Help with removing ColorMania 32 bit (GoogleDiagnostic.exe) | #firefox | #chrome | #microsoftedge

This is the FRST reports after the scan

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021

Ran by Aleksa (administrator) on DESKTOP-3CVBS8C (MSI MS-7640) (18-07-2021 23:53:20)

Running from C:UsersAleksaAppDataLocalTempscoped_dir11980_88312311

Loaded Profiles: Aleksa

Platform: Windows 10 Pro Version 20H2 19042.1083 (X64) Language: English (United States)

Default browser: Opera

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextamdow.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextAMDRSServ.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextAMDRSSrcExt.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextcncmd.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextRadeonSoftware.exe

(Advanced Micro Devices, Inc. -> AMD) C:Program FilesAMDPerformance Profile ClientAUEPLauncher.exe

(Advanced Micro Devices, Inc. -> AMD) C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe

(Advanced Micro Devices, Inc. -> AMD) C:Program FilesAMDPerformance Profile ClientAUEPUF.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryͦ400.inf_amd64_4021c2cb607d5b92B366217atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryͦ400.inf_amd64_4021c2cb607d5b92B366217atiesrxx.exe

(Autodesk, Inc. -> Autodesk Inc.) C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe

(Autodesk, Inc. -> Autodesk) C:Program Files (x86)AutodeskAutodesk Desktop AppAcWebBrowserAcWebBrowser.exe <3>

(Autodesk, Inc. -> Autodesk) C:Program Files (x86)Common FilesAutodesk SharedAdskLicensing11.0.0.4854AdskLicensingServiceAdskLicensingService.exe

(Autodesk, Inc. -> Autodesk) C:ProgramDataAutodeskGenuine Servicex64GenuineService.exe

(Autodesk, Inc. -> Autodesk, Inc.) C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe

(Blacksun Software) [File not signed] C:UsersAleksaAppDataRoamingGoogleGoogleDiagnostics.exe

(Discord Inc. -> Discord Inc.) C:UsersAleksaAppDataLocalDiscordapp-1.0.9002Discord.exe <6>

(Flexera Software LLC -> Flexera) C:Program Files (x86)Common FilesMacrovision SharedFlexNet PublisherFNPLicensingService.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.92GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.92GoogleCrashHandler64.exe

(Kilonova LLC -> Skillbrains) C:Program Files (x86)Skillbrainslightshot5.5.0.7Lightshot.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Windows -> Microsoft Corporation) C:UsersAleksaAppDataLocalTempBF84BB36-AEA2-4075-9411-98EDCC7497FEDismHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MRT.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MusNotifyIcon.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SecurityHealthHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SystemSettingsAdminFlows.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Taskmgr.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoft.Windows.SecHealthUI_cw5n1h2txyewySecHealthUI.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34TiWorker.exe

(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0NisSrv.exe

(Opera Software AS -> Opera Software) C:UsersAleksaAppDataLocalProgramsOpera GX76.0.4017.227opera.exe <43>

(Opera Software AS -> Opera Software) C:UsersAleksaAppDataLocalProgramsOpera GX76.0.4017.227opera_crashreporter.exe

(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe

(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

(VMware, Inc. -> VMware, Inc.) C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe

(VMware, Inc. -> VMware, Inc.) C:Program Files (x86)VMwareVMware Playervmware-authd.exe

(VMware, Inc. -> VMware, Inc.) C:WindowsSysWOW64vmnat.exe

(VMware, Inc. -> VMware, Inc.) C:WindowsSysWOW64vmnetdhcp.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32…Run: [Lightshot] => C:Program Files (x86)SkillbrainslightshotLightshot.exe [226728 2019-07-21] (Kilonova LLC -> )

HKLM-x32…Run: [Autodesk Genuine Service ] => C:ProgramDataAutodeskGenuine Servicex64GenuineService.exe [2483552 2021-01-08] (Autodesk, Inc. -> Autodesk)

HKLM-x32…Run: [Autodesk Desktop App] => C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [Discord] => C:UsersAleksaAppDataLocalDiscordUpdate.exe [1512760 2020-12-04] (Discord Inc. -> GitHub)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [com.squirrel.Teams.Teams] => C:UsersAleksaAppDataLocalMicrosoftTeamsUpdate.exe [2454200 2021-06-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [Opera GX Browser Assistant] => C:UsersAleksaAppDataLocalProgramsOpera GXassistantbrowser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4110568 2021-07-16] (Valve -> Valve Corporation)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [Web Companion] => C:Program Files (x86)LavasoftWeb CompanionApplicationWebCompanion.exe –minimize

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Run: [Opera Browser Assistant] => C:UsersAleksaAppDataLocalProgramsOperaassistantbrowser_assistant.exe [4080336 2021-07-14] (Opera Software AS -> Opera Software)

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…PoliciesExplorer: [] 

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…PoliciesExplorer: [DisallowRun] 1

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…PoliciesExplorerDisallowRun: [1] irsetup.exe

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication91.0.4472.124Installerchrmstp.exe [2021-07-01] (Google LLC -> Google LLC)

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0591B1D9-895D-45A6-9F67-39DD175A06B7} – System32TasksAMDInstallLauncher => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {19C9A6E9-B26B-4618-8B43-13C724F64004} – System32TasksStartCN => C:Program FilesAMDCNextCNextcncmd.exe [62752 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {1F028850-581D-4897-84CF-C500AC0A77C0} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {40F0E026-1F71-4ABF-A43B-60DFD6C6A6B9} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {4850D20F-4991-4697-AECE-5AF595B62C36} – System32TasksAMDLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {54FA4D46-5C64-4ADC-BA1D-7347850611CF} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficeOffice16msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {5765FC8B-0F7A-43FB-8D01-D212280318D5} – System32TasksModifyLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [1713952 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {60094868-540D-4676-8F61-5ECCD1DD7F95} – System32TasksOpera scheduled Autoupdate 1624465819 => C:UsersAleksaAppDataLocalProgramsOperalauncher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)

Task: {718160A2-232F-43E8-8393-8AF666073515} – System32TasksOpera scheduled assistant Autoupdate 1624465823 => C:UsersAleksaAppDataLocalProgramsOperalauncher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersAleksaAppDataLocalProgramsOperaassistant” $(Arg0)

Task: {7B6D69E6-72E8-474A-912A-7629C421586B} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {8ACB6CD6-CF7F-4CF0-8ABC-38F9B3ED68FE} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficeOffice16msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {9FE0654C-19F1-4956-AF59-53AB2AF08DB3} – System32Tasksupdate-S-1-5-21-3467038883-1679176618-4043890008-1001 => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

Task: {B6499C55-75D2-402D-BFF0-32A007E89929} – System32TasksGoogleUpdateSoftware => C:UsersAleksaAppDataRoamingGoogleGoogleDiagnostics.exe [800303616 2021-06-23] (Blacksun Software) [File not signed] <==== ATTENTION

Task: {B89580E0-ED42-4B22-BCDA-44344C6E73DF} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154440 2021-04-20] (Google LLC -> Google LLC)

Task: {BA3F89D3-DBC7-40FA-845C-EAA716DA2364} – System32TasksStartDVR => C:Program FilesAMDCNextCNextRSServCmd.exe [268576 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {CAF4F0E0-DF5A-4CC1-91F2-62D20E889E00} – System32TasksMicrosoftOfficeOffice 15 Subscription Heartbeat => C:Program FilesCommon FilesMicrosoft SharedOffice16OLicenseHeartbeat.exe

Task: {CB4B9FE5-5E58-43DE-9568-88E00FBA5842} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {D373F2EE-B4CA-4D9A-8B32-13FE0931B57C} – System32TasksOpera GX scheduled assistant Autoupdate 1621257773 => C:UsersAleksaAppDataLocalProgramsOpera GXlauncher.exe [1881296 2021-07-07] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersAleksaAppDataLocalProgramsOpera GXassistant” $(Arg0)

Task: {D7A95720-EE15-475C-B6F5-89FF0324EE89} – System32TasksOpera GX scheduled Autoupdate 1619019775 => C:UsersAleksaAppDataLocalProgramsOpera GXlauncher.exe [1881296 2021-07-07] (Opera Software AS -> Opera Software)

Task: {DB9F8B3E-F18F-4790-964A-0689E1B9F459} – System32Tasksupdate-sys => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

Task: {FB351677-1A76-480D-8C90-CE161F3E0AA7} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154440 2021-04-20] (Google LLC -> Google LLC)

Task: {FB7B1C0C-1929-4543-8983-2DB9AF449B30} – System32TasksStartCNBM => C:Program FilesAMDCNextCNextcncmd.exe [62752 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WindowsTasksupdate-S-1-5-21-3467038883-1679176618-4043890008-1001.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe

Task: C:WindowsTasksupdate-sys.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog9 15 C:WindowsSysWOW64vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog9 16 C:WindowsSysWOW64vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog9-x64 15 C:Windowssystem32vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.)

Winsock: Catalog9-x64 16 C:Windowssystem32vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.)

Tcpip..Interfaces{71a0a706-08dc-435f-a373-d65996164da9}: [DhcpNameServer] 192.168.0.1

 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:UsersAleksaAppDataLocalMicrosoftEdgeUser DataDefault [2021-07-18]

 

FireFox:

========

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~2Office16NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersAleksaAppDataLocalGoogleChromeUser DataDefault [2021-06-26]

CHR Notifications: Default -> hxxps://www.facebook.com

CHR Extension: (Chrome Web Store Payments) – C:UsersAleksaAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-20]

CHR Extension: (Chrome Media Router) – C:UsersAleksaAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-26]

 

Opera: 

=======

OPR Profile: C:UsersAleksaAppDataRoamingOpera SoftwareOpera Stable [2021-07-18]

StartMenuInternet: (HKUS-1-5-21-3467038883-1679176618-4043890008-1001) Opera GXStable – “C:UsersAleksaAppDataLocalProgramsOpera GXLauncher.exe”

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)

R2 AdskLicensingService; C:Program Files (x86)Common FilesAutodesk SharedAdskLicensingCurrentAdskLicensingServiceAdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)

R2 AUEPLauncher; C:Program FilesAMDCIM..Performance Profile ClientAUEPLauncher.exe [60704 2021-04-13] (Advanced Micro Devices, Inc. -> AMD)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5394864 2021-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AMDSAFD; C:WindowsSystem32DriverStoreFileRepositoryamdsafd.inf_amd64_8e2568524f674315amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R3 AMDXE; C:WindowsSystem32driversamdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

R2 AODDriver4.3.0; C:Program FilesAMDPerformance Profile Clientamd64AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

S3 BthA2dp; C:WindowsSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 cpuz148; C:Windowstempcpuz148cpuz148_x64.sys [44832 2021-04-21] (CPUID S.A.R.L.U. -> CPUID)

S3 dg_ssudbus; C:Windowssystem32DRIVERSssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 MpKsl61d5819e; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{DA64AE86-B172-4AEE-A05E-E77EBB99D622}MpKslDrv.sys [107752 2021-07-18] (Microsoft Windows -> Microsoft Corporation)

S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R2 VMnetBridge; C:Windowssystem32DRIVERSvmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)

R0 vsock; C:WindowsSystem32DRIVERSvsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)

S0 WdBoot; C:WindowsSystem32driverswdWdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WindowsSystem32driverswdWdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-07-18 23:52 – 2021-07-18 23:53 – 000000000 ____D C:FRST

2021-07-18 23:52 – 2021-07-18 23:52 – 002300416 _____ (Farbar) C:UsersAleksaDesktopFRST64.exe

2021-07-18 18:58 – 2021-07-18 18:58 – 000000000 ____D C:Windowssystem32appmgmt

2021-07-18 16:25 – 2021-07-18 16:25 – 000007605 _____ C:UsersAleksaAppDataLocalResmon.ResmonCfg

2021-07-15 21:40 – 2021-07-15 22:35 – 000000000 ____D C:UsersAleksaAppDataRoaming.minecraft

2021-07-15 21:40 – 2021-07-15 21:44 – 000000000 ____D C:Program Files (x86)Minecraft Launcher

2021-07-15 21:40 – 2021-07-15 21:40 – 002666496 _____ C:UsersAleksaDownloadsMinecraftInstaller.msi

2021-07-15 21:40 – 2021-07-15 21:40 – 000001103 _____ C:UsersPublicDesktopMinecraft Launcher.lnk

2021-07-15 21:40 – 2021-07-15 21:40 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMinecraft Launcher

2021-07-14 19:49 – 2021-07-14 19:49 – 000731256 _____ C:UsersAleksaDownloadsITjul2021.pdf

2021-07-09 02:22 – 2021-07-09 02:22 – 000000000 ___HD C:Windowsmsdownld.tmp

2021-07-09 02:22 – 2021-07-09 02:22 – 000000000 ____D C:WindowsSysWOW64directx

2021-07-09 02:15 – 2021-07-09 02:15 – 054261822 _____ C:UsersAleksaDownloadsMSIAfterburnerSetup.zip

2021-07-08 21:19 – 2021-07-08 21:19 – 000846307 _____ C:UsersAleksaDownloadsОснове системског инжењерства – испитни задаци.pdf

2021-07-08 20:10 – 2021-07-08 20:10 – 002371072 _____ C:Windowssystem32rdpnano.dll

2021-07-08 20:10 – 2021-07-08 20:10 – 001314128 _____ (Microsoft Corporation) C:Windowssystem32SecConfig.efi

2021-07-08 20:10 – 2021-07-08 20:10 – 000570880 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl

2021-07-08 20:10 – 2021-07-08 20:10 – 000452608 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2021-07-08 20:10 – 2021-07-08 20:10 – 000084992 _____ (Microsoft Corporation) C:Windowssystem32wscui.cpl

2021-07-08 20:10 – 2021-07-08 20:10 – 000067584 _____ (Microsoft Corporation) C:WindowsSysWOW64wscui.cpl

2021-07-08 20:10 – 2021-07-08 20:10 – 000060928 _____ C:Windowssystem32runexehelper.exe

2021-07-08 20:10 – 2021-07-08 20:10 – 000011351 _____ C:Windowssystem32DrtmAuthTxt.wim

2021-07-08 20:09 – 2021-07-08 20:09 – 002260992 _____ C:Windowssystem32TextInputMethodFormatter.dll

2021-07-08 20:09 – 2021-07-08 20:09 – 001823304 _____ (Microsoft Corporation) C:Windowssystem32winload.efi

2021-07-08 20:09 – 2021-07-08 20:09 – 001393504 _____ (Microsoft Corporation) C:Windowssystem32winresume.efi

2021-07-08 20:09 – 2021-07-08 20:09 – 000097792 _____ C:Windowssystem32Driverscimfs.sys

2021-07-06 19:45 – 2021-07-06 19:45 – 000323834 _____ C:UsersAleksaDownloadsPrvi kolokvijum – svi odgovori.pdf

2021-07-05 18:05 – 2021-07-05 18:05 – 186633698 _____ C:UsersAleksaDownloadsVezbe9_OOIT.mp4

2021-07-03 21:48 – 2021-07-03 21:48 – 000000000 ____D C:UsersAleksa.config

2021-07-03 21:31 – 2021-07-03 21:44 – 000000725 _____ C:UsersAleksa.bash_history

2021-07-03 21:26 – 2021-07-03 21:26 – 000000020 _____ C:UsersAleksa.lesshst

2021-07-03 17:36 – 2021-07-03 21:29 – 000000000 ____D C:Programiranje

2021-07-03 16:09 – 2021-07-03 16:09 – 000001764 _____ C:UsersPublicDesktopGit Bash.lnk

2021-07-03 16:09 – 2021-07-03 16:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGit

2021-07-03 16:08 – 2021-07-03 16:09 – 000000000 ____D C:Program FilesGit

2021-07-03 16:01 – 2021-07-03 16:01 – 051179176 _____ (The Git Development Community ) C:UsersAleksaDownloadsGit-2.32.0-64-bit.exe

2021-07-02 14:47 – 2021-07-06 19:43 – 000000000 ____D C:UsersAleksaDesktopIT56-2020-NIkola_Rokvic

2021-07-02 14:46 – 2021-07-02 14:46 – 000046691 _____ C:UsersAleksaDownloadsIT56-2020-NIkola_Rokvic.rar

2021-07-01 14:41 – 2021-07-01 14:41 – 000001095 _____ C:UsersAleksaDesktopEclipse IDE for Java Developers – 2021-06.lnk

2021-07-01 14:41 – 2021-07-01 14:41 – 000000000 ____D C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsEclipse

2021-07-01 14:37 – 2021-07-01 14:38 – 116146208 _____ C:UsersAleksaDownloadseclipse-inst-jre-win64 (1).exe

2021-06-29 15:36 – 2021-06-29 15:36 – 022149734 _____ C:UsersAleksaDownloadsClaim UID 65c53096 requested documentation.rar

2021-06-29 14:58 – 2021-06-29 14:58 – 000000218 _____ C:UsersAleksaAppDataLocalrecently-used.xbel

2021-06-29 14:57 – 2021-06-29 14:58 – 000000000 ____D C:UsersAleksaDocumentsCherryTree

2021-06-29 14:57 – 2021-06-29 14:57 – 000000000 ____D C:UsersAleksaAppDataLocalgtk-3.0

2021-06-29 14:55 – 2021-06-29 14:55 – 000000000 ____D C:UsersAleksaAppDataLocalenchant

2021-06-29 14:54 – 2021-07-17 20:01 – 000000000 ____D C:UsersAleksaAppDataLocalcherrytree

2021-06-29 14:54 – 2021-07-17 20:01 – 000000000 ____D C:UsersAleksa.dbus-keyrings

2021-06-29 14:54 – 2021-06-29 14:54 – 000001109 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsCherryTree.lnk

2021-06-29 14:54 – 2021-06-29 14:54 – 000001097 _____ C:UsersPublicDesktopCherryTree.lnk

2021-06-29 14:53 – 2021-06-29 14:53 – 049331351 _____ (Giuseppe Penone ) C:UsersAleksaDownloadscherrytree_0.99.38.0_win64_setup.exe

2021-06-29 14:53 – 2021-06-29 14:53 – 000000000 ____D C:Program FilesCherryTree

2021-06-28 20:05 – 2021-06-28 20:05 – 000000000 ____D C:UsersAleksaDocumentsVirtual Machines

2021-06-28 19:46 – 2021-06-28 19:51 – 000000000 ____D C:UsersAleksaDownloadskali-linux-2021-2-installer-amd64-iso

2021-06-28 19:46 – 2021-06-28 19:46 – 000348258 _____ C:UsersAleksaDownloadskali-linux-2021.2-installer-amd64.iso.torrent

2021-06-28 19:01 – 2021-07-02 18:03 – 000000000 ____D C:UsersAleksaAppDataLocalVMware

2021-06-28 19:01 – 2021-07-02 17:57 – 000000000 ____D C:UsersAleksaAppDataRoamingVMware

2021-06-28 19:01 – 2021-04-30 05:22 – 000110696 _____ (VMware, Inc.) C:Windowssystem32Driversvmx86.sys

2021-06-28 19:01 – 2020-08-11 00:25 – 000048224 _____ (VMware, Inc.) C:Windowssystem32vsocklib.dll

2021-06-28 19:01 – 2020-08-11 00:25 – 000044128 _____ (VMware, Inc.) C:WindowsSysWOW64vsocklib.dll

2021-06-28 19:01 – 2020-08-11 00:24 – 000105912 _____ (VMware, Inc.) C:Windowssystem32Driversvsock.sys

2021-06-28 19:00 – 2021-07-18 16:18 – 000000000 ____D C:ProgramDataVMware

2021-06-28 19:00 – 2021-06-28 19:00 – 000859366 _____ C:WindowsSysWOW64PerfStringBackup.INI

2021-06-28 19:00 – 2021-06-28 19:00 – 000001261 _____ C:UsersPublicDesktopVMware Workstation 16 Player.lnk

2021-06-28 19:00 – 2021-06-28 19:00 – 000000000 ____D C:Program FilesCommon FilesVMware

2021-06-28 19:00 – 2021-06-28 19:00 – 000000000 ____D C:Program Files (x86)VMware

2021-06-28 19:00 – 2021-04-30 05:30 – 001307392 _____ (VMware, Inc.) C:Windowssystem32vnetlib64.dll

2021-06-28 19:00 – 2021-04-30 05:28 – 000420968 _____ (VMware, Inc.) C:WindowsSysWOW64vmnat.exe

2021-06-28 19:00 – 2021-04-30 05:28 – 000381184 _____ (VMware, Inc.) C:WindowsSysWOW64vmnetdhcp.exe

2021-06-28 19:00 – 2021-04-30 05:28 – 000119792 _____ (VMware, Inc.) C:Windowssystem32vnetinst.dll

2021-06-28 19:00 – 2021-04-30 05:28 – 000044544 _____ (VMware, Inc.) C:Windowssystem32Driversvmnetuserif.sys

2021-06-28 19:00 – 2021-04-27 00:55 – 000085448 _____ (VMware, Inc.) C:Windowssystem32Drivershcmon.sys

2021-06-28 18:58 – 2021-06-28 18:59 – 225758552 _____ (VMware, Inc.) C:UsersAleksaDownloadsVMware-player-16.1.2-17966106.exe

2021-06-28 18:56 – 2021-06-28 18:59 – 000000000 ____D C:UsersAleksaDownloadskali-linux-2021-2-vmware-amd64-7z

2021-06-28 18:56 – 2021-06-28 18:57 – 000000000 ____D C:UsersAleksaAppDataLocalLowuTorrent

2021-06-28 18:56 – 2021-06-28 18:56 – 000206401 _____ C:UsersAleksaDownloadskali-linux-2021.2-vmware-amd64.7z.torrent

2021-06-27 01:56 – 2021-06-27 01:56 – 000000000 ___HD C:UsersAleksaDownloads.opera

2021-06-27 01:56 – 2021-06-27 01:56 – 000000000 ___HD C:UsersAleksa.opera

2021-06-26 20:31 – 2021-06-26 20:31 – 000000000 ____D C:UsersAleksaAppDataRoamingBlender Foundation

2021-06-26 20:30 – 2021-06-26 20:30 – 000000000 ____D C:UsersAleksa.thumbnails

2021-06-25 18:02 – 2021-06-25 18:02 – 000000000 ____D C:UsersAleksaAppDataLocalLowAdobe

2021-06-25 11:43 – 2021-06-25 11:43 – 000000222 _____ C:UsersAleksaDesktopSven Co-op.url

2021-06-24 05:53 – 2021-06-24 05:53 – 002107218 _____ C:UsersAleksaDownloadsKolokvijum2Resen.pdf

2021-06-24 05:51 – 2021-06-24 05:51 – 000751384 _____ C:UsersAleksaDownloadsIIS_Kol2_2021.pdf

2021-06-23 21:31 – 2021-07-15 19:15 – 000000000 ____D C:UsersAleksaDesktopOIT

2021-06-23 20:51 – 2021-06-23 20:51 – 000001578 _____ C:UsersAleksaDesktopPhotoshop – Shortcut.lnk

2021-06-23 18:46 – 2021-06-23 18:46 – 000000000 ____D C:UsersAleksaAppDataLocalAdobe

2021-06-23 18:43 – 2021-06-23 18:46 – 000000000 ___RD C:Program FilesAdobe Photoshop 2021

2021-06-23 18:38 – 2021-06-23 18:40 – 000000000 ____D C:UsersAleksaDownloadsBeautify for Adobe Photoshop v2.0.0 Pre-Cracked

2021-06-23 18:37 – 2021-06-23 18:37 – 000000000 _RSHD C:UsersAleksaAppDataRoamingWindows

2021-06-23 18:34 – 2021-07-17 22:49 – 000000000 ____D C:UsersAleksaAppDataLocalCrashDumps

2021-06-23 18:34 – 2021-06-23 18:42 – 000000000 ____D C:UsersAleksaAppDataRoamingWinHost

2021-06-23 18:34 – 2021-06-23 18:38 – 000000013 _____ C:ProgramDatakrosqm.txt

2021-06-23 18:34 – 2021-06-23 18:34 – 000003896 _____ C:Windowssystem32TasksGoogleUpdateSoftware

2021-06-23 18:34 – 2021-06-23 18:34 – 000000000 _RSHD C:UsersAleksaAppDataRoamingGoogle

2021-06-23 18:31 – 2021-06-26 18:44 – 000000000 ____D C:Program FilesCommon FilesAvast Software

2021-06-23 18:31 – 2021-06-23 18:31 – 000851192 _____ (AVAST Software) C:Windowssystem32Driversasw58d022b613dab53a.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000524400 _____ (AVAST Software) C:Windowssystem32Driversaswc0764e2702c10fa1.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000471920 _____ (AVAST Software) C:Windowssystem32Driversasw26c37d3e38c3d9e1.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000366616 _____ (AVAST Software) C:Windowssystem32Driversasw7ab858a03a7d7eea.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000339736 _____ (AVAST Software) C:Windowssystem32aswBoot.exe

2021-06-23 18:31 – 2021-06-23 18:31 – 000327536 _____ (AVAST Software) C:Windowssystem32Driversasw5b0c217463c4ed58.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000250392 _____ (AVAST Software) C:Windowssystem32Driversaswb84cc74933d35a89.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000216928 _____ (AVAST Software) C:Windowssystem32Driversaswbe49b205f1b20657.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000215384 _____ (AVAST Software) C:Windowssystem32Driversasw48d70570d4dfa27a.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000182600 _____ (AVAST Software) C:Windowssystem32Driversaswf17051ba67892e5a.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000107848 _____ (AVAST Software) C:Windowssystem32Driversaswc695f68b8fc50e59.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000099352 _____ (AVAST Software) C:Windowssystem32Driversasw6495d9065457bf75.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000082912 _____ (AVAST Software) C:Windowssystem32Driversasw662ebc8943abadda.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000041352 _____ (AVAST Software) C:Windowssystem32Driversasw1adcd4f31f6d9011.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000035720 _____ (AVAST Software) C:Windowssystem32Driversasw5fd077f99afb66a3.tmp

2021-06-23 18:31 – 2021-06-23 18:31 – 000017328 _____ (AVAST Software) C:Windowssystem32Driversaswd39617b4dbad9d84.tmp

2021-06-23 18:30 – 2021-07-15 01:15 – 000004474 _____ C:Windowssystem32TasksOpera scheduled assistant Autoupdate 1624465823

2021-06-23 18:30 – 2021-07-09 18:24 – 000004218 _____ C:Windowssystem32TasksOpera scheduled Autoupdate 1624465819

2021-06-23 18:30 – 2021-07-09 18:24 – 000001412 _____ C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera Browser.lnk

2021-06-23 18:30 – 2021-06-28 19:54 – 000000000 ____D C:UsersAleksaAppDataLocalBitTorrentHelper

2021-06-23 18:30 – 2021-06-26 18:44 – 000000000 ____D C:ProgramDataAvast Software

2021-06-23 18:30 – 2021-06-26 18:44 – 000000000 ____D C:Program FilesAvast Software

2021-06-23 18:30 – 2021-06-23 18:40 – 000000000 ____D C:UsersAleksaDownloadsPhotoshop CS6 precracked [mindcrasher]

2021-06-23 18:29 – 2021-06-29 00:54 – 000000000 ____D C:UsersAleksaAppDataRoaminguTorrent

2021-06-23 18:29 – 2021-06-23 18:29 – 000000000 ____D C:UsersAleksaAppDataLocalUT008

2021-06-23 17:46 – 2021-06-23 17:46 – 000000000 ____D C:UsersAleksaAppDataRoamingWinRAR

2021-06-23 17:45 – 2021-06-23 17:45 – 000000000 ____D C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR

2021-06-23 17:45 – 2021-06-23 17:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR

2021-06-23 17:45 – 2021-06-23 17:45 – 000000000 ____D C:Program FilesWinRAR

2021-06-21 16:16 – 2021-06-21 16:16 – 000000000 ____D C:UsersAleksaAppDataLocalOneDrive

2021-06-20 02:05 – 2021-06-20 02:06 – 000000000 ____D C:UsersAleksaDesktopTrening

2021-06-19 19:31 – 2021-06-19 19:31 – 001151992 _____ (Realtek ) C:Windowssystem32Driversrt640x64.sys

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-07-18 23:53 – 2019-12-07 11:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-07-18 23:40 – 2021-06-13 20:39 – 000000000 ____D C:Program Files (x86)Steam

2021-07-18 23:35 – 2021-04-20 20:47 – 000000000 ____D C:UsersAleksaAppDataLocalDiscord

2021-07-18 23:35 – 2021-04-20 20:41 – 000000000 ____D C:UsersAleksaAppDataRoamingdiscord

2021-07-18 23:21 – 2021-04-20 20:40 – 000000000 ____D C:Program Files (x86)Google

2021-07-18 23:15 – 2021-04-20 20:34 – 000000000 ____D C:UsersAleksaAppDataLocalD3DSCache

2021-07-18 23:11 – 2021-04-20 20:44 – 000003128 _____ C:Windowssystem32TasksAMDInstallLauncher

2021-07-18 23:11 – 2021-04-20 20:44 – 000003080 _____ C:Windowssystem32TasksAMDLinkUpdate

2021-07-18 23:10 – 2020-11-19 09:43 – 000000000 ____D C:Windowssystem32SleepStudy

2021-07-18 18:59 – 2019-12-07 11:03 – 000000000 ____D C:WindowsCbsTemp

2021-07-18 18:58 – 2021-04-21 15:42 – 000000000 ____D C:UsersAleksaAppDataRoamingEaseware

2021-07-18 18:50 – 2021-04-21 13:52 – 000000000 ___HD C:$WinREAgent

2021-07-18 18:47 – 2021-04-21 13:54 – 000000000 ____D C:Windowssystem32MRT

2021-07-18 18:47 – 2021-04-21 13:53 – 133422552 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe

2021-07-18 17:13 – 2021-04-22 20:21 – 000000000 ____D C:ProgramDataRiot Games

2021-07-18 16:23 – 2020-11-19 09:54 – 000845358 _____ C:Windowssystem32PerfStringBackup.INI

2021-07-18 16:23 – 2019-12-07 11:13 – 000000000 ____D C:WindowsINF

2021-07-18 16:19 – 2021-04-20 20:34 – 000000000 ____D C:UsersAleksa

2021-07-18 16:18 – 2021-04-21 05:25 – 000008192 ___SH C:DumpStack.log.tmp

2021-07-18 16:18 – 2020-11-19 09:43 – 000000006 ____H C:WindowsTasksSA.DAT

2021-07-17 20:18 – 2019-12-07 11:14 – 000000000 ____D C:WindowsAppReadiness

2021-07-17 10:27 – 2020-11-19 09:46 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-07-17 10:27 – 2020-11-19 09:46 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-07-17 10:27 – 2019-12-07 11:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-07-16 15:52 – 2021-04-20 20:40 – 000003418 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA

2021-07-16 15:52 – 2021-04-20 20:40 – 000003294 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore

2021-07-15 14:15 – 2021-04-20 20:39 – 000000000 ____D C:UsersAleksaAppDataLocalAMD_Common

2021-07-14 21:50 – 2021-04-20 20:34 – 000000000 ____D C:UsersAleksaAppDataLocalPackages

2021-07-12 18:09 – 2021-04-21 17:42 – 000004226 _____ C:Windowssystem32TasksOpera GX scheduled Autoupdate 1619019775

2021-07-12 18:09 – 2021-04-21 17:42 – 000001441 _____ C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera GX Browser.lnk

2021-07-11 22:00 – 2021-04-20 20:35 – 000003382 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-3467038883-1679176618-4043890008-1001

2021-07-11 22:00 – 2021-04-20 20:35 – 000000000 ___RD C:UsersAleksaOneDrive

2021-07-11 22:00 – 2021-04-20 20:34 – 000002386 _____ C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-07-10 19:38 – 2020-11-19 09:43 – 000000000 ____D C:Windowssystem32Driverswd

2021-07-09 06:04 – 2021-04-20 20:34 – 000065536 _____ C:Windowssystem32spu_storage.bin

2021-07-09 06:04 – 2020-11-19 09:43 – 000549048 _____ C:Windowssystem32FNTCACHE.DAT

2021-07-09 06:04 – 2019-12-07 11:03 – 000524288 _____ C:Windowssystem32configBBI

2021-07-09 06:03 – 2019-12-07 11:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ___RD C:WindowsImmersiveControlPanel

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64setup

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64oobe

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64Dism

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSystemResources

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32setup

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32oobe

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32Dism

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsProvisioning

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:WindowsPolicyDefinitions

2021-07-09 06:03 – 2019-12-07 11:14 – 000000000 ____D C:Windowsbcastdvr

2021-07-08 20:10 – 2020-11-19 01:26 – 000414044 __RSH C:bootmgr

2021-07-08 01:00 – 2021-04-24 15:10 – 000000000 ____D C:UsersAleksaDesktopslike

2021-07-07 01:06 – 2019-12-07 11:14 – 000000000 ____D C:WindowsLiveKernelReports

2021-07-07 00:32 – 2021-05-04 23:14 – 000000000 ____D C:UsersAleksaeclipse-workspace

2021-07-06 19:39 – 2021-05-04 23:12 – 000000000 ____D C:UsersAleksa.p2

2021-07-02 00:33 – 2020-11-19 09:46 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-07-02 00:33 – 2020-11-19 09:46 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-07-01 19:53 – 2021-04-20 20:40 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-07-01 19:53 – 2021-04-20 20:40 – 000002206 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-07-01 14:39 – 2021-05-04 23:12 – 000000000 ____D C:UsersAleksaeclipse

2021-06-30 18:56 – 2021-04-20 21:00 – 000002373 _____ C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk

2021-06-30 18:56 – 2021-04-20 21:00 – 000002365 _____ C:UsersAleksaDesktopMicrosoft Teams.lnk

2021-06-26 18:44 – 2021-04-20 20:40 – 000000000 ____D C:ProgramDataPackage Cache

2021-06-26 18:42 – 2019-12-07 11:14 – 000000000 ____D C:Windowsregistration

2021-06-25 11:49 – 2019-12-07 11:14 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-06-25 11:43 – 2021-06-13 20:45 – 000000000 ____D C:UsersAleksaAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2021-06-23 20:52 – 2021-04-21 19:57 – 000000000 ____D C:UsersAleksaDesktoptxt

2021-06-23 18:47 – 2021-04-20 20:34 – 000000000 ____D C:UsersAleksaAppDataRoamingAdobe

2021-06-23 18:31 – 2019-12-07 11:14 – 000000000 ___HD C:WindowsELAMBKUP

2021-06-23 18:30 – 2021-04-21 17:43 – 000000000 ____D C:UsersAleksaAppDataLocalOpera Software

2021-06-23 18:29 – 2021-04-21 17:42 – 000000000 ____D C:UsersAleksaAppDataRoamingOpera Software

2021-06-22 13:06 – 2019-12-07 11:14 – 000000000 ___HD C:Windowssystem32GroupPolicy

2021-06-18 14:02 – 2021-04-21 13:55 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

 

==================== Files in the root of some directories ========

 

2021-06-29 14:58 – 2021-06-29 14:58 – 000000218 _____ () C:UsersAleksaAppDataLocalrecently-used.xbel

2021-07-18 16:25 – 2021-07-18 16:25 – 000007605 _____ () C:UsersAleksaAppDataLocalResmon.ResmonCfg

2021-04-26 23:16 – 2021-04-26 23:16 – 000000003 _____ () C:UsersAleksaAppDataLocalupdater.log

2021-04-26 23:16 – 2021-04-26 23:16 – 000000424 _____ () C:UsersAleksaAppDataLocalUserProducts.xml

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021

Ran by Aleksa (18-07-2021 23:55:20)

Running from C:UsersAleksaAppDataLocalTempscoped_dir11980_88312311

Windows 10 Pro Version 20H2 19042.1083 (X64) (2021-04-20 18:31:27)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-3467038883-1679176618-4043890008-500 – Administrator – Disabled)

Aleksa (S-1-5-21-3467038883-1679176618-4043890008-1001 – Administrator – Enabled) => C:UsersAleksa

DefaultAccount (S-1-5-21-3467038883-1679176618-4043890008-503 – Limited – Disabled)

Guest (S-1-5-21-3467038883-1679176618-4043890008-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-3467038883-1679176618-4043890008-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…uTorrent) (Version: 3.5.5.45988 – BitTorrent Inc.)

AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.13.27.501 – Advanced Micro Devices, Inc.)

AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 21.4.1 – Advanced Micro Devices, Inc.)

AMD_Chipset_Drivers (HKLM-x32…{40c19864-e557-4855-95ee-075689dfcf8e}) (Version: 2.13.27.501 – Advanced Micro Devices, Inc.) Hidden

AutoCAD Open in Desktop (HKLM…{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 – Autodesk)

Autodesk App Manager (HKLM-x32…{9C2E49CB-F671-47EC-8093-CC1A8749A92A}) (Version: 3.2.1 – Autodesk)

Autodesk AutoCAD 2022 – English (HKLM…{1E7D4EF7-A28E-3D3E-BA3C-C6FAE4AAB2E0}) (Version: 24.1.51.0 – Autodesk, Inc.)

Autodesk Desktop App (HKLM-x32…Autodesk Desktop App) (Version: 8.2.0.34 – Autodesk)

Autodesk Genuine Service (HKLM…{879EB006-4A55-4873-8BC5-2183B2B5E0F5}) (Version: 4.1.2.25 – Autodesk)

Autodesk Material Library 2022 (HKLM-x32…{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 – Autodesk)

Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32…{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 – Autodesk)

Autodesk Save to Web and Mobile (HKLM…{192B349F-C3F7-4BBE-B49E-00DD4BD28373}) (Version: 3.0.29 – Autodesk) Hidden

Autodesk Single Sign On Component (HKLM…{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 – Autodesk)

Branding64 (HKLM…{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 – Advanced Micro Devices, Inc.) Hidden

CherryTree version 0.99.38.0 (HKLM…{DBA7384C-E1C6-44B5-A3B4-C94F2F0B8C0C}_is1) (Version: 0.99.38.0 – Giuseppe Penone)

Discord (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Discord) (Version: 0.0.309 – Discord Inc.)

Git version 2.32.0 (HKLM…Git_is1) (Version: 2.32.0 – The Git Development Community)

Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.124 – Google LLC)

Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32…{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 – Microsoft Corporation) Hidden

League of Legends (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Riot Game league_of_legends.live) (Version:  – Riot Games, Inc)

Lightshot-5.5.0.7 (HKLM-x32…{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 – Skillbrains)

Microsoft .NET Core Runtime – 3.1.10 (x64) (HKLM-x32…{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 – Microsoft Corporation)

Microsoft ASP.NET Core 3.1.10 – Shared Framework (HKLM-x32…{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.70 – Microsoft Corporation)

Microsoft Office Standard 2016 (HKLM-x32…Office16.STANDARD) (Version: 16.0.4266.1001 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…OneDriveSetup.exe) (Version: 21.119.0613.0001 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Teams) (Version: 1.4.00.16575 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.27.29112 (HKLM-x32…{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.27.29112 (HKLM-x32…{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 – Mojang)

Opera GX Stable 75.0.3969.285 (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Opera GX 75.0.3969.285) (Version: 75.0.3969.285 – Opera Software)

Opera GX Stable 76.0.4017.227 (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Opera GX 76.0.4017.227) (Version: 76.0.4017.227 – Opera Software)

Opera Stable 77.0.4054.203 (HKUS-1-5-21-3467038883-1679176618-4043890008-1001…Opera 77.0.4054.203) (Version: 77.0.4054.203 – Opera Software)

Outils de vérification linguistique 2016 de Microsoft Office – Français (HKLM-x32…{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 – Microsoft Corporation) Hidden

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

WinRAR 6.02 (64-bit) (HKLM…WinRAR archiver) (Version: 6.02.0 – win.rar GmbH)

 

Packages:

=========

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Studios) [MS Ad]

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-3467038883-1679176618-4043890008-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersAleksaAppDataLocalMicrosoftTeamsMeetingAddin1.0.21063.3x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3467038883-1679176618-4043890008-1001_ClassesCLSID{345D3165-3889-4694-AB75-A91A27B217E8}localserver32 -> C:Program FilesAutodeskAutoCAD 2022acad.exe (Autodesk, Inc. -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3467038883-1679176618-4043890008-1001_ClassesCLSID{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}localserver32 -> C:Program FilesAutodeskAutoCAD 2022acad.exe (Autodesk, Inc. -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3467038883-1679176618-4043890008-1001_ClassesCLSID{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}localserver32 -> C:Program FilesAutodeskAutoCAD 2022acad.exe (Autodesk, Inc. -> Autodesk, Inc.)

CustomCLSID: HKUS-1-5-21-3467038883-1679176618-4043890008-1001_ClassesCLSID{E2C40589-DE61-11ce-BAE0-0020AF6D7005}InprocServer32 -> C:Program FilesAutodeskAutoCAD 2022en-USacadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:Windowssystem32AcSignIcon.dll [2021-01-29] (Autodesk, Inc. -> Autodesk, Inc.)

ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:Program FilesCommon FilesAutodesk SharedAcShellExAcShellExtension.dll [2021-01-29] (Autodesk, Inc. -> Autodesk)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:Program Files (x86)VMwareVMware PlayervmdkShellExt.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.)

ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:Program Files (x86)VMwareVMware Playerx64vmdkShellExt64.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:WindowsSystem32atiacm64.dll [2021-04-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2020-07-27 20:23 – 2020-07-27 20:23 – 000017920 _____ () [File not signed] C:Program FilesAMDCNextCNextlibEGL.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 003567616 _____ () [File not signed] C:Program FilesAMDCNextCNextlibGLESv2.dll

2020-03-19 15:40 – 2020-03-19 15:40 – 000912896 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-core.dll

2020-03-19 15:40 – 2020-03-19 15:40 – 003109888 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-s3.dll

2015-02-19 10:13 – 2015-02-19 10:13 – 000817152 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientDevice.dll

2015-02-19 10:13 – 2015-02-19 10:13 – 003650560 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientPlatform.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000057856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsaudioqtaudio_windows.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqgif.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqicns.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqico.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000414720 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqjpeg.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqsvg.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000024576 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqtga.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwbmp.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000532992 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwebp.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 001441792 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsplatformsqwindows.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 001189888 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginssqldriversqsqlite.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000134656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsstylesqwindowsvistastyle.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 006184448 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Core.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 006867456 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Gui.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000735232 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Multimedia.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000120832 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5MultimediaQuick.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 001104896 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Network.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000325120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Positioning.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 003668480 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Qml.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000517120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlModels.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000051712 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlWorkerScript.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 004228608 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Quick.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickControls2.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 001085440 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickTemplates2.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000480256 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5RemoteObjects.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000205824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Sql.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Svg.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000127488 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebChannel.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000390656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngine.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 095598080 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngineCore.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 005587968 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Widgets.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000462848 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WinExtras.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000188928 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Xml.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 002878464 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5XmlPatterns.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000055808 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000262144 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtMultimediadeclarative_multimedia.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQmlqmlplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000284160 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControls.2qtquickcontrols2plugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000333824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControlsqtquickcontrolsplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000136704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickDialogsdialogplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000090112 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickLayoutsqquicklayoutsplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll

2020-07-27 20:23 – 2020-07-27 20:23 – 000091648 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtWebEngineqtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

HKUS-1-5-21-3467038883-1679176618-4043890008-1001SoftwareClasses.scr: AutoCADScriptFile => C:Windowssystem32notepad.exe “%1”

 

==================== Internet Explorer (Whitelisted) ==========

 

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:Program FilesMicrosoft OfficeOffice16GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:Program Files (x86)Microsoft OfficeOffice16GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} – C:Program Files (x86)Microsoft OfficeOffice16MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficeOffice16MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU.DEFAULT…localhost -> localhost

IE trusted site: HKU.DEFAULT…webcompanion.com -> hxxp://webcompanion.com

IE trusted site: HKUS-1-5-21-3467038883-1679176618-4043890008-1001…localhost -> localhost

IE trusted site: HKUS-1-5-21-3467038883-1679176618-4043890008-1001…webcompanion.com -> hxxp://webcompanion.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-12-07 11:14 – 2019-12-07 11:12 – 000000824 _____ C:Windowssystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)VMwareVMware Playerbin;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program Filesdotnet;C:Program FilesGitcmd;C:Program FilesGitmingw64bin;C:Program FilesGitusrbin

HKUS-1-5-21-3467038883-1679176618-4043890008-1001Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperWindowsimg0.jpg

DNS Servers: 192.168.0.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

Network Binding:

=============

VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 

Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 

VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-3467038883-1679176618-4043890008-1001…StartupApprovedRun: => “Discord”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [TCP Query User{E10779E4-2BC7-4EE4-B0FB-3FBC852369B8}C:usersaleksaappdatalocalprogramsopera gx73.0.3856.438opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx73.0.3856.438opera.exe => No File

FirewallRules: [UDP Query User{DEF76225-3EC6-4CBE-BFC1-2285974CACB1}C:usersaleksaappdatalocalprogramsopera gx73.0.3856.438opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx73.0.3856.438opera.exe => No File

FirewallRules: [TCP Query User{4BE512D6-2A13-4E04-A866-D547502FDB0B}C:usersaleksaappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersaleksaappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{180EDF99-4EFE-48D2-B302-C26880855056}C:usersaleksaappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersaleksaappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{6AE40E7B-BC96-4D80-A30A-CEB7FBCB208C}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.259opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.259opera.exe => No File

FirewallRules: [UDP Query User{D46BC1A3-45D8-4B85-8AD8-03781B1F5E8A}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.259opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.259opera.exe => No File

FirewallRules: [TCP Query User{C108F056-6CFD-4282-9E1F-7548A0A0FD8C}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.267opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.267opera.exe => No File

FirewallRules: [UDP Query User{7E4235A1-C128-44A5-97D6-BD0C87F14F19}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.267opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.267opera.exe => No File

FirewallRules: [TCP Query User{C8B7B050-7E21-44C6-A86A-024C7F6DBE47}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.279opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.279opera.exe => No File

FirewallRules: [UDP Query User{50C30C63-EC89-4045-9410-05492A0663D2}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.279opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.279opera.exe => No File

FirewallRules: [TCP Query User{08FC2067-A873-4307-9B18-54EFECBF4A22}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.282opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.282opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{73F86888-994F-43AF-924A-A45706E6F2FF}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.282opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.282opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{CA6482F7-3BD5-4635-A45A-82F03F224BF9}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{2D6A9833-C3BF-4C02-82EC-EEEF096B5D84}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{959EC9EA-3267-48BB-A367-EBB6DED56365}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{22AB238A-3C02-4CC0-925B-EA69AC8509EA}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{B31945B2-9E80-4986-BC66-D9EB64A274FE}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{0E20A3AF-6145-41D7-8374-FC505D93E89A}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [TCP Query User{4FCDFECB-E36B-49D5-A7D3-963A3C3EC380}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.285opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.285opera.exe => No File

FirewallRules: [UDP Query User{EA0C7553-B91F-48AB-94B5-C93870941444}C:usersaleksaappdatalocalprogramsopera gx75.0.3969.285opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx75.0.3969.285opera.exe => No File

FirewallRules: [{2D6285D6-B6DA-410E-A1EC-BF77D88C6713}] => (Allow) C:UsersAleksaAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{9631CA82-EF36-4E92-9E22-06DB856C3200}] => (Allow) C:UsersAleksaAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{69743F8B-779B-480E-AC3A-DB66037205A5}] => (Allow) C:Program Files (x86)SteamsteamappscommonSven Co-opsvencoop.exe (Sven Co-op team) [File not signed]

FirewallRules: [{379A7370-DC63-4D2B-B1C6-D53FBDCD0579}] => (Allow) C:Program Files (x86)SteamsteamappscommonSven Co-opsvencoop.exe (Sven Co-op team) [File not signed]

FirewallRules: [{4ECF2A93-7EDA-4B74-A786-A0191B4967E2}] => (Allow) C:Program Files (x86)SteamsteamappscommonSven Co-opsvends.exe (Sven Co-op team) [File not signed]

FirewallRules: [{B2A3AAD5-F45F-4056-894F-A156E718FC5D}] => (Allow) C:Program Files (x86)SteamsteamappscommonSven Co-opsvends.exe (Sven Co-op team) [File not signed]

FirewallRules: [{86E77917-ED70-4134-A4BE-6A6719DADD8C}] => (Allow) C:Program Files (x86)SteamsteamappscommonBlenderblender.exe (Stichting Blender Foundation -> Blender Foundation)

FirewallRules: [{5A7A7D0E-12FE-448E-939B-613EE248EF4E}] => (Allow) C:Program Files (x86)SteamsteamappscommonBlenderblender.exe (Stichting Blender Foundation -> Blender Foundation)

FirewallRules: [{616AF05D-04B1-42F1-99B3-A3783DA520D5}] => (Allow) C:Program Files (x86)VMwareVMware Playervmware-authd.exe (VMware, Inc. -> VMware, Inc.)

FirewallRules: [{95384360-B90F-4DE9-8069-B4D45B6BD2CF}] => (Allow) C:Program Files (x86)VMwareVMware Playervmware-authd.exe (VMware, Inc. -> VMware, Inc.)

FirewallRules: [TCP Query User{70B3476D-8B93-4030-A6DD-B32E72A33D91}C:usersaleksaappdatalocalprogramsopera gx76.0.4017.208_0opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx76.0.4017.208_0opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{59901C13-E79C-4620-A6DA-AE7B79C778B4}C:usersaleksaappdatalocalprogramsopera gx76.0.4017.208_0opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx76.0.4017.208_0opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{0BD8AF0C-1226-408C-96CE-2943C883FEB1}] => (Allow) C:UsersAleksaAppDataLocalProgramsOpera77.0.4054.172opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{E3FB4FE0-A554-4646-BC12-EB153F29B85B}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{0FD1BFBD-E851-4587-A3C3-4B4D7D9141FF}] => (Allow) C:UsersAleksaAppDataLocalProgramsOpera77.0.4054.203opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [TCP Query User{7689943A-0106-4C4A-8615-41FB7A558917}C:usersaleksaappdatalocalprogramsopera gx76.0.4017.227opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx76.0.4017.227opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{15A3F7A8-189C-4C4C-A65B-7AF2883A7854}C:usersaleksaappdatalocalprogramsopera gx76.0.4017.227opera.exe] => (Allow) C:usersaleksaappdatalocalprogramsopera gx76.0.4017.227opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{FDF98FE6-8758-4A41-BC42-EB980E4A62D4}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{95A9707C-DE9E-4AC2-9C31-18B1D3F55907}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{A58DC946-161D-4861-A2DD-C1C056FE9877}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{23383127-F341-4646-8A85-E9C46800BAB7}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{7962667C-8DD3-40B5-AA8D-2A1C74D68F9D}C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [UDP Query User{0F027F5B-BD2A-4A92-88CB-E47E19D3F654}C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [TCP Query User{5E482B65-1FEA-47EE-85E7-9959BE50ECF8}C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [UDP Query User{EB71D175-D6F4-4DA9-A5D8-039C6D93F7ED}C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [TCP Query User{528F11E4-46FD-4CB3-9CAD-6D93DEFA383F}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [UDP Query User{3EB9CF05-F990-49AD-A7CF-EB5872C085D1}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

 

==================== Restore Points =========================

 

08-07-2021 15:48:33 Windows Modules Installer

08-07-2021 15:50:11 Windows Modules Installer

14-07-2021 10:41:00 Windows Modules Installer

15-07-2021 21:40:37 Installed Minecraft Launcher

18-07-2021 18:50:30 Windows Modules Installer

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (07/17/2021 10:49:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0xffffffff

Faulting process id: 0x25e0

Faulting application start time: 0x01d77b4d2ecb349b

Faulting application path: bad_module_info

Faulting module path: unknown

Report Id: 3bc09bad-953f-4d2c-a225-7e173b8406c8

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (07/14/2021 09:32:20 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: DESKTOP-3CVBS8C)

Description: Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy-2147023878

 

Error: (07/14/2021 09:06:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (07/14/2021 09:06:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (07/14/2021 09:05:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on System Reserved (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (07/09/2021 02:23:23 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for “C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe”.

Dependent Assembly Microsoft.VC90.MFC,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″ could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (07/09/2021 02:23:23 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for “C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe”.

Dependent Assembly Microsoft.VC90.MFC,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″ could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (07/09/2021 02:23:22 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for “C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe”.

Dependent Assembly Microsoft.VC90.MFC,processorArchitecture=”x86″,publicKeyToken=”1fc8b3b9a1e18e3b”,type=”win32″,version=”9.0.21022.8″ could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

 

System errors:

=============

Error: (07/18/2021 07:58:48 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )

Description: 4

 

Error: (07/18/2021 06:49:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Windows Malicious Software Removal Tool x64 – v5.91 (KB890830).

 

Error: (07/18/2021 04:18:55 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 12:39:30 AM on ‎7/‎18/‎2021 was unexpected.

 

Error: (07/17/2021 01:41:58 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )

Description: 4

 

Error: (07/17/2021 11:58:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3CVBS8C)

Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

 

Error: (07/17/2021 10:26:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

The service did not respond to the start or control request in a timely fashion.

 

Error: (07/17/2021 10:26:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

 

Error: (07/16/2021 02:58:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

The service did not respond to the start or control request in a timely fashion.

 

 

Windows Defender:

================

Date: 2021-07-17 20:17:56

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-16 03:30:43

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-14 20:22:31

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-13 20:52:49

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-12 23:49:17

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-06-29 15:00:37

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.341.1563.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18200.4

Error code: 0x80070643

Error description: Fatal error during installation. 

 

Date: 2021-06-29 15:00:36

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.343.25.0

Previous security intelligence Version: 1.341.1563.0

Update Source: User

Security intelligence Type: AntiSpyware

Update Type: Delta

Current Engine Version: 1.1.18300.4

Previous Engine Version: 1.1.18200.4

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-29 15:00:36

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.343.25.0

Previous security intelligence Version: 1.341.1563.0

Update Source: User

Security intelligence Type: AntiVirus

Update Type: Delta

Current Engine Version: 1.1.18300.4

Previous Engine Version: 1.1.18200.4

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-29 15:00:36

Description: 

Microsoft Defender Antivirus has encountered an error trying to update the engine.

New Engine Version: 1.1.18300.4

Previous Engine Version: 1.1.18200.4

Error Code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-26 18:45:27

Description: 

Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.

Security intelligence Attempted: Current

Error Code: 0x80070003

Error description: The system cannot find the path specified. 

Security intelligence version: 0.0.0.0;0.0.0.0

Engine version: 0.0.0.0

 

CodeIntegrity:

===============

Date: 2021-06-23 18:31:42

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MsMpEng.exe) attempted to load DeviceHarddiskVolume1Program FilesAvast SoftwareAvastaswAMSI.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-06-23 18:31:42

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume1Program FilesAvast SoftwareAvastaswAMSI.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-06-23 18:31:42

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program FilesAvast SoftwareAvastAvastSvc.exe) attempted to load DeviceHarddiskVolume1Program FilesCommon Filesmicrosoft sharedOFFICE16MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. V20.3 09/26/2013

Motherboard: MSI 990FXA-GD65 (MS-7640)

Processor: AMD FX™-6350 Six-Core Processor 

Percentage of memory in use: 71%

Total physical RAM: 8141.52 MB

Available physical RAM: 2350.13 MB

Total Virtual: 17357.52 MB

Available Virtual: 5994.55 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:931.51 GB) (Free:784.73 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: () (Fixed) (Total:683.5 GB) (Free:345.89 GB) NTFS

Drive f: () (Fixed) (Total:247.92 GB) (Free:247.51 GB) NTFS

 

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9E9D05B0)

Partition 1: (Active) – (Size=931.5 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C7AAD878)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=683.5 GB) – (Type=07 NTFS)

Partition 3: (Not Active) – (Size=247.9 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt =======================




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

+ 6 = nine