.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)

HKUS-1-5-21-3031266484-823856351-4240318321-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication96.0.4664.45Installerchrmstp.exe [2021-11-24] (Google LLC -> Google LLC)

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {1372FE92-29FB-4A0B-B341-23BAAD8A9449} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {30091CA3-4AAF-44FA-8BE8-71307B1DF370} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {7ACFB8D4-6B99-4A23-A9C8-4BC160D161F0} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-11-24] (Google LLC -> Google LLC)

Task: {8FE32A3D-AD9D-4E57-A4E9-C3858220ED1D} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {F94DE053-01AC-4348-9CEC-70806A01D8B6} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-11-24] (Google LLC -> Google LLC)

Task: {FA3C9172-93D4-409B-BF9C-2CBFA35D63AD} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{4f4b4f13-ccbf-4257-a969-b6c11a76e059}: [DhcpNameServer] 192.168.1.1

 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:UsershundeAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-24]

Edge Profile: C:UsershundeAppDataLocalMicrosoftEdgeUser DataProfile 2 [2021-11-24]

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsershundeAppDataLocalGoogleChromeUser DataDefault [2021-11-24]

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> “hxxps://www.google.com/”

CHR Extension: (Google Drive) – C:UsershundeAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-11-24]

CHR Extension: (YouTube) – C:UsershundeAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-24]

CHR Extension: (Betalning via Chrome Web Store) – C:UsershundeAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-11-24]

CHR Extension: (Gmail) – C:UsershundeAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-11-24]

CHR Profile: C:UsershundeAppDataLocalGoogleChromeUser DataGuest Profile [2021-11-24]

CHR Profile: C:UsershundeAppDataLocalGoogleChromeUser DataSystem Profile [2021-11-24]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 CorsairGamingAudioConfig; C:WindowsSystem32CorsairGamingAudioCfgService64.exe [616360 2021-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAService; C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCueLLAccessService.exe [230616 2021-10-18] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R2 CorsairMsiPluginService; C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsairMsiPluginService.exe [205024 2021-10-18] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R2 CorsairService; C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsair.Service.exe [80600 2021-10-18] (Corsair Memory, Inc. -> Corsair Memory, Inc.)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_b7184c0e1c94c102Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_b7184c0e1c94c102Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 CorsairGamingAudioService; C:WindowsSystem32driversCorsairGamingAudio64.sys [60328 2021-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:Program FilesCorsairCORSAIR iCUE 4 SoftwareCorsairLLAccess64.sys [21752 2021-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)

R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [46600 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

S3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [22536 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 cpuz152; C:WINDOWStempcpuz152cpuz152_x64.sys [35840 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)

S3 Hsp; C:WINDOWSSystem32driversHsp.sys [110904 2021-11-24] (Microsoft Windows -> Microsoft Corporation)

R3 rtcx21; C:WINDOWSSystem32DriverStoreFileRepositoryrtcx21x64.inf_amd64_d2a498d51a4f7becrtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [48520 2021-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [435424 2021-11-24] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-11-24] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

(ADDITION)

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2021

Ran by hundenabbe (24-11-2021 22:20:55)

Running from C:UsershundeDesktop

Microsoft Windows 11 Home Version 21H2 22000.348 (X64) (2021-11-24 05:17:38)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administratör (S-1-5-21-3031266484-823856351-4240318321-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-3031266484-823856351-4240318321-503 – Limited – Disabled)

Gäst (S-1-5-21-3031266484-823856351-4240318321-501 – Limited – Disabled)

hundenabbe (S-1-5-21-3031266484-823856351-4240318321-1001 – Administrator – Enabled) => C:Usershunde

WDAGUtilityAccount (S-1-5-21-3031266484-823856351-4240318321-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

CORSAIR iCUE 4 Software (HKLM…{1141E485-63AD-48C1-9B16-36D593C56D08}) (Version: 4.17.244 – Corsair)

CPUID HWMonitor 1.45 (HKLM…CPUID HWMonitor_is1) (Version: 1.45 – CPUID, Inc.)

Discord (HKUS-1-5-21-3031266484-823856351-4240318321-1001…Discord) (Version: 1.0.9003 – Discord Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 96.0.4664.45 – Google LLC)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.34 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 96.0.1054.29 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 – Microsoft Corporation)

NVIDIA Grafikdrivrutin 496.76 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 – NVIDIA Corporation)

NVIDIA PhysX systemprogramvara 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 – NVIDIA Corporation)

Spotify (HKUS-1-5-21-3031266484-823856351-4240318321-1001…Spotify) (Version: 1.1.72.439.gc253025e – Spotify AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

 

Packages:

=========

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-24] (NVIDIA Corp.)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_b7184c0e1c94c102nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2021-11-24 11:51 – 2021-10-06 02:30 – 126961152 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libcef.dll

2021-11-24 11:51 – 2021-10-06 02:30 – 000384000 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libegl.dll

2021-11-24 11:51 – 2021-10-06 02:30 – 008006656 _____ () [File not signed] C:Program Files (x86)Steambincefcef.win7x64libglesv2.dll

2021-11-21 21:57 – 2021-11-21 21:57 – 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:Program FilesWindowsAppsMicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewyDashboardWebView2Loader.dll

2021-09-08 13:44 – 2021-09-08 13:44 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:Program FilesCorsairCORSAIR iCUE 4 SoftwareSiUSBXp.dll

2021-11-24 11:51 – 2021-10-06 02:30 – 000983552 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Steambincefcef.win7x64chrome_elf.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Local Page = 

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2021-06-05 13:08 – 2021-06-05 13:08 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-3031266484-823856351-4240318321-1001Control PanelDesktop\Wallpaper -> 

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKUS-1-5-21-3031266484-823856351-4240318321-1001…StartupApprovedRun: => “MicrosoftEdgeAutoLaunch_D73F226D171A4651827B00380BA220BE”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{8E7D7DC1-4CD0-42E1-9DF6-8B58488D074B}] => (Allow) C:Program FilesWindowsAppsmicrosoftteams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B185AC89-31B3-4C46-A00F-7210057CFBE3}] => (Allow) C:Program FilesWindowsAppsmicrosoftteams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{42554A33-763E-49F9-B7A4-90570F7EFA32}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication96.0.1054.29msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{1940A3B5-6AB0-4DF5-913C-1FB2BDAD9B5E}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{3D1997AB-9A02-4C5C-BC84-07EDDD7E9182}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{9474F3E0-EEA4-46AC-9EAE-6C521FE1997D}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{91D7F271-94FA-4DA3-8CE7-ADC96C7AC0A9}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{57104E7F-FD42-4364-9A1D-A136AE2B86C7}] => (Allow) C:Program Files (x86)SteamsteamappscommonHalo InfiniteHaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)

FirewallRules: [{EF02F2E1-214C-4893-860B-7A8BD6AC8FA3}] => (Allow) C:Program Files (x86)SteamsteamappscommonHalo InfiniteHaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)

FirewallRules: [TCP Query User{56C5E517-2760-46CB-BCD4-69F0AE1EB525}C:usershundeappdataroamingspotifyspotify.exe] => (Allow) C:usershundeappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{D81C4F13-583E-4986-A84B-FDCEE3B4E505}C:usershundeappdataroamingspotifyspotify.exe] => (Allow) C:usershundeappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5E2F4179-80C0-4467-B903-06B115C4A877}] => (Allow) C:Program Files (x86)SteamsteamappscommonNew WorldNewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)

FirewallRules: [{A35B6BA3-E1CF-4CC9-8912-8AF5076EE580}] => (Allow) C:Program Files (x86)SteamsteamappscommonNew WorldNewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)

FirewallRules: [{67D3D9C9-2081-4D65-8567-F8DBC597FB33}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{F2326431-4030-4A12-814E-32BC483F6F3B}C:windowssystem32mmc.exe] => (Block) C:windowssystem32mmc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [UDP Query User{F4B26904-2F7C-440C-839D-D795CA341E43}C:windowssystem32mmc.exe] => (Block) C:windowssystem32mmc.exe (Microsoft Windows -> Microsoft Corporation)

 

==================== Restore Points =========================

 

24-11-2021 11:03:18 Installationsprogram för Windows-moduler

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (11/24/2021 06:17:48 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT instans)

Description: Användarens registreringsdatafil har lästs in av en annan process (registerlås). Processnamn: C:WindowsSystem32svchost.exe, PID: 6104, ProfSvc PID: 2200.

 

Error: (11/24/2021 06:17:48 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT instans)

Description: Användarens registreringsdatafil har lästs in av en annan process (registerlås). Processnamn: C:WindowsSystem32svchost.exe, PID: 552, ProfSvc PID: 2200.

 

Error: (11/24/2021 06:11:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Fel uppstod när statusen Windows Defender uppdaterades till SECURITY_PRODUCT_STATE_ON.

 

 

System errors:

=============

Error: (11/24/2021 04:59:33 PM) (Source: DCOM) (EventID: 10001) (User: Albin)

Description: Det gick inte att starta en DCOM-server: Microsoft.MicrosoftEdge_44.22000.120.0_neutral__8wekyb3d8bbwe!MicrosoftEdge som Inte tillgänglig/Inte tillgänglig. Felet:

“2147942402”

inträffade när det här kommandot startades:

“C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweMicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

 

Error: (11/24/2021 04:21:00 PM) (Source: Server) (EventID: 2505) (User: )

Description: Servern kunde inte binda till transporten DeviceNetBT_Tcpip_{4F4B4F13-CCBF-4257-A969-B6C11A76E059} på grund av att en annan dator på nätverket har samma namn. Servern kunde inte starta.

 

Error: (11/24/2021 03:57:33 PM) (Source: DCOM) (EventID: 10010) (User: NT instans)

Description: Servern {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} registrerades inte med DCOM inom erforderlig timeout.

 

Error: (11/24/2021 03:57:33 PM) (Source: DCOM) (EventID: 10010) (User: NT instans)

Description: Servern {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} registrerades inte med DCOM inom erforderlig timeout.

 

Error: (11/24/2021 11:52:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten Steam Client Service kunde inte startas på grund av följande fel: 

Tjänsten svarade inte på start- eller kontrollbegäran i tid.

 

Error: (11/24/2021 11:52:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Steam Client Service skulle ansluta.

 

Error: (11/24/2021 11:44:41 AM) (Source: DCOM) (EventID: 10001) (User: Albin)

Description: Det gick inte att starta en DCOM-server: Microsoft.MicrosoftEdge_44.22000.120.0_neutral__8wekyb3d8bbwe!MicrosoftEdge som Inte tillgänglig/Inte tillgänglig. Felet:

“2147942402”

inträffade när det här kommandot startades:

“C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweMicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

 

Error: (11/24/2021 11:31:08 AM) (Source: DCOM) (EventID: 10001) (User: Albin)

Description: Det gick inte att starta en DCOM-server: Microsoft.MicrosoftEdge_44.22000.120.0_neutral__8wekyb3d8bbwe!MicrosoftEdge som Inte tillgänglig/Inte tillgänglig. Felet:

“2147942402”

inträffade när det här kommandot startades:

“C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweMicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

 

 

Windows Defender:

================

Date: 2021-11-24 09:49:56

Description: 

Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.

Söknings-ID: {04C9E84F-3C29-4C03-BF8C-1D1528A6D7FA}

Sökningstyp: Antimalware

Sökningsparametrar: Snabbsökning

Användare: NT instansSYSTEM ਍

Event[0]

 

Date: 2021-11-24 07:57:47

Description: 

Funktionen för realtidsskydd i Microsoft Defender Antivirus har stött på ett fel och avslutats.

Funktion: Vid åtkomst

Felkod: 0x8007043c

Felbeskrivning: Den här tjänsten kan inte startas i säkert läge 

Orsak: Säkerhetsinsikter för program mot skadlig kod har slutat fungera av okänd anledning. I vissa fall kan det hjälpa att starta om tjänsten. ਍

 

Date: 2021-11-24 07:40:41

Description: 

N/A

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 1620 07/08/2021

Motherboard: ASUSTeK COMPUTER INC. PRIME Z490-P

Processor: Intel® Core™ i5-10600K CPU @ 4.10GHz

Percentage of memory in use: 46%

Total physical RAM: 16285.88 MB

Available physical RAM: 8759.37 MB

Total Virtual: 19229.88 MB

Available Virtual: 9646.74 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:222.86 GB) (Free:114.58 GB) NTFS

Drive d: (Storage) (Fixed) (Total:931.51 GB) (Free:931.34 GB) NTFS

 

\?Volume{ecadcecf-d961-439f-bb1b-e369819a2589} () (Fixed) (Total:0.59 GB) (Free:0.08 GB) NTFS

\?Volume{f823a431-c626-43f8-8fbc-008c5f714355} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 183BA259)

Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

93 − eighty three =