MCAfee detected malware ind Protein.dll | #firefox | #chrome | #microsoftedge

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2021

Ran by Adam (13-11-2021 18:45:03)

Running from C:UsersAdamDownloads

Microsoft Windows 11 Home Version 21H2 22000.318 (X64) (2021-10-21 11:36:13)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Adam (S-1-5-21-4066730514-3672214841-1434503751-1001 – Administrator – Enabled) => C:UsersAdam

Administrator (S-1-5-21-4066730514-3672214841-1434503751-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-4066730514-3672214841-1434503751-503 – Limited – Disabled)

Guest (S-1-5-21-4066730514-3672214841-1434503751-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-4066730514-3672214841-1434503751-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee VirusScan (Enabled – Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}

FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Aplikácie Microsoft 365 pre veľké organizácie – sk-sk (HKLM…O365ProPlusRetail – sk-sk) (Version: 16.0.14527.20234 – Microsoft Corporation)

Discord (HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Discord) (Version: 1.0.9002 – Discord Inc.)

Epic Games Launcher (HKLM-x32…{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Epic Online Services (HKLM-x32…{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 – Epic Games, Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 95.0.4638.69 – Google LLC)

Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Lenovo Vantage Service (HKLM-x32…VantageSRV_is1) (Version: 3.9.23.0 – Lenovo Group Ltd.)

McAfee LiveSafe (HKLM-x32…MSC) (Version: 16.0 R40 – McAfee, LLC)

Microsoft 365 – cs-cz (HKLM…O365HomePremRetail – cs-cz) (Version: 16.0.14527.20234 – Microsoft Corporation)

Microsoft 365 – en-us (HKLM…O365HomePremRetail – en-us) (Version: 16.0.14527.20234 – Microsoft Corporation)

Microsoft 365 – sk-sk (HKLM…O365HomePremRetail – sk-sk) (Version: 16.0.14527.20234 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 95.0.1020.44 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 95.0.1020.44 – Microsoft Corporation)

Microsoft OneDrive (HKLM…OneDriveSetup.exe) (Version: 21.205.1003.0005 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Teams) (Version: 1.4.00.29469 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Grafický ovládač 496.49 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 – NVIDIA Corporation)

NVIDIA Ovládač zvuku HD 1.3.38.92 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 – NVIDIA Corporation)

NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 – NVIDIA Corporation)

NVIDIA USBC Driver 1.46.831.832 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 – Microsoft Corporation) Hidden

Origin (HKLM-x32…Origin) (Version: 10.5.105.49133 – Electronic Arts, Inc.)

Red Dead Redemption 2 (HKLM-x32…Red Dead Redemption 2) (Version: 1.0.1436.28 – Rockstar Games)

Rockstar Games Launcher (HKLM…Rockstar Games Launcher) (Version: 0.0.0.0 – Rockstar Games)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.50.548 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.9.3 – Rockstar Games)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Ubisoft Connect (HKLM-x32…Uplay) (Version: 126.0.10593 – Ubisoft)

WebAdvisor od McAfee (HKLM-x32…{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.648 – McAfee, LLC)

XnConvert 1.94.0 (HKLM…XnConvert_is1) (Version: 1.94.0 – Gougelet Pierre-e)

 

Packages:

=========

AMD Radeon Software -> C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4m [2021-11-05] (Advanced Micro Devices Inc.) [Startup Task]

AV1 Video Extension -> C:Program FilesWindowsAppsMicrosoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)

Lenovo Hotkeys -> C:Program FilesWindowsAppsE0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4 [2021-11-05] (LENOVO INC) [Startup Task]

Lenovo Vantage -> C:Program FilesWindowsAppsE046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-10-25] (LENOVO INC.)

Lively Wallpaper -> C:Program FilesWindowsApps12030rocksdanister.LivelyWallpaper_1.0.78.0_x86__97hta09mmv6hy [2021-10-26] (rocksdanister) [Startup Task]

Nahimic -> C:Program FilesWindowsAppsA-Volute.Nahimic_1.8.9.0_x64__w2gh52qy24etm [2021-09-23] (A-Volute)

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-28] (NVIDIA Corp.)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.24.244.0_x64__dt26b99r8h8gj [2021-11-07] (Realtek Semiconductor Corp)

Rozšírenie pre video MPEG-2 -> C:Program FilesWindowsAppsMicrosoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-12] (Spotify AB) [Startup Task]

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-4066730514-3672214841-1434503751-1001_ClassesCLSID{04271989-C4D2-8D9C-55CF-9A799B34DEF6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKUS-1-5-21-4066730514-3672214841-1434503751-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersAdamAppDataLocalMicrosoftTeamsMeetingAddin1.0.21209.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4066730514-3672214841-1434503751-1001_ClassesCLSID{80172dde-4e20-4df0-81a2-0a48553e80bb}localserver32 -> C:UsersAdamAppDataLocalNhNotifSysnahimicnahimicNotifSys.exe (A-Volute SAS -> A-Volute)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:Program FilesMcAfeeMSCMcCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncShell64.dll [2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:WINDOWSSystem32atiacm64.dll [2021-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_af22935532babf10nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:Program FilesMcAfeeMSCMcCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2021-10-24 12:43 – 2021-10-24 12:43 – 000017920 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarelibEGL.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 003567616 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarelibGLESv2.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000258048 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareWirelessVR-windesktop64.dll

2021-06-16 15:28 – 2021-06-16 15:28 – 000179200 _____ (Fortemedia) [File not signed] C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.24.244.0_x64__dt26b99r8h8gjFMAPOCTL.dll

2021-10-29 18:03 – 2021-10-29 18:03 – 000093184 _____ (Lenovo(beijing) Limited) [File not signed] C:Program FilesWindowsAppsE0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4LaunchUtilitykbdhook.dll

2021-09-18 14:51 – 2020-11-03 04:08 – 000954864 _____ (SQLite Development Team) [File not signed] C:ProgramDataLenovoiMControllerPluginsLenovoWiFiSecurityPluginx86x86e_sqlite3.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000023040 _____ (Synaptics Incorporated.) [File not signed] C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.24.244.0_x64__dt26b99r8h8gjSynAudSrvDll.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll

2021-10-16 19:20 – 2021-10-16 19:20 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqgif.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqicns.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqico.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000414720 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqjpeg.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqsvg.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000024576 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqtga.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqwbmp.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000532992 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqwebp.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 001441792 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsplatformsqwindows.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 001189888 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginssqldriversqsqlite.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000134656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwarepluginsstylesqwindowsvistastyle.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 006184448 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Core.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 006867456 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Gui.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 001104896 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Network.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000325120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Positioning.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 003668480 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Qml.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000517120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5QmlModels.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000051712 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5QmlWorkerScript.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 004228608 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Quick.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5QuickControls2.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 001085440 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5QuickTemplates2.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000205824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Sql.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Svg.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000390656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebEngine.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 095598080 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebEngineCore.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000127488 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebChannel.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 005587968 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Widgets.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000462848 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5WinExtras.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000188928 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5Xml.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 002878464 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQt5XmlPatterns.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000055808 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQmlqmlplugin.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuick.2qtquick2plugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000284160 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickControls.2qtquickcontrols2plugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000333824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickControlsqtquickcontrolsplugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000136704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickDialogsdialogplugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000090112 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickLayoutsqquicklayoutsplugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickTemplates.2qtquicktemplates2plugin.dll

2021-10-24 12:43 – 2021-10-24 12:43 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickWindow.2windowplugin.dll

2021-09-20 20:55 – 2021-09-20 20:55 – 000091648 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareQtWebEngineqtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMCODS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmcpltsvc => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalModuleCoreService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmcapexe => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMcMPFSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMCODS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmcpltsvc => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeaack => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeaack.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeavfk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeavfk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefire => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefirek => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefirek.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfehidk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfehidk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfemms => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeplk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeplk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfetdi2k => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfetdi2k.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfevtp => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkModuleCoreService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = 

HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = 

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Local Page = 

HKUS-1-5-21-4066730514-3672214841-1434503751-1001SoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages = hxxp://mystart.lenovo.com/

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorx64IEPlugin.dll [2021-11-09] (McAfee, LLC -> McAfee, LLC)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorwin32IEPlugin.dll [2021-11-09] (McAfee, LLC -> McAfee, LLC)

Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Filter: application/x-mfe-ipt – {3EF5086B-5478-4598-A054-786C45D75692} – C:Program FilesMcAfeeMSCMcSnIePl64.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

Filter-x32: application/x-mfe-ipt – {3EF5086B-5478-4598-A054-786C45D75692} – C:Program Files (x86)McAfeeMSCMcSnIePl.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-4066730514-3672214841-1434503751-1001…sharepoint.com -> hxxps://uniag1-files.sharepoint.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-12-07 10:14 – 2019-12-07 10:12 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

2021-09-19 19:11 – 2021-10-02 12:34 – 000000673 _____ C:WINDOWSsystem32driversetchosts.ics

2.168.137.99 M2003J15SC-LilLelenc.mshome.net # 2021 9 3 29 5 6 56 630

289

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-4066730514-3672214841-1434503751-1001Control PanelDesktop\Wallpaper -> C:UsersAdamDownloadswp4771634.png

DNS Servers: 193.87.99.130 – 193.87.99.131

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “WSVCUUpdateHelper.exe”

HKLM…StartupApprovedRun: => “Wondershare Helper Compact.exe”

HKLM…StartupApprovedRun32: => “TeamsMachineInstaller”

HKLM…StartupApprovedRun32: => “Wondershare Helper Compact.exe”

HKLM…StartupApprovedRun32: => “TeamsMachineUninstallerLocalAppData”

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…StartupApprovedRun: => “com.squirrel.Teams.Teams”

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…StartupApprovedRun: => “Steam”

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…StartupApprovedRun: => “EpicGamesLauncher”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{C60F9558-9347-4887-9CD6-71E23FCFBCDE}C:usersadamappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersadamappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{EF81A9EB-47FB-4CFB-93E1-1090B623109F}C:usersadamappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersadamappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{05F70E19-1CBF-4AD5-AD42-9E75A43C8F0E}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{57567CB3-2DCB-4CD8-8A4C-736E9C1A2070}] => (Allow) C:Program Files (x86)SteamsteamappscommonDying LightDevToolsDyingLightPlayer.exe => No File

FirewallRules: [{927E349F-FB31-4F55-B06A-E14B1D917B8B}] => (Allow) C:Program Files (x86)SteamsteamappscommonDying LightDevToolsDyingLightPlayer.exe => No File

FirewallRules: [{94461510-A8B2-46B5-8ED6-A5D193A53520}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{DE53D0AB-F06A-4B86-B1A4-5BEDD3E77F0C}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{AE9C7F85-C946-4F5D-806F-D8BF0D9E1FF4}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{F74C0DC2-A5B8-46EE-ADAA-94519D7F6BF8}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{BA4E34CF-8EEE-4A5F-95FD-30CFD192E9E6}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{D7A0BC3C-BD09-43B0-95AF-EC5470A7FDCE}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{7C9DAE25-0E34-4811-984F-50E8EAD5B6F7}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{D70A8A94-3D7B-43F0-BC7D-72354A4235B6}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{6C155468-632A-439E-B09C-588F984429A9}] => (Allow) C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe => No File

FirewallRules: [{ABAB8845-5D62-4625-8B70-E635E15D5A22}] => (Allow) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [{BBEFC85D-7354-489A-AC30-E820D40ABC5A}] => (Allow) C:Program Files (x86)Common FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [{3146AB65-AF09-4ED8-A46B-4AB126D5C008}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{4B2C7F0B-4BFB-4CCB-8F98-40998DAC9F62}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{A63D2B51-7552-4EFA-B27A-CC1A79592CE3}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D396FC45-7C41-40C0-9037-2AC6D2AA0C10}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{F89F1EAC-6BDF-4BD6-AE20-71928BD9B617}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{C73FF566-49A0-4B3B-8BB0-E8E11D318A2F}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9FD37FDE-1E83-4445-80F3-E7459D9C193F}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{16FB42FF-C26E-41B7-A906-8576D645BEC9}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication95.0.1020.44msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{20F6196B-302E-4B76-8881-A2E5AC3CD17E}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{4342B3F0-48DE-4ACD-BF47-EF4CD2D30450}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{AC60C561-95F4-4110-8473-9C440779ECC7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{0CF66836-8A6B-46D7-9AB2-8CCE6DC21F75}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{BB609210-56F9-41E6-B84B-4FC28315BFF2}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{78B14E06-83DD-4283-9DDC-984AAD6E7148}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{4CFA84A2-DD2F-4F49-B23F-FE1C56D2890D}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5798ADE4-7312-4493-8EF4-0205E6B1B1DF}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{149340C2-BD5B-4AB9-9684-01DAE588CF6B}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9C094400-9437-4DBF-A2E1-B00AC8BA38FB}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{ACD2B1A4-4A62-4A87-B756-1AD58769C0C0}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{2507BD3C-0571-40FB-9EB8-C10820B84DE6}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{EEF46490-4A98-4DC1-95A1-42A832C98F86}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{508C86A4-85B0-40D3-8323-F6E6172A195F}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{1D5AB2E2-1C5D-46AC-8136-E45301BE196C}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{06B0B6CA-A8F0-430B-AB2F-8029C745D3C9}] => (Allow) C:Program Files (x86)SteamsteamappscommonTom Clancy’s Rainbow Six SiegeRainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

 

==================== Restore Points =========================

 

02-11-2021 13:08:08 Scheduled Checkpoint

07-11-2021 22:51:18 Inštalátor modulov systému Windows

09-11-2021 07:04:13 Inštalátor modulov systému Windows

11-11-2021 10:31:23 Inštalátor modulov systému Windows

11-11-2021 10:31:56 Inštalátor modulov systému Windows

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (11/13/2021 10:44:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Sat, 13 Nov 2021 09:44:22 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: a94d4000-d07b-4981-a915-7c901a6a6219

 

Method: GET(188ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (11/13/2021 10:44:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Sat, 13 Nov 2021 09:44:20 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: ef8fa0f1-6fbb-4006-ba3c-c810ff8f0f2b

 

Method: GET(485ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (11/13/2021 10:43:52 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

 

Error: (11/13/2021 10:43:52 AM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

]

 

Error: (11/12/2021 10:06:41 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 10.0.22000.120, časová značka: 0xe846e749

Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.22000.318, časová značka: 0xe4273f56

Kód výnimky: 0xc000027b

Odstup chyby: 0x0000000000834450

Identifikácia chybujúceho procesu: 0x4244

Čas spustenia chybujúcej aplikácie: 0x01d7d799e92456e6

Cesta chybujúcej aplikácie: C:WINDOWSExplorer.EXE

Cesta chybujúceho modulu: C:WindowsSystem32Windows.UI.Xaml.dll

Identifikácia hlásenia: f8be99ec-cbc8-44b0-9b4a-049f82722491

Celé meno chybujúceho balíka: 

Identifikácia chybujúcej aplikácie vzhľadom na balík:

 

Error: (11/12/2021 09:45:17 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Názov chybujúcej aplikácie: RocketLeague.exe, verzia: 1.0.10897.0, časová značka: 0x616f79af

Názov chybujúceho modulu: EOSSDK-Win64-Shipping.dll, verzia: 1.13.0.0, časová značka: 0x614289bc

Kód výnimky: 0xc0000005

Odstup chyby: 0x0000000000406ccf

Identifikácia chybujúceho procesu: 0x5810

Čas spustenia chybujúcej aplikácie: 0x01d7d80366f35b63

Cesta chybujúcej aplikácie: C:Program FilesEpic GamesrocketleagueBinariesWin64RocketLeague.exe

Cesta chybujúceho modulu: C:Program FilesEpic GamesrocketleagueBinariesWin64EOSSDK-Win64-Shipping.dll

Identifikácia hlásenia: bcc50e3a-a392-4781-844a-8c0afd6785e8

Celé meno chybujúceho balíka: 

Identifikácia chybujúcej aplikácie vzhľadom na balík:

 

Error: (11/11/2021 04:49:39 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2021.21100.20007.0, časová značka: 0x617093e8

Názov chybujúceho modulu: SharedLibrary.dll, verzia: 2.2.29512.0, časová značka: 0x5fad1a6e

Kód výnimky: 0x80004003

Odstup chyby: 0x00000000007e38de

Identifikácia chybujúceho procesu: 0x3f54

Čas spustenia chybujúcej aplikácie: 0x01d7d713ac2160d6

Cesta chybujúcej aplikácie: C:Program FilesWindowsAppsMicrosoft.Windows.Photos_2021.21100.20007.0_x64__8wekyb3d8bbweMicrosoft.Photos.exe

Cesta chybujúceho modulu: C:Program FilesWindowsAppsMicrosoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbweSharedLibrary.dll

Identifikácia hlásenia: da3a3242-a1ae-4cb0-bde9-c3424c3a1041

Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2021.21100.20007.0_x64__8wekyb3d8bbwe

Identifikácia chybujúcej aplikácie vzhľadom na balík: App

 

Error: (11/11/2021 11:21:47 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Thu, 11 Nov 2021 10:21:47 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: 28d5f751-eb8f-45f2-89d8-2f03c3801fbb

 

Method: GET(188ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

 

System errors:

=============

Error: (11/13/2021 10:40:23 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

Error: (11/13/2021 12:09:19 AM) (Source: DCOM) (EventID: 10010) (User: LENOVOLEGION)

Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

 

Error: (11/12/2021 07:48:49 PM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

Error: (11/12/2021 06:39:47 PM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

Error: (11/12/2021 08:50:12 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

Error: (11/11/2021 10:30:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Služba LenovoVantageService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

 

Error: (11/11/2021 10:25:39 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

Error: (11/10/2021 05:01:55 PM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{19A1CA4B-83FA-4FA9-A845-764E18C7C3BA} because another computer on the network has the same name.  The server could not start.

 

 

Windows Defender:

================

Date: 2021-11-13 11:16:19

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-11-12 12:33:45

Description: 

N/A

 

Date: 2021-11-11 10:36:06

Description: 

N/A

 

Date: 2021-11-08 01:23:11

Description: 

N/A

 

Date: 2021-11-06 22:51:51

Description: 

N/A



CodeIntegrity:

===============

Date: 2021-11-13 18:15:49

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesCommon FilesMcAfeeModuleCoreProtectedModuleHost.exe) attempted to load DeviceHarddiskVolume3Program FilesMcAfee.comAgentWSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements. ਍

 

 

==================== Memory info =========================== 

 

BIOS: LENOVO GKCN44WW 08/30/2021

Motherboard: LENOVO LNVNB161216

Processor: AMD Ryzen 5 5600H with Radeon Graphics 

Percentage of memory in use: 45%

Total physical RAM: 14188.06 MB

Available physical RAM: 7795.28 MB

Total Virtual: 24428.06 MB

Available Virtual: 14198.88 MB

 

==================== Drives ================================

 

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:173.04 GB) NTFS

 

\?Volume{055d62a9-c0d7-4753-b4ae-def42c54618b} (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.45 GB) NTFS

\?Volume{3e013539-96f9-4309-897b-a357d9d66499} (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 476.9 GB) (Disk ID: 9A9D2F26)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021

Ran by Adam (administrator) on LENOVOLEGION (LENOVO 82JU) (13-11-2021 18:44:13)

Running from C:UsersAdamDownloads

Loaded Profiles: Adam

Platform: Microsoft Windows 11 Home Version 21H2 22000.318 (X64) Language: Slovenčina (Slovensko)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryͱ192.inf_amd64_c5a25be7573aa550B369681atieclxx.exe

(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryͱ192.inf_amd64_c5a25be7573aa550B369681atiesrxx.exe

(Advanced Micro Devices Inc.) C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareAMDRSServ.exe

(Advanced Micro Devices Inc.) C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4mradeonsoftwareRadeonSoftware.exe

(A-Volute SAS -> A-Volute) C:UsersAdamAppDataLocalNhNotifSysnahimicnahimicNotifSys.exe

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicService.exe

(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicSvc64.exe

(A-Volute SAS -> Nahimic) C:WindowsSysWOW64NahimicSvc32.exe

(Electronic Arts, Inc. -> Electronic Arts) C:Program Files (x86)OriginOriginWebHelperService.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <13>

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.9.23.0Lenovo.Vantage.AddinHost.exe <4>

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.9.23.0Lenovo.Vantage.AddinHost.x86.exe

(Lenovo -> Lenovo Group Ltd.) C:Program Files (x86)LenovoVantageService3.9.23.0LenovoVantageService.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHostLenovo.Modern.ImController.PluginHost.Device.exe <2>

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHostLenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHost86Lenovo.Modern.ImController.PluginHost.CompanionApp.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerPluginHost86Lenovo.Modern.ImController.PluginHost.Device.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsLenovoImControllerServiceLenovo.Modern.ImController.exe

(Lenovo -> Lenovo Group Ltd.) C:WindowsSystem32driversLenovoudcServiceUDClientService.exe

(Lenovo -> Lenovo(beijing) Limited) C:WindowsSystem32DriverStoreFileRepositorylenovofnandfunctionkeys.inf_amd64_b9fd1528982e300fLenovoUtilityService.exe

(LENOVO INC) C:Program FilesWindowsAppsE0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4LaunchUtilityutility.exe

(McAfee, Inc. -> McAfee LLC.) C:Program FilesCommon FilesMcAfeeAMCoremcshield.exe

(McAfee, Inc. -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe

(McAfee, Inc. -> McAfee, LLC) C:WindowsSystem32mfevtps.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeCSP4.7.101.0McCSPServiceHost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHOST.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeModuleCoreModuleCoreService.exe <3>

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeModuleCoreProtectedModuleHost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeePEFCOREPEFService.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeePlatformMcUICnt.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeVSCore_21_9mcapexe.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMATMcPvTray.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMfeAVMfeAVSvc.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMQSQcShm.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeVULMcVulAlert.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeVULMcVulCtr.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorservicehost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisoruihost.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingApp_2111.1001.3.0_x64__8wekyb3d8bbweXboxAppServices.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwegamingservices.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwegamingservicesnet.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <4>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe

(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:WindowsRtkBtManServ.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderScansMsMpEngCP.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvlti.inf_amd64_af22935532babf10Display.NvContainerNVDisplay.Container.exe <2>

(Realtek Semiconductor Corp) C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.24.244.0_x64__dt26b99r8h8gjRtkUWP.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_bab58491f63abae7RtkAudUService64.exe <2>

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_bab58491f63abae7RtkAudUService64.exe [1235000 2021-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32…Run: [TeamsMachineUninstallerLocalAppData] => C:UsersAdamAppDataLocalMicrosoftTeamsUpdate.exe [2455256 2021-10-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKLM-x32…Run: [TeamsMachineUninstallerProgramData] => %ProgramData%MicrosoftTeamsUpdate.exe –uninstall –msiUninstall –source=default (No File)

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Run: [OneDrive] => C:Program FilesMicrosoft OneDriveOneDrive.exe [2340216 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Run: [com.squirrel.Teams.Teams] => C:UsersAdamappdatalocalmicrosoftteamsUpdate.exe [2455256 2021-10-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)

HKUS-1-5-21-4066730514-3672214841-1434503751-1001…Run: [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33530336 2021-11-12] (Epic Games Inc. -> Epic Games, Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication95.0.4638.69Installerchrmstp.exe [2021-11-02] (Google LLC -> Google LLC)

HKLMSoftware…AuthenticationCredential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0588A223-4A45-46FF-8E8B-86491B71FF71} – System32TasksNahimicTask64 => C:WINDOWSsystem32.NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)

Task: {0B8E6EDE-30FD-40A3-A224-4E75058741AD} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {0BC1DEB1-6FC9-4233-81B4-0102D16D2944} – System32TasksLenovoUDCLenovo UDC Idle Monitor => C:windowssystem32driversLenovoudcServiceUDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

Task: {0F0CE90C-8E2D-4D68-9F5E-958F66BE111D} – System32TasksLenovoImControllerLenovo iM Controller Monitor => C:WINDOWSsystem32ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {1E836ACA-43A6-48CE-81EA-C705682F05BC} – System32TasksLenovoImControllerTimeBasedEvents3e1ca2bd-5b3d-4e9a-90be-1f19f5d34646 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {1EC4AA8A-8E25-4750-99DF-B873BA9E2E41} – System32TasksLenovoUDCLenovo UDC Monitor => C:WINDOWSsystem32driverslenovoudcdataInfBackupUdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

Task: {2023C0FA-B117-40B0-BAB2-EA2714DEF0E9} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {21360F3A-638F-4BBA-A6C3-E708851EF964} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {266685E6-1ADA-4AF0-9D09-BF3E06B225EF} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {38AFC46A-5B61-48E6-AC0B-B4B27A41E4A9} – System32TasksLenovoBatteryGaugeBatteryGaugeMaintenance => C:ProgramDataLenovoImControllerPluginsLenovoBatteryGaugePackagex64BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)

Task: {3ABFBD56-7ADA-4212-9117-3DB5B8ECF53C} – System32TasksNahimicSvc32Run => C:WindowsSysWOW64NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)

Task: {41093C9C-27F8-4CD3-91F9-98FC39CFD490} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {4A6E94FA-87EC-48AE-A038-C37C60AC1400} – System32TasksLenovoImControllerTimeBasedEvents607b28c-2f66-4e69-8ef1-da33f75a2ae4 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {4FF6DB66-53D6-4928-83F6-87AF6206E2AA} – System32TasksMcAfeeMcAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:Program FilesCommon FilesMcAfeeTaskSchedulerMcAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

Task: {50DEA9D1-282E-46AB-975F-E454AB3AB002} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {50EC3CE0-8F1A-4001-95AD-58AE0062915E} – System32TasksNahimicTask32 => C:WINDOWSsystem32..SysWOW64NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)

Task: {54E4EC5D-78B4-4C8F-A55A-217F40D860C1} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5F8D46DB-1E1F-4EA4-A6C3-85B6297B41C8} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)

Task: {603325AA-8320-432C-A757-D59980046A51} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [138600 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {62CC29F7-9BDF-42C1-B632-E6D56B7C4D5A} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {64DED6E8-9B52-44D6-A7CE-37B733C87A47} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {6F452C9D-D8BC-4152-9462-013612CAEA49} – System32TasksLenovoVantageLenovo.Vantage.ServiceMaintainance => %systemroot%system32sc.exe start LenovoVantageService

Task: {736B7F3D-8313-4922-B876-01DF34683F6D} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {74832B75-CDEF-4D9B-A990-7410BAD9D5D6} – System32TasksNahimicSvc64Run => C:Windowssystem32NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)

Task: {76174909-042D-4E6F-928E-B6B97B4879B6} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8314256 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {7825D70D-A58A-4BB7-8DD1-6F8E37B23D6D} – System32TasksMcAfee Subscription job => \?C:Program FilesMcAfeeNexsJobsMcSubscriptionJob.exe [3443096 2021-11-10] (McAfee, LLC -> )

Task: {79A077F0-3486-4DDB-B128-CA96C63135B1} – System32TasksLenovoVantageScheduleLenovoSystemUpdateAddin_WeeklyTask => C:Program Files (x86)LenovoVantageService3.9.23.0ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

Task: {7F97FFE6-61FB-495D-813A-9ECAE0CDD537} – System32TasksMcAfee Remediation (Prepare) => C:Program FilesCommon FilesAVMcAfee VirusScanupgrade.exe [4695104 2021-10-01] (McAfee, LLC -> McAfee, LLC)

Task: {88814527-B405-4929-ACB8-7D3197991CDF} – System32TasksLenovoVantageScheduleVantageTelemetryAddinTask => C:Program Files (x86)LenovoVantageService3.5.27.0ScheduleEventAction.exe VantageTelemetryAddinTask (No File)

Task: {89290DB0-FECB-4FC0-8FDA-05F6B6FE744B} – System32TasksLenovoVantageScheduleDailyTelemetryTransmission => C:Program Files (x86)LenovoVantageService3.9.23.0ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

Task: {94F2A4F9-42B4-4AB3-A6BE-FF9AC19B7338} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {96652722-CDE7-44C7-8F8D-B774E20D7EDA} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8314256 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {99B36AE1-1D9E-44EE-90F2-95C7D2D3A4ED} – System32TasksKpRm-quarantinesKpRm-quarantines-20211025165646 => C:KPRMtasks-quarantineskprm-quarantines.exe quarantines 20211025165646 (No File)

Task: {9BF37FE4-6AEF-4720-9185-000A87661FDE} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-09-18] (Google LLC -> Google LLC)

Task: {9E434413-0397-4194-9457-6CB471D2D7FE} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {A6B37B60-C782-474A-B2E4-228C7E0F2DE5} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [138600 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {B3FA9B09-8340-4FCB-A7CE-7D3A4CC8AB40} – System32TasksLenovoImControllerPluginsLenovoSystemUpdatePlugin_WeeklyTask => %windir%System32reg.exe add hklmSOFTWARELenovoSystemUpdatePluginscheduler /v start /t reg_dword /d 1 /f /reg:32

Task: {BDB4A886-3F37-41B0-87F7-B888CA2D9B1D} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program FilesMicrosoft OneDriveOneDriveStandaloneUpdater.exe [3978624 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {C90EB4BF-133B-4E41-A854-F3CF3A89982B} – System32TasksLenovoVantageScheduleHeartbeatAddinDailyScheduleTask => C:Program Files (x86)LenovoVantageService3.9.23.0ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} – System32TasksMicrosoftWindowsMobile Broadband AccountsMNO Metadata Parser => C:WINDOWSSystem32MbaeParserTask.exe (No File)

Task: {D05ECA75-499E-4FD2-B4E5-5FD0FC743632} – System32TasksLenovoImControllerTimeBasedEventsa759f336-4eaf-4c51-83ab-7a6fc21c61b2 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {D1C6C991-4BC8-46C4-8B9E-8CB18A0F04A9} – System32TasksLenovoImControllerTimeBasedEvents5d4c3770-98f8-4809-8745-479ff1dd5583 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {D4D11B06-744A-4336-91BB-2E4F1A55BE74} – System32TasksLenovoImControllerTimeBasedEventsbacf89d9-a294-4944-ac13-ca53427d3201 => C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

Task: {D7578AE4-A8FB-4922-AE35-E4B6F99FF2BA} – System32TasksMcAfeeMcAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:Program FilesCommon FilesMcAfeeTaskSchedulerMcAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

Task: {E15F98B3-E589-4BF8-A0DC-3650E3327C77} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2021-09-18] (Google LLC -> Google LLC)

Task: {E2FA4F63-0B3F-4400-9D0A-586A916394F5} – System32TasksLenovoImControllerLenovo iM Controller Scheduled Maintenance => “%windir%system32sc.exe” START ImControllerService

Task: {E7C0569F-3E17-45DD-81CB-3D20E32FEA82} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)

Task: {E9B456D1-C9AC-4FB0-B2E1-2251451C9B0F} – System32TasksMcAfeeLogon => C:Program FilesCommon FilesMcAfeePlatformMcUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)

Task: {EAA3AE62-75FB-4AE5-9ACB-260AF3CB7945} – System32TasksMcAfeeDAD.Execute.Updates => C:Program FilesCommon FilesMcAfeeDynamicAppDownloaderDADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)

Task: {EB2E7BDA-F355-4F5C-B211-7D2F67AA8CEA} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {F04C2062-D070-4CFE-9D48-51C4DD87F388} – System32TasksMcAfeeMcAfee DAT Built in test => C:Program FilesCommon FilesMcAfeeAMContentscannersx86_64datrep1.0.12.663mcdatrep.exe [1889696 2021-09-19] (McAfee, Inc. -> McAfee, LLC.)

Task: {F801CE16-5300-44FB-A032-795B91296ADD} – System32TasksOptimize Push Notification Data File-S-1-5-21-4066730514-3672214841-1434503751-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:WINDOWSSystem32wpninprc.dll [45056 2021-06-05] (Microsoft Windows -> Microsoft Corporation)

Task: {F8FDC115-769D-4FE7-8DD2-C9E099743F2F} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 193.87.99.130 193.87.99.131

Tcpip..Interfaces{19a1ca4b-83fa-4fa9-a845-764e18c7c3ba}: [DhcpNameServer] 193.87.99.130 193.87.99.131

Tcpip..Interfaces{38017f18-010e-42df-9b3f-6484d7f13adb}: [DhcpNameServer] 192.168.100.1

 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:UsersAdamAppDataLocalMicrosoftEdgeUser DataDefault [2021-10-21]

 

FireFox:

========

FF HKLM…ThunderbirdExtensions: [msktbird@mcafee.com] – C:Program FilesMcAfeeMSKHKLM => not found

FF HKLM-x32…ThunderbirdExtensions: [msktbird@mcafee.com] – C:Program FilesMcAfeeMSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) – C:Program FilesMcAfeeMSK [2021-11-03] [Legacy] [not signed]

FF Plugin: @mcafee.com/MSC,version=10 -> C:Program FilesMcAfeeMSCnpMcSnFFPl64.dll [2021-10-22] (McAfee, LLC -> )

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:Program Files (x86)McAfeeMSCnpMcSnFFPl.dll [2021-10-22] (McAfee, LLC -> )

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersAdamAppDataLocalGoogleChromeUser DataDefault [2021-11-13]

CHR Extension: (Prezentácie) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-09-18]

CHR Extension: (Dokumenty) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-09-18]

CHR Extension: (Disk Google) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-09-18]

CHR Extension: (YouTube) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-18]

CHR Extension: (Tabuľky) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-09-18]

CHR Extension: (Dokumenty Google v režime offline) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]

CHR Extension: (AdBlock – najlepší blokovač reklám) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-11-12]

CHR Extension: (Platby Internetového obchodu Chrome) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-09-18]

CHR Extension: (Gmail) – C:UsersAdamAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-09-18]

CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8912272 2021-11-09] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [803440 2021-10-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [16029472 2021-11-02] (Epic Games Inc. -> Epic Games, Inc.)

S3 FileSyncHelper; C:Program FilesMicrosoft OneDrive21.205.1003.0005FileSyncHelper.exe [3253120 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

R2 ImControllerService; C:WINDOWSLenovoImControllerServiceLenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)

R2 LenovoFnAndFunctionKeys; C:WINDOWSSystem32DriverStoreFileRepositorylenovofnandfunctionkeys.inf_amd64_b9fd1528982e300fLenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)

R2 LenovoVantageService; C:Program Files (x86)LenovoVantageService3.9.23.0LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [971504 2021-11-09] (McAfee, LLC -> McAfee, LLC)

R2 McAPExe; C:Program FilesCommon FilesMcAfeeVSCore_21_9McApExe.exe [797576 2021-10-22] (McAfee, LLC -> McAfee, LLC)

S3 McAWFwk; C:Program FilesCommon FilesMcAfeeActWizMcAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)

R2 mccspsvc; C:Program FilesCommon FilesMcAfeeCSP4.7.101.0\McCSPServiceHost.exe [2845608 2021-10-12] (McAfee, LLC -> McAfee, LLC)

S3 McSecDashboardService; C:Program FilesMcAfeeDashboardMcSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)

S3 mfefire; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R2 mfemms; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R3 mfevtp; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R2 ModuleCoreService; C:Program FilesCommon FilesMcAfeeModuleCoreModuleCoreService.exe [1677024 2021-10-23] (McAfee, LLC -> McAfee, LLC)

R2 NahimicService; C:WINDOWSsystem32NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic)

S3 OneDrive Updater Service; C:Program FilesMicrosoft OneDrive21.205.1003.0005OneDriveUpdaterService.exe [3721600 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2557144 2021-10-16] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3475680 2021-10-16] (Electronic Arts, Inc. -> Electronic Arts)

R2 PEFService; C:Program FilesCommon FilesMcAfeePEFCOREPEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)

S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [2406192 2021-11-10] (Rockstar Games, Inc. -> Rockstar Games)

R2 UDCService; C:WINDOWSSystem32driversLenovoudcServiceUDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_af22935532babf10Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvlti.inf_amd64_af22935532babf10Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 cfwids; C:WINDOWSSystem32driverscfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

S3 FBNetFilter; C:WINDOWSSystem32driversFBNetFlt.sys [52688 2020-05-22] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)

R2 McPvDrv; C:WINDOWSsystem32driversMcPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)

R3 mfeaack; C:WINDOWSSystem32driversmfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfeavfk; C:WINDOWSSystem32driversmfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

S0 mfeelamk; C:WINDOWSSystem32driversmfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)

R3 mfefirek; C:WINDOWSSystem32driversmfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfehidk; C:WINDOWSSystem32driversmfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfencbdc; C:WINDOWSSystem32DRIVERSmfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

S3 mfencrk; C:WINDOWSSystem32DRIVERSmfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

R3 mfeplk; C:WINDOWSSystem32driversmfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfewfpk; C:WINDOWSSystem32driversmfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 NahimicBTLink; C:WINDOWSSystem32driversNahimicBTLink.sys [85424 2021-08-15] (A-Volute SAS -> Windows ® Win 7 DDK provider)

R3 Nahimic_Mirroring; C:WINDOWSSystem32driversNahimic_Mirroring.sys [85592 2020-06-19] (A-Volute -> Windows ® Win 7 DDK provider)

R3 nvpcf; C:WINDOWSSystem32driversnvpcf.sys [208512 2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation)

S1 WinSetupMon; system32DRIVERSWinSetupMon.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-13 18:44 – 2021-11-13 18:44 – 000032278 _____ C:UsersAdamDownloadsFRST.txt

2021-11-13 18:44 – 2021-11-13 18:44 – 000000000 ____D C:FRST

2021-11-13 18:43 – 2021-11-13 18:43 – 002312192 _____ (Farbar) C:UsersAdamDownloadsFRST64.exe

2021-11-13 14:17 – 2021-11-13 14:24 – 000007602 _____ C:UsersAdamAppDataLocalResmon.ResmonCfg

2021-11-13 10:49 – 2021-11-13 10:49 – 000003112 _____ C:WINDOWSsystem32TasksNahimicTask32

2021-11-11 10:33 – 2021-11-11 10:33 – 000286720 _____ C:WINDOWSsystem32AggregatorHost.exe

2021-11-11 10:33 – 2021-11-11 10:33 – 000258048 _____ C:WINDOWSsystem32CoreMas.dll

2021-11-11 10:33 – 2021-11-11 10:33 – 000215552 _____ C:WINDOWSsystem32CloudIdWxhExtension.dll

2021-11-11 10:33 – 2021-11-11 10:33 – 000208896 _____ C:WINDOWSsystem32IHDS.dll

2021-11-11 10:33 – 2021-11-11 10:33 – 000167936 _____ C:WINDOWSsystem32TpmTool.exe

2021-11-11 10:33 – 2021-11-11 10:33 – 000121344 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-11-11 10:33 – 2021-11-11 10:33 – 000077824 _____ C:WINDOWSsystem32runexehelper.exe

2021-11-11 10:33 – 2021-11-11 10:33 – 000024576 _____ C:WINDOWSsystem32nrtapi.dll

2021-11-11 10:33 – 2021-11-11 10:33 – 000014756 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-11 10:33 – 2021-11-11 10:33 – 000006656 _____ C:WINDOWSSysWOW64nrtapi.dll

2021-11-11 10:31 – 2021-11-11 10:31 – 000000000 ___HD C:$WinREAgent

2021-11-09 07:17 – 2021-11-13 10:49 – 000003092 _____ C:WINDOWSsystem32TasksNahimicTask64

2021-11-08 17:46 – 2021-11-08 17:46 – 000000000 ____D C:UsersAdamAppDataLocalLowInnersloth

2021-11-06 16:39 – 2021-11-06 16:39 – 000000000 ____H C:WINDOWSsystem32DriversMsft_User_WpdMtpDr_01_11_00.Wdf

2021-11-05 10:24 – 2021-11-12 13:59 – 000000000 ____D C:UsersAdamDocumentsVEGAS

2021-11-05 10:03 – 2021-11-05 10:25 – 000000000 ____D C:UsersAdamAppDataRoamingVEGAS

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataRoamingVEGAS Pro

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataLocalVEGAS Pro

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataLocalSony

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataLocalPlugin.OfxStitch

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataLocalPlugin.ofx360Stabilizer

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:UsersAdamAppDataLocalPlugin.MxOfxRotation

2021-11-05 10:03 – 2021-11-05 10:03 – 000000000 ____D C:ProgramDataVEGAS Pro

2021-11-05 09:56 – 2021-11-07 00:07 – 000000000 ____D C:VEGAS pro 16

2021-11-03 14:02 – 2021-11-03 14:02 – 000000000 ____D C:UsersAdamAppDataLocalDBG

2021-11-03 14:02 – 2021-11-03 14:02 – 000000000 ____D C:UsersAdamAppDataLocalCrashReportClient

2021-11-02 18:10 – 2021-11-02 18:10 – 000000000 ____D C:UsersAdamAppDataLocalRocket League

2021-11-02 13:59 – 2021-11-02 13:59 – 000000000 ____D C:Program FilesEpic Games

2021-11-02 13:39 – 2021-11-02 13:39 – 000000000 ____D C:UsersAdamAppDataLocalEpicGamesLauncher

2021-11-02 13:38 – 2021-11-02 13:38 – 000001270 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk

2021-11-01 09:42 – 2021-11-01 09:55 – 000003020 _____ C:WINDOWSsystem32TasksOptimize Push Notification Data File-S-1-5-21-4066730514-3672214841-1434503751-1001

2021-10-28 12:39 – 2021-06-01 06:28 – 017869208 _____ C:WINDOWSsystem32RsDMFT_Assets.dll

2021-10-28 12:39 – 2021-06-01 06:28 – 009744808 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32RsDMFT64.dll

2021-10-28 11:16 – 2021-10-21 18:49 – 001874648 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-10-28 11:16 – 2021-10-21 18:49 – 001874648 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-10-28 11:16 – 2021-10-21 18:49 – 001450232 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-10-28 11:16 – 2021-10-21 18:49 – 001450232 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-10-28 11:16 – 2021-10-21 18:49 – 001206384 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-10-28 11:16 – 2021-10-21 18:49 – 001111256 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-10-28 11:16 – 2021-10-21 18:49 – 001111256 _____ C:WINDOWSsystem32vulkan-1.dll

2021-10-28 11:16 – 2021-10-21 18:49 – 000965336 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-10-28 11:16 – 2021-10-21 18:49 – 000965336 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 001523336 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 001172608 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 000800368 _____ C:WINDOWSsystem32nvofapi64.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 000707728 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-10-28 11:16 – 2021-10-21 18:45 – 000676480 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 000656512 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 000635000 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-10-28 11:16 – 2021-10-21 18:45 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 008724080 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 007843984 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 004938896 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 002850416 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 002114688 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 001597584 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 000981112 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 000792208 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-10-28 11:16 – 2021-10-21 18:44 – 000452216 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-10-28 11:16 – 2021-10-21 18:43 – 005727376 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-10-28 11:16 – 2021-10-21 18:43 – 000849016 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-10-28 11:16 – 2021-10-21 18:39 – 006430824 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-10-28 11:16 – 2021-10-21 01:48 – 000085748 _____ C:WINDOWSsystem32nvinfo.pb

2021-10-25 15:56 – 2021-10-25 15:56 – 000000000 ____D C:WINDOWSsystem32TasksKpRm-quarantines

2021-10-24 18:54 – 2021-10-24 18:54 – 000000000 ____D C:UsersAdamAppDataLocalESET

2021-10-24 12:42 – 2021-02-07 23:13 – 000018824 _____ C:WINDOWSsystem32RtEventLog.dll

2021-10-24 12:42 – 2021-02-07 23:03 – 044744141 _____ C:WINDOWSsystem32DriversRTAIODAT.DAT

2021-10-22 13:11 – 2021-10-22 13:11 – 000001408 _____ C:UsersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-10-21 12:40 – 2021-11-13 10:51 – 000911928 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-10-21 12:38 – 2021-10-21 12:38 – 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime

2021-10-21 12:38 – 2021-10-21 12:38 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-10-21 12:36 – 2021-10-21 12:36 – 000000020 ___SH C:UsersAdamntuser.ini

2021-10-21 12:35 – 2021-11-13 18:16 – 000000000 ____D C:WINDOWSsystem32TasksMcAfee

2021-10-21 12:35 – 2021-11-13 11:04 – 000003336 _____ C:WINDOWSsystem32TasksMcAfee Subscription job

2021-10-21 12:35 – 2021-11-13 10:44 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-10-21 12:35 – 2021-11-07 18:55 – 000003194 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task

2021-10-21 12:35 – 2021-11-03 18:43 – 000003710 _____ C:WINDOWSsystem32TasksMcAfee Remediation (Prepare)

2021-10-21 12:35 – 2021-11-03 17:47 – 000003316 _____ C:WINDOWSsystem32TasksMcAfeeLogon

2021-10-21 12:35 – 2021-10-21 12:35 – 000011433 _____ C:WINDOWSdiagwrn.xml

2021-10-21 12:35 – 2021-10-21 12:35 – 000011433 _____ C:WINDOWSdiagerr.xml

2021-10-21 12:35 – 2021-10-21 12:35 – 000003504 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-10-21 12:35 – 2021-10-21 12:35 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000003386 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-10-21 12:35 – 2021-10-21 12:35 – 000003280 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-10-21 12:35 – 2021-10-21 12:35 – 000003196 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000003162 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-10-21 12:35 – 2021-10-21 12:35 – 000003152 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-21 12:35 – 2021-10-21 12:35 – 000002342 _____ C:WINDOWSsystem32TasksNahimicSvc64Run

2021-10-21 12:35 – 2021-10-21 12:35 – 000002342 _____ C:WINDOWSsystem32TasksNahimicSvc32Run

2021-10-21 12:35 – 2021-10-21 12:35 – 000000000 ____D C:WINDOWSsystem32TasksLenovo

2021-10-21 12:35 – 2021-06-16 16:17 – 000002854 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2847066902-657963183-2657575289-500

2021-10-21 12:35 – 2020-11-27 02:06 – 000003390 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2623500204-34688127-2264388554-500

2021-10-21 12:35 – 2020-11-19 08:38 – 000003394 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3538912014-3826891016-3662973680-500

2021-10-21 12:31 – 2021-11-13 12:28 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-10-21 12:31 – 2021-11-11 11:21 – 000497144 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-10-21 12:30 – 2021-09-28 15:02 – 001088512 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfehidk.sys

2021-10-21 12:30 – 2021-09-28 15:02 – 000256512 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfewfpk.sys

2021-10-21 12:30 – 2021-09-28 15:02 – 000090048 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfeelamk.sys

2021-10-21 12:24 – 2021-10-21 12:31 – 000000000 ____D C:WINDOWSsystem32configbbimigrate

2021-10-21 12:22 – 2021-11-11 11:21 – 000000000 ____D C:UsersAdam

2021-10-21 12:22 – 2021-06-05 13:04 – 000001281 _____ C:UsersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools.lnk

2021-10-21 12:22 – 2021-06-05 13:04 – 000000407 _____ C:UsersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsFile Explorer.lnk

2021-10-21 12:20 – 2021-10-24 13:16 – 000000000 ____D C:WINDOWSsystem32AMD

2021-10-21 12:20 – 2021-10-21 12:20 – 000000000 ____D C:WINDOWSsystem32DriversLenovo

2021-10-21 12:20 – 2021-10-21 12:20 – 000000000 ____D C:WINDOWSsystem32A-Volute

2021-10-21 12:20 – 2021-10-21 12:20 – 000000000 ____D C:WINDOWSLenovo

2021-10-21 12:18 – 2021-10-21 12:23 – 000000000 ____D C:WINDOWSServiceProfiles

2021-10-21 11:58 – 2021-10-21 11:58 – 000617648 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-10-21 11:58 – 2021-10-21 11:58 – 000425984 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll

2021-10-21 11:58 – 2021-10-21 11:58 – 000267264 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Dialogs.dll

2021-10-21 11:58 – 2021-10-21 11:58 – 000253952 _____ (Microsoft Corporation) C:WINDOWSsystem32ssText3d.scr

2021-10-21 11:58 – 2021-10-21 11:58 – 000221184 _____ C:WINDOWSSysWOW64Microsoft.Internal.FrameworkUdk.System.dll

2021-10-21 11:58 – 2021-10-21 11:58 – 000009522 _____ C:WINDOWSsystem32ResPriUHMImageList

2021-10-21 11:58 – 2021-10-21 11:58 – 000009522 _____ C:WINDOWSsystem32ResPriImageList

2021-10-21 11:58 – 2021-10-21 11:58 – 000009522 _____ C:WINDOWSsystem32ResPriHMImageList

2021-10-21 11:58 – 2021-10-21 11:58 – 000009402 _____ C:WINDOWSsystem32ResPriHMImageListLowCost

2021-10-21 11:58 – 2021-10-21 11:58 – 000008964 _____ C:WINDOWSsystem32ResPriLMImageList

2021-10-21 11:58 – 2021-10-21 11:58 – 000008870 _____ C:WINDOWSsystem32ResPriImageListLowCost

2021-10-21 11:58 – 2021-10-21 11:58 – 000003366 _____ C:WINDOWSSysWOW64AppxProvisioning.xml

2021-10-21 11:57 – 2021-10-21 11:57 – 000360448 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll

2021-10-21 11:57 – 2021-10-21 11:57 – 000335872 _____ C:WINDOWSsystem32Windows.Internal.UI.Dialogs.dll

2021-10-21 11:57 – 2021-10-21 11:57 – 000180224 _____ C:WINDOWSsystem32CloudExperienceHostRedirection.dll

2021-10-21 11:57 – 2021-10-21 11:57 – 000099560 _____ C:WINDOWSsystem32wow64con.dll

2021-10-21 11:57 – 2021-10-21 11:57 – 000041594 _____ C:WINDOWSSysWOW64ctac.json

2021-10-21 11:57 – 2021-10-21 11:57 – 000036864 _____ C:WINDOWSsystem32umpodev.dll

2021-10-21 11:57 – 2021-10-21 11:57 – 000003366 _____ C:WINDOWSsystem32AppxProvisioning.xml

2021-10-21 11:56 – 2021-10-21 11:56 – 000727576 _____ C:WINDOWSsystem32TextShaping.dll

2021-10-21 11:56 – 2021-10-21 11:56 – 000614400 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2021-10-21 11:56 – 2021-10-21 11:56 – 000311296 _____ C:WINDOWSsystem32Microsoft.Internal.FrameworkUdk.System.dll

2021-10-21 11:56 – 2021-10-21 11:56 – 000172032 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-10-21 11:56 – 2021-10-21 11:56 – 000041594 _____ C:WINDOWSsystem32ctac.json

2021-10-21 11:33 – 2021-10-21 11:33 – 000000000 ____D C:Program FilesReference Assemblies

2021-10-21 11:33 – 2021-10-21 11:33 – 000000000 ____D C:Program FilesMSBuild

2021-10-21 11:33 – 2021-10-21 11:33 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-10-21 11:33 – 2021-10-21 11:33 – 000000000 ____D C:Program Files (x86)MSBuild

2021-10-21 11:15 – 2021-10-21 11:15 – 000008192 _____ C:WINDOWSsystem32configuserdiff

2021-10-21 10:36 – 2021-11-02 13:03 – 000000000 ___DC C:WINDOWSPanther

2021-10-19 06:11 – 2021-10-19 06:13 – 000000000 ____D C:ProgramDataMcInstTemp0094481634620317

2021-10-17 09:09 – 2021-10-17 09:09 – 000000000 ____D C:UsersAdamAppDataLocalEOSInstallHelper

2021-10-16 19:21 – 2021-10-16 19:21 – 000000000 ____D C:Program Files (x86)Origin Games

2021-10-16 19:20 – 2021-10-16 19:20 – 000000000 ____D C:ProgramDataElectronic Arts

2021-10-16 19:20 – 2021-10-16 19:20 – 000000000 ____D C:Program Files (x86)Origin

2021-10-14 14:26 – 2021-10-14 14:26 – 000000000 ____D C:UsersAdamAppDataLocalmbam

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-13 18:15 – 2021-09-20 20:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee

2021-11-13 18:11 – 2021-10-01 13:10 – 000000000 ____D C:UsersAdamAppDataLocalUbisoft Game Launcher

2021-11-13 18:11 – 2021-09-19 16:21 – 000000000 ____D C:Program Files (x86)Steam

2021-11-13 17:46 – 2021-09-18 14:52 – 000000000 ____D C:Program Files (x86)Google

2021-11-13 17:33 – 2021-06-16 15:26 – 000000000 ____D C:ProgramDataNVIDIA

2021-11-13 17:33 – 2021-06-05 13:10 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-11-13 17:32 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSystemTemp

2021-11-13 17:08 – 2021-09-19 16:15 – 000000000 ____D C:UsersAdamAppDataRoamingdiscord

2021-11-13 17:07 – 2021-09-19 16:15 – 000000000 ____D C:UsersAdamAppDataLocalDiscord

2021-11-13 13:02 – 2021-09-17 16:06 – 000000000 ____D C:UsersAdamAppDataLocalD3DSCache

2021-11-13 13:02 – 2021-06-05 13:09 – 000000000 ____D C:WINDOWSINF

2021-11-13 10:52 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-13 10:51 – 2021-09-19 19:27 – 000064862 _____ C:WINDOWSsystem32perfh01B.dat

2021-11-13 10:51 – 2021-09-19 19:27 – 000016590 _____ C:WINDOWSsystem32perfc01B.dat

2021-11-13 10:45 – 2021-09-21 05:30 – 000000000 __RSD C:UsersAdamDocumentsTrezory McAfee

2021-11-13 10:44 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSServiceState

2021-11-13 10:44 – 2020-11-27 01:59 – 000012288 ___SH C:DumpStack.log.tmp

2021-11-13 10:43 – 2021-06-05 13:01 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-11-12 22:24 – 2021-09-23 23:37 – 000000000 ____D C:UsersAdamDocumentsMy Games

2021-11-12 22:06 – 2021-09-18 12:27 – 000000000 ____D C:UsersAdamAppDataLocalCrashDumps

2021-11-12 16:06 – 2021-06-05 13:10 – 000000000 ___HD C:Program FilesWindowsApps

2021-11-12 09:10 – 2021-09-18 01:59 – 000000000 ____D C:UsersAdamAppDataLocalPackages

2021-11-11 18:24 – 2021-06-05 13:01 – 000008192 _____ C:WINDOWSsystem32configELAM

2021-11-11 16:11 – 2021-09-29 23:52 – 000000000 ____D C:Plocha

2021-11-11 11:21 – 2021-06-16 15:30 – 000000000 ____D C:Program Files (x86)McAfee

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSystemResources

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSShellComponents

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-11-11 11:21 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-11 11:21 – 2021-06-05 13:01 – 000000000 ____D C:WINDOWSservicing

2021-11-11 10:35 – 2021-09-20 12:08 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-11 10:34 – 2021-09-20 12:08 – 141529560 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-11-11 10:34 – 2021-06-05 13:01 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-10 13:13 – 2021-09-18 02:00 – 000000000 ____D C:UsersAdamAppDataLocalNVIDIA Corporation

2021-11-10 11:15 – 2021-09-24 00:08 – 000000000 ____D C:UsersAdamAppDataLocalBattlEye

2021-11-10 11:03 – 2021-06-16 15:30 – 000000000 ____D C:ProgramDataMcAfee

2021-11-09 23:17 – 2021-09-17 18:52 – 000000000 ____D C:UsersAdamAppDataLocalElevatedDiagnostics

2021-11-08 11:21 – 2021-10-06 19:08 – 000000000 ____D C:Program FilesMicrosoft OneDrive

2021-11-07 21:03 – 2020-11-19 08:32 – 000002455 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-11-07 18:55 – 2021-09-18 15:30 – 000002131 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-05 10:03 – 2021-09-29 21:09 – 000000000 ____D C:UsersAdamAppDataLocalMAGIX

2021-11-05 10:03 – 2021-09-29 21:06 – 000000000 ____D C:ProgramDataVEGAS

2021-11-05 10:03 – 2021-09-29 21:03 – 000000000 ____D C:UsersAdamAppDataRoamingMAGIX

2021-11-05 08:47 – 2021-06-05 13:10 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-11-04 15:37 – 2021-09-18 02:01 – 000000000 ___RD C:UsersAdamOneDrive

2021-11-04 10:07 – 2021-09-17 11:14 – 002220464 _____ (Microsoft Corporation) C:WINDOWSsystem32xgameruntime.dll

2021-11-04 10:06 – 2021-09-17 11:14 – 000217520 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingservicesproxy.dll

2021-11-04 10:06 – 2021-09-17 11:14 – 000131072 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll

2021-11-04 10:05 – 2021-09-17 11:14 – 000324016 _____ (Microsoft Corporation) C:WINDOWSsystem32gameplatformservices.dll

2021-11-04 10:05 – 2021-09-17 11:14 – 000197048 _____ (Microsoft Corporation) C:WINDOWSsystem32gameconfighelper.dll

2021-11-04 10:05 – 2021-09-17 11:14 – 000061872 _____ (Microsoft Corporation) C:WINDOWSsystem32gamemodcontrol.exe

2021-11-03 17:48 – 2021-06-16 15:30 – 000000000 ____D C:Program FilesCommon FilesMcAfee

2021-11-02 22:38 – 2020-11-19 08:30 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-11-02 13:44 – 2021-09-19 21:43 – 000000000 ____D C:ProgramDataEpic

2021-11-02 13:39 – 2021-09-19 21:43 – 000000000 ____D C:Program Files (x86)Epic Games

2021-11-02 10:20 – 2021-09-18 14:53 – 000002270 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-10-29 18:05 – 2021-06-16 15:22 – 000000000 ____D C:Program FilesMicrosoft Office

2021-10-28 11:19 – 2021-09-17 13:25 – 000000000 ____D C:UsersAdamAppDataLocalNVIDIA

2021-10-25 19:35 – 2021-09-19 16:55 – 000000000 ____D C:Program Files (x86)Rockstar Games

2021-10-25 19:35 – 2021-09-19 16:54 – 000000000 ____D C:Program FilesRockstar Games

2021-10-23 13:08 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSappcompat

2021-10-22 09:22 – 2020-11-19 08:33 – 000000000 ____D C:ProgramDataPackages

2021-10-22 09:16 – 2021-09-18 14:52 – 000000000 ____D C:UsersAdamAppDataLocalPlaceholderTileLogoFolder

2021-10-21 18:49 – 2021-10-13 06:41 – 001464952 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-10-21 18:39 – 2021-10-13 06:41 – 007578560 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-10-21 18:17 – 2021-06-05 13:10 – 000000000 ___RD C:WINDOWSPrintDialog

2021-10-21 12:36 – 2020-11-19 08:33 – 000000000 __RHD C:UsersPublicAccountPictures

2021-10-21 12:35 – 2021-06-05 13:10 – 000000000 ____D C:Program FilesWindows Defender

2021-10-21 12:33 – 2021-06-05 13:10 – 000000000 __RHD C:UsersPublicLibraries

2021-10-21 12:33 – 2021-06-05 13:10 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-10-21 12:32 – 2021-06-16 15:26 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-10-21 12:32 – 2021-06-05 13:10 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-10-21 12:31 – 2021-10-09 22:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsXnConvert

2021-10-21 12:31 – 2021-09-19 16:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSteam

2021-10-21 12:31 – 2021-09-19 16:15 – 000000000 ____D C:UsersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-10-21 12:31 – 2021-09-18 15:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNástroje balíka Microsoft Office

2021-10-21 12:31 – 2021-06-16 15:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-10-21 12:31 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-10-21 12:31 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32spool

2021-10-21 12:31 – 2021-06-05 13:08 – 000028672 _____ C:WINDOWSsystem32configBCD-Template

2021-10-21 12:31 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32Tasks_Migrated

2021-10-21 12:31 – 2019-12-07 10:14 – 000000000 ____D C:WINDOWSsystem32MsDtc

2021-10-21 12:29 – 2021-06-05 13:14 – 000000000 ____D C:WINDOWSSetup

2021-10-21 12:26 – 2021-06-05 13:10 – 000000000 ____D C:ProgramDataUSOPrivate

2021-10-21 12:23 – 2021-10-01 13:10 – 000000000 ____D C:UsersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsUbisoft

2021-10-21 12:14 – 2021-06-05 19:04 – 000000000 ____D C:Program FilesWindows Photo Viewer

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ___SD C:WINDOWSsystem32F12

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64vi-VN

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64lv-LV

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64lt-LT

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64id-ID

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64gl-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64eu-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64et-EE

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64es-MX

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSSysWOW64ca-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32vi-VN

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32ShellExperiences

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32id-ID

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32gl-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32eu-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32Dism

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32ca-ES

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSShellExperiences

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSProvisioning

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSDiagTrack

2021-10-21 12:14 – 2021-06-05 13:10 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-10-21 12:12 – 2021-06-05 19:04 – 000032768 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll

2021-10-21 12:12 – 2021-06-05 19:04 – 000021047 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml

2021-10-21 11:49 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSOCR

2021-10-21 11:43 – 2021-06-05 19:04 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer

2021-10-21 11:43 – 2021-06-05 18:57 – 000000000 ____D C:WINDOWSSysWOW64WCN

2021-10-21 11:43 – 2021-06-05 18:57 – 000000000 ____D C:WINDOWSsystem32WCN

2021-10-21 11:43 – 2021-06-05 13:10 – 000000000 ___SD C:WINDOWSSysWOW64F12

2021-10-21 11:43 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-10-21 11:43 – 2021-06-05 13:10 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-10-21 11:43 – 2021-06-05 13:10 – 000000000 ____D C:Program Files (x86)Windows Defender

2021-10-21 01:48 – 2021-10-13 06:43 – 000208512 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvpcf.sys

2021-10-19 06:11 – 2021-06-16 15:30 – 000000000 ____D C:Program FilesMcAfee

2021-10-16 19:46 – 2021-09-29 15:02 – 000000000 ____D C:ProgramDataOrigin

2021-10-16 19:45 – 2021-09-29 15:02 – 000000000 ____D C:UsersAdamAppDataRoamingOrigin

2021-10-16 19:21 – 2021-09-29 15:02 – 000000000 ____D C:UsersAdamAppDataLocalOrigin

2021-10-14 16:54 – 2021-10-09 22:21 – 000000000 ____D C:UsersAdamAppDataRoamingXnConvert

2021-10-14 11:19 – 2021-09-19 16:44 – 000002161 _____ C:WINDOWSsystem32InstallUtil.InstallLog

 

==================== Files in the root of some directories ========

 

2021-11-13 14:17 – 2021-11-13 14:24 – 000007602 _____ () C:UsersAdamAppDataLocalResmon.ResmonCfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

81 + = eighty two