Something just not quite right | #firefox | #chrome | #microsoftedge

Let me say first of all, thank you for reading.  I did read the post titled ‘preparation guide for use before using…’ so I did not just come here, run the scans and not follow the directions.

 

I can’t put my finger on what may, if anything, is going on with my system, something just feels off and a bit sluggish at times.  I cleaned the system inside good, and did some of the basic steps that I know of to try to help, cache, ccleaner, etc.  But that didn’t really help.

 

Any thing you see that may be questionable, please let me know.  Appreciate your help and Happy Holidays to all!!!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021

Ran by blles (administrator) on DESKTOP-5G4HP4P (HP OMEN by HP Desktop PC 870-2XX) (16-11-2021 10:26:03)

Running from C:UsersbllesDownloads

Loaded Profiles: blles

Platform: Microsoft Windows 11 Home Version 21H2 22000.318 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() [File not signed] C:UsersbllesAppDataLocalProgramsElevenClockElevenClock.exe <2>

() [File not signed] C:UsersbllesDownloadshjred103HijackReader.exe

(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe

(Discord Inc. -> Discord Inc.) C:UsersbllesAppDataLocalDiscordapp-1.0.9003Discord.exe <6>

(Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherEngineBinariesWin64EpicWebHelper.exe <2>

(Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe

(Google LLC -> ) C:Program FilesGoogleDrive File Stream53.0.4.0crashpad_handler.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <44>

(Hewlett-Packard Company -> HP Development Company, L.P.) C:Program Files (x86)HPHPPhoenixCtrlHPWMISVC.exe

(HP Inc. -> HP Inc.) C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe

(HP Inc. -> HP Inc.) C:Program Files (x86)HPHP JumpStart BridgeHPJumpStartBridge.exe

(HP Inc. -> HP Inc.) C:Program Files (x86)HPHPAudioSwitchHPAudioSwitch.exe

(HP Inc. -> HP Inc.) C:Program FilesHPCommRecoveryHPCommRecovery.exe

(Intel Corporation -> Intel® Corporation) C:WindowsSysWOW64XtuService.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_7c484f80872e1cd8jhi_service.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe

(McAfee, Inc. -> McAfee LLC.) C:Program FilesCommon FilesMcAfeeAMCoremcshield.exe

(McAfee, Inc. -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe

(McAfee, Inc. -> McAfee, LLC) C:WindowsSystem32mfevtps.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeCSP4.7.101.0McCSPServiceHost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHOST.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeModuleCoreModuleCoreService.exe <3>

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeModuleCoreProtectedModuleHost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeePEFCOREPEFService.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeePlatformMcUICnt.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesCommon FilesMcAfeeVSCore_21_9mcapexe.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMATMcPvTray.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMfeAVMfeAVSvc.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMQSQcShm.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeMSCMfeBrowserHost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeVULMcVulCtr.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorbrowserhost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisorservicehost.exe

(McAfee, LLC -> McAfee, LLC) C:Program FilesMcAfeeWebAdvisoruihost.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeWebViewApplication95.0.1020.53msedgewebview2.exe <6>

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwegamingservices.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwegamingservicesnet.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbweNotepadNotepad.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(nordvpn s.a. -> TEFINCOM S.A.) C:Program FilesNordVPNNordVPN.exe

(nordvpn s.a. -> TEFINCOM S.A.) C:Program FilesNordVPNnordvpn-service.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvhdc.inf_amd64_75e4d75cf672cb89Display.NvContainerNVDisplay.Container.exe <2>

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Common FilesOverwolf.184.0.35OverwolfHelper.exe

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Common FilesOverwolf.184.0.35OverwolfHelper64.exe

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Overwolf.184.0.35OverwolfBrowser.exe <3>

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)OverwolfOverwolf.exe

(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanerCCleaner64.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamsteamservice.exe

(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

(Wargaming.net Limited -> Wargaming.net) C:ProgramDataWargaming.netGameCenterdllswgc_renderer_host.exe <3>

(Wargaming.net Limited -> Wargaming.net) C:ProgramDataWargaming.netGameCenterwargamingerrormonitor.exe

(Wargaming.net Limited -> Wargaming.net) C:ProgramDataWargaming.netGameCenterwgc.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32…Run: [HPMessageService] => C:Program Files (x86)HPHP System EventHPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)

HKLM-x32…Run: [HPMSGSVC] => C:Program Files (x86)HPHPPhoenixCtrlHPMSGSVC.exe [502032 2016-06-16] (Hewlett-Packard Company -> HP Development Company, L.P.)

HKUS-1-5-19…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.4.0GoogleDriveFS.exe [54396248 2021-11-03] (Google LLC -> Google, Inc.)

HKUS-1-5-20…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.4.0GoogleDriveFS.exe [54396248 2021-11-03] (Google LLC -> Google, Inc.)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [Wargaming.net Game Center] => C:ProgramDataWargaming.netGameCenterwgc.exe [2144704 2021-11-15] (Wargaming.net Limited -> Wargaming.net)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [Overwolf] => C:Program Files (x86)OverwolfOverwolfLauncher.exe [1806680 2021-10-31] (Overwolf Ltd -> Overwolf Ltd.)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [Discord] => C:UsersbllesAppDataLocalDiscordUpdate.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33530336 2021-11-12] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.4.0GoogleDriveFS.exe [54396248 2021-11-03] (Google LLC -> Google, Inc.)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [NordVPN] => C:Program FilesNordVPNNordVPN.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [elevenClock] => C:UsersbllesAppDataLocalProgramsElevenClockElevenClock.exe [45921374 2021-10-24] () [File not signed]

HKUS-1-5-21-2647879020-815856927-1001230537-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)

HKUS-1-5-18…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.4.0GoogleDriveFS.exe [54396248 2021-11-03] (Google LLC -> Google, Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication95.0.4638.69Installerchrmstp.exe [2021-11-03] (Google LLC -> Google LLC)

HKLMSoftware…AuthenticationCredential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {08D473AB-D8F8-4256-8E73-44350203D12A} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {0B3E655A-9D04-450D-B318-0304EFDBEFD6} – System32TasksCCleanerSkipUAC – blles => C:Program FilesCCleanerCCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {0C68701B-E7FC-4ADB-A689-60C5A3266B21} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)

Task: {23F49B44-70E3-41BE-8181-EC9CE3C43BA8} – System32TasksMcAfeeMcAfee DAT Built in test => C:Program FilesCommon FilesMcAfeeAMContentscannersx86_64datrep1.0.12.663mcdatrep.exe [1889696 2021-07-14] (McAfee, Inc. -> McAfee, LLC.)

Task: {299F1DC5-504C-4B42-8CE3-48BDA17DC9C7} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2C3DBF74-E31B-4863-83D9-77651A7A5870} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {36A96F55-DFBD-4BFD-A5E5-AE14B8B36987} – System32TasksG2MUpdateTask-S-1-5-21-2647879020-815856927-1001230537-1001 => C:UsersbllesAppDataLocalGoToMeeting19932g2mupdate.exe [31176 2021-11-11] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {48E00450-8568-4FF4-966C-DE76E828C557} – System32TasksMcAfeeMcAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:Program FilesCommon FilesMcAfeeTaskSchedulerMcAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

Task: {5BDEA6AF-747A-43DF-BD27-667DDABA0D87} – System32TasksMcAfee Remediation (Prepare) => C:Program FilesCommon FilesAVMcAfee VirusScanupgrade.exe [4695104 2021-10-01] (McAfee, LLC -> McAfee, LLC)

Task: {6B468298-FA30-484E-A599-BCF97AFCEC2E} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

“C:WindowsSystem32TasksMcAfeeMcAfee Idle Detection Task” was unlocked. <==== ATTENTION

Task: {6B8F794C-C21C-40AE-8DBA-B142A69DCC06} – System32TasksMcAfeeMcAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:Program FilesCommon FilesMcAfeeTaskSchedulerMcAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

Task: {78A002C4-B400-436A-B113-680F1DDA27F4} – System32TasksRTKCPL => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9235944 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

Task: {7E41CCE6-5B7A-4368-9454-E7398A5408BB} – System32TasksOverwolf Updater Task => C:Program Files (x86)OverwolfOverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)

Task: {8862F750-39C4-4AAB-9D98-4075BFC3E46D} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {9F3CA664-6CC9-4698-B71C-6B2377D5C2AF} – System32TasksMcAfeeLogon => C:Program FilesCommon FilesMcAfeePlatformMcUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)

Task: {A4125920-1FB3-4BF3-AB03-F09632E3418D} – System32TasksHPCeeScheduleForblles => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)

Task: {A8830400-AE11-4FB1-9521-70B82AEDB9CD} – System32TasksG2MUploadTask-S-1-5-21-2647879020-815856927-1001230537-1001 => C:UsersbllesAppDataLocalGoToMeeting19932g2mupload.exe [31176 2021-11-11] (LogMeIn, Inc. -> LogMeIn, Inc.)

Task: {AA8D423A-7737-4450-86A8-1CF278531AFA} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Updater => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)

Task: {AC6E9243-7543-4F80-B8A0-20AEEE70635C} – System32TasksMicrosoftWindowsMobile Broadband AccountsMNO Metadata Parser => C:WINDOWSSystem32MbaeParserTask.exe (No File)

Task: {AD2EB21E-14C3-4BD8-8F0B-8EFBBD36D9A5} – System32TasksHPEA3JOBS => C:Program [Argument = FilesHPHP ePrinthpeprint.exe /CheckJobs]

Task: {AE58C93D-8AB3-415D-8952-56CD203A0CA0} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-07-13] (Google LLC -> Google LLC)

Task: {B2028254-503D-4BDE-86B9-26354A2CA9BF} – System32TasksHPJumpStartLaunch => C:Program Files (x86)HPHP JumpStart LaunchHPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)

Task: {BB52DCCD-205D-45DF-ADAB-02999B61ECC0} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BC2E7503-7629-4CDF-9C80-916C60D70BD8} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Quick Start => C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [984432 2021-04-01] (HP Inc. -> HP Inc.)

Task: {C713EF69-757A-4D88-A167-186D319078AB} – System32TasksHPAudioSwitch => C:Program Files (x86)HPHPAudioSwitchHPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)

Task: {C8F1E7DF-27CE-4605-91B3-EC1484598C0A} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-07-13] (Google LLC -> Google LLC)

Task: {CC0B2C08-BF63-49DD-977F-BF1A239AD12B} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvContainernvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program Files (x86)NVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {E78D1720-AAC4-44B8-9099-94E5EDD854DB} – System32TasksHewlett-PackardHP Support AssistantProduct Configurator => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.)

Task: {F47CF2DB-F656-412F-A254-6E8CBBC30148} – System32TasksHewlett-PackardHP Support AssistantPC Health Analysis => C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [984432 2021-04-01] (HP Inc. -> HP Inc.)

Task: {F4B194F7-3560-4E5E-A7D3-FC09DFE7FA31} – System32TasksHewlett-PackardHP Active HealthHP Active Health Scan (HPSA) => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPActiveHealthActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)

Task: {F5B25A9A-ABB1-4026-BA3E-CC4C8D1D3B52} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {F7D6DE3F-C4DF-4D68-952C-6BD2B87EA0CA} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.)

Task: {FEA14EBC-7FCF-449F-B88F-42EEF3867301} – System32TasksMcAfeeDAD.Execute.Updates => C:Program FilesCommon FilesMcAfeeDynamicAppDownloaderDADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksG2MUpdateTask-S-1-5-21-2647879020-815856927-1001230537-1001.job => C:UsersbllesAppDataLocalGoToMeeting19932g2mupdate.exe

Task: C:WINDOWSTasksG2MUploadTask-S-1-5-21-2647879020-815856927-1001230537-1001.job => C:UsersbllesAppDataLocalGoToMeeting19932g2mupload.exe

Task: C:WINDOWSTasksHPCeeScheduleForblles.job => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.254

Tcpip..Interfaces{2266d305-948b-40c5-a18f-b7397d07a3b6}: [DhcpNameServer] 192.168.1.254

 

Edge: 

=======

Edge Profile: C:UsersbllesAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-16]

 

FireFox:

========

FF HKLM…ThunderbirdExtensions: [msktbird@mcafee.com] – C:Program FilesMcAfeeMSKHKLM => not found

FF HKLM-x32…ThunderbirdExtensions: [msktbird@mcafee.com] – C:Program FilesMcAfeeMSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) – C:Program FilesMcAfeeMSK [2021-11-04] [Legacy] [not signed]

FF Plugin: @mcafee.com/MSC,version=10 -> C:Program FilesMcAfeeMSCnpMcSnFFPl64.dll [2021-10-22] (McAfee, LLC -> )

FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:Program Files (x86)McAfeeMSCnpMcSnFFPl.dll [2021-10-22] (McAfee, LLC -> )

 

Chrome: 

=======

CHR Profile: C:UsersbllesAppDataLocalGoogleChromeUser DataDefault [2021-11-16]

CHR StartupUrls: Default -> “hxxp://mail.google.com/”,”hxxp://www.yahoo.com/”

CHR Extension: (Slides) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-07-13]

CHR Extension: (Smartsheet Chrome App) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsalehdleagcgnimdipdmllebddejplpbi [2021-07-13]

CHR Extension: (FreeConferenceCall.com Launcher) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsbkkkecfjcahaciigdkmmbfaoejneoogj [2021-07-13]

CHR Extension: (Honey) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-11-09]

CHR Extension: (Sheets) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-07-13]

CHR Extension: (McAfee® WebAdvisor) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsfheoggkfdfchfphceeifdbepaooicaho [2021-11-01]

CHR Extension: (Audio Downloader Prime) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsflainkeonkoanoijnkojmiiihnfdhipd [2021-07-13]

CHR Extension: (Google Docs Offline) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]

CHR Extension: (LastPass: Free Password Manager) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionshdokiejnpimakedhajhdlcegeplioahd [2021-11-09]

CHR Extension: (Kindle Cloud Reader) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsicdipabjmbhpdkjaihfjoikhjjeneebd [2021-07-13]

CHR Extension: (Cisco Webex Extension) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsjlhmfgmfgeifomenelglieieghnjghma [2021-07-29]

CHR Extension: (WordPress.com) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionskhjnjifipfkgglficmipimgjpbmlbemd [2021-07-13]

CHR Extension: (Asana) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionskhnpeclbnipcdacdkhejifenadikeghk [2021-07-13]

CHR Extension: (Google Play) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionskomhbcfkdcgmcdoenjcjheifdiabikfi [2021-07-13]

CHR Extension: (Feedbro) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsmefgmmbdailogpfhfblcnnjfmnpnmdfa [2021-09-01]

CHR Extension: (Chrome Web Store Payments) – C:UsersbllesAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-07-13]

CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [16029472 2021-10-05] (Epic Games Inc. -> Epic Games, Inc.)

R2 HP Comm Recover; C:Program FilesHPCommRecoveryHPCommRecovery.exe [1325864 2017-07-25] (HP Inc. -> HP Inc.)

R2 HPJumpStartBridge; c:Program Files (x86)HPHP JumpStart BridgeHPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)

S3 hpqcaslwmiex; C:Program Files (x86)HPSharedhpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)

R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)

R2 HPWMISVC; c:Program Files (x86)HPHPPhoenixCtrlHPWMISVC.exe [554768 2016-06-16] (Hewlett-Packard Company -> HP Development Company, L.P.)

S2 IRMTService; C:Program FilesIntelIntel® Ready Mode TechnologyIRMTService.exe [183424 2017-08-08] (Intel® RMT -> Intel Corporation)

R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [971504 2021-11-09] (McAfee, LLC -> McAfee, LLC)

R2 McAPExe; C:Program FilesCommon FilesMcAfeeVSCore_21_9McApExe.exe [797576 2021-10-22] (McAfee, LLC -> McAfee, LLC)

R2 mccspsvc; C:Program FilesCommon FilesMcAfeeCSP4.7.101.0\McCSPServiceHost.exe [2845608 2021-10-11] (McAfee, LLC -> McAfee, LLC)

S3 mfefire; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R2 mfemms; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R3 mfevtp; C:Program FilesCommon FilesMcAfeeSystemCoremfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R2 ModuleCoreService; C:Program FilesCommon FilesMcAfeeModuleCoreModuleCoreService.exe [1677024 2021-10-23] (McAfee, LLC -> McAfee, LLC)

R2 nordvpn-service; C:Program FilesNordVPNnordvpn-service.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)

S3 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)

R2 PEFService; C:Program FilesCommon FilesMcAfeePEFCOREPEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0NisSrv.exe [2665432 2021-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2106.6-0MsMpEng.exe [136640 2021-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvhdc.inf_amd64_75e4d75cf672cb89Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvhdc.inf_amd64_75e4d75cf672cb89Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R3 cfwids; C:WINDOWSSystem32driverscfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 CMUSBDAC; C:WINDOWSsystem32DRIVERSCMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)

S3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [45984 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

S3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [21920 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R1 googledrivefs3525; C:WINDOWSSystem32DRIVERSgoogledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)

R3 IntelReadyModeDriver; C:WINDOWSSystem32driversIntelReadyModeDriver.sys [34712 2017-08-08] (Intel Corporation -> Intel Corporation)

S3 LGJoyHidFilter; C:WINDOWSsystem32driversLGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)

S3 LGJoyHidLo; C:WINDOWSsystem32driversLGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)

S3 LGJoyXlCore; C:WINDOWSsystem32driversLGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)

S3 LGSHidFilt; C:WINDOWSSystem32driversLGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)

S3 LGSUsbFilt; C:WINDOWSSystem32driversLGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)

R2 McPvDrv; C:WINDOWSsystem32driversMcPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)

R3 mfeaack; C:WINDOWSSystem32driversmfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfeavfk; C:WINDOWSSystem32driversmfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

S0 mfeelamk; C:WINDOWSSystem32driversmfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)

R3 mfefirek; C:WINDOWSSystem32driversmfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfehidk; C:WINDOWSSystem32driversmfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfencbdc; C:WINDOWSSystem32DRIVERSmfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

S3 mfencrk; C:WINDOWSSystem32DRIVERSmfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

R3 mfeplk; C:WINDOWSSystem32driversmfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfewfpk; C:WINDOWSSystem32driversmfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R1 nordlwf; C:WINDOWSsystem32DRIVERSnordlwf.sys [42576 2021-06-13] (nordvpn s.a. -> TEFINCOM S.A.)

S3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0226; C:WINDOWSSystem32driversRzDev_0226.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0243; C:WINDOWSSystem32driversRzDev_0243.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R0 secnvme; C:WINDOWSSystem32driverssecnvme.sys [134000 2019-01-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)

S3 ssudqcfilter; C:WINDOWSSystem32driversssudqcfilter.sys [64864 2019-07-09] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)

R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [39920 2021-08-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

R3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [49560 2021-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [425192 2021-07-14] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [76008 2021-07-14] (Microsoft Windows -> Microsoft Corporation)

S3 wintun; C:WINDOWSsystem32DRIVERSwintun.sys [29680 2021-10-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

U3 aspnet_state; no ImagePath

S1 WinSetupMon; system32DRIVERSWinSetupMon.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-16 10:26 – 2021-11-16 10:26 – 000030851 _____ C:UsersbllesDownloadsFRST.txt

2021-11-16 10:25 – 2021-11-16 10:26 – 000000000 ____D C:FRST

2021-11-16 10:25 – 2021-11-16 10:25 – 002311680 _____ (Farbar) C:UsersbllesDownloadsFRST64.exe

2021-11-16 10:25 – 2021-11-16 10:25 – 002019840 _____ (Farbar) C:UsersbllesDownloadsFRST.exe

2021-11-16 10:22 – 2021-11-16 10:22 – 000074867 _____ C:UsersbllesDownloadswhatinstartup-x64.zip

2021-11-16 10:11 – 2021-11-16 10:12 – 000000000 ____D C:UsersbllesDownloadshjred103

2021-11-16 10:11 – 2021-11-16 10:11 – 001953658 _____ C:UsersbllesDownloadshjred103.zip

2021-11-16 10:06 – 2021-11-16 10:06 – 036493848 _____ (Piriform Software Ltd) C:UsersbllesDownloadsccsetup587 (1).exe

2021-11-16 10:02 – 2021-11-16 10:02 – 000388608 _____ (Trend Micro Inc.) C:UsersbllesDownloadsHijackThis.exe

2021-11-16 10:00 – 2021-11-16 10:07 – 000000000 ____D C:Program FilesCCleaner

2021-11-16 10:00 – 2021-11-16 10:00 – 000282803 _____ C:UsersbllesDownloadsISU204560551414 (2).pdf

2021-11-16 10:00 – 2021-11-16 10:00 – 000003936 _____ C:WINDOWSsystem32TasksCCleaner Update

2021-11-16 10:00 – 2021-11-16 10:00 – 000002904 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC – blles

2021-11-16 10:00 – 2021-11-16 10:00 – 000000870 _____ C:UsersPublicDesktopCCleaner.lnk

2021-11-16 10:00 – 2021-11-16 10:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner

2021-11-16 09:58 – 2021-11-16 09:58 – 000282803 _____ C:UsersbllesDownloadsISU204560551414.pdf

2021-11-16 09:58 – 2021-11-16 09:58 – 000282803 _____ C:UsersbllesDownloadsISU204560551414 (1).pdf

2021-11-16 09:58 – 2021-11-16 09:58 – 000282568 _____ C:UsersbllesDownloadsISU204382579700.pdf

2021-11-16 09:54 – 2021-11-16 09:54 – 036493848 _____ (Piriform Software Ltd) C:UsersbllesDownloadsccsetup587.exe

2021-11-16 09:54 – 2021-11-16 09:54 – 027053024 _____ (Piriform Software Ltd) C:UsersbllesDownloadsUnconfirmed 755647.crdownload

2021-11-11 07:55 – 2021-11-11 07:56 – 052323866 _____ (Aslain ) C:UsersbllesDownloadsAslains_WoWs_Modpack_Installer_v.10.10.0_03.exe

2021-11-10 17:08 – 2021-11-10 17:08 – 000286720 _____ C:WINDOWSsystem32AggregatorHost.exe

2021-11-10 17:08 – 2021-11-10 17:08 – 000077824 _____ C:WINDOWSsystem32runexehelper.exe

2021-11-10 17:08 – 2021-11-10 17:08 – 000014756 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-10 15:00 – 2021-11-10 15:00 – 000715551 _____ C:UsersbllesDownloadsCommon+ITTOs3.pdf

2021-11-10 14:58 – 2021-11-10 14:58 – 000342821 _____ C:UsersbllesDownloadsprocess+groups.pdf

2021-11-10 14:56 – 2021-11-10 14:56 – 000001108 _____ C:UsersbllesDesktopForza Horizon 5.lnk

2021-11-10 13:37 – 2021-11-10 13:37 – 001035028 _____ C:UsersbllesDownloadszscaler ph mgt plan.pdf

2021-11-10 12:55 – 2021-11-10 12:55 – 000131072 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll

2021-11-10 12:54 – 2021-11-10 12:54 – 000000000 ____D C:UsersbllesAppDataLocalINetHistory

2021-11-10 08:15 – 2021-11-10 08:15 – 000002312 _____ C:UsersbllesDownloadsGGO 19.rdp

2021-11-10 07:33 – 2021-11-10 07:33 – 000000000 ___HD C:$WinREAgent

2021-11-09 11:33 – 2021-11-11 11:56 – 000000666 _____ C:WINDOWSTasksG2MUploadTask-S-1-5-21-2647879020-815856927-1001230537-1001.job

2021-11-09 11:33 – 2021-11-11 11:56 – 000000570 _____ C:WINDOWSTasksG2MUpdateTask-S-1-5-21-2647879020-815856927-1001230537-1001.job

2021-11-09 11:33 – 2021-11-11 08:38 – 000003834 _____ C:WINDOWSsystem32TasksG2MUploadTask-S-1-5-21-2647879020-815856927-1001230537-1001

2021-11-09 11:33 – 2021-11-11 08:38 – 000003738 _____ C:WINDOWSsystem32TasksG2MUpdateTask-S-1-5-21-2647879020-815856927-1001230537-1001

2021-11-09 11:33 – 2021-11-11 08:38 – 000000000 ____D C:UsersbllesAppDataLocalGoToMeeting

2021-11-09 11:33 – 2021-11-09 11:33 – 000000000 ____D C:UsersbllesAppDataLocalGoTo Opener

2021-11-05 12:04 – 2021-11-05 12:04 – 000003621 _____ C:UsersbllesDownloads2021-11-05T18-04-47_UTC_web_transaction.csv

2021-11-04 14:37 – 2021-11-04 14:37 – 000000000 ____D C:UsersbllesAppDataLocalDBG

2021-11-04 14:37 – 2021-11-04 14:37 – 000000000 ____D C:UsersbllesAppDataLocalCrashReportClient

2021-11-04 13:09 – 2021-11-04 13:09 – 000000222 _____ C:UsersbllesDesktopGold Rush The Game.url

2021-11-04 13:09 – 2021-11-04 13:09 – 000000000 ____D C:UsersbllesAppDataLocalLowCodeHorizon

2021-11-04 08:53 – 2021-11-04 08:53 – 043255152 _____ C:UsersbllesDownloadsMicrosoftTeams-x64 (1).msix

2021-11-04 08:53 – 2021-11-04 08:53 – 000002405 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams (work or school).lnk

2021-11-04 08:53 – 2021-11-04 08:53 – 000002397 _____ C:UsersbllesDesktopMicrosoft Teams (work or school).lnk

2021-11-04 08:53 – 2021-11-04 08:53 – 000000000 ____D C:UsersbllesAppDataRoamingTeams

2021-11-04 08:51 – 2021-11-04 08:51 – 043255152 _____ C:UsersbllesDownloadsMicrosoftTeams-x64.msix

2021-11-03 15:27 – 2021-11-03 15:27 – 057533038 _____ (Aslain ) C:UsersbllesDownloadsAslains_WoWs_Modpack_Installer_v.10.9.0_19.exe

2021-11-03 12:51 – 2021-11-03 12:51 – 000215319 _____ C:UsersbllesDownloadsInstalling Kno2 Via KACE.pdf

2021-11-03 12:51 – 2021-11-03 12:51 – 000215319 _____ C:UsersbllesDownloadsInstalling Kno2 Via KACE (1).pdf

2021-11-01 12:52 – 2021-11-01 12:52 – 000679415 _____ C:UsersbllesDownloadsTerms.pdf

2021-11-01 12:52 – 2021-11-01 12:52 – 000000000 ____D C:UsersbllesDocumentsPMP

2021-11-01 11:17 – 2021-11-01 11:17 – 000001981 _____ C:UsersbllesDownloadsWGVuQXBwIDcueC5NaWNyb3NvZnQgT3V0bG9vayAy.ica

2021-11-01 11:17 – 2021-11-01 11:17 – 000001979 _____ C:UsersbllesDownloadsWGVuQXBwIDcueC5PdXRsb29rIFdlYiBBY2Nlc3M-.ica

2021-10-30 09:55 – 2021-11-16 09:28 – 000000000 ____D C:Usersblles.elevenclock

2021-10-30 09:55 – 2021-10-30 09:55 – 000001333 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsElevenClock Settings.lnk

2021-10-30 09:55 – 2021-10-30 09:55 – 000001311 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsElevenClock.lnk

2021-10-30 09:55 – 2021-10-30 09:55 – 000001303 _____ C:UsersbllesDesktopElevenClock.lnk

2021-10-30 09:52 – 2021-10-30 09:52 – 000767624 _____ C:UsersbllesDownloads1504933.webp

2021-10-29 10:00 – 2021-10-29 10:00 – 000000000 ____D C:UsersbllesAppDataLocalNascarNext

2021-10-29 08:47 – 2021-10-29 08:47 – 000000223 _____ C:UsersbllesDesktopNASCAR 21 Ignition.url

2021-10-28 14:35 – 2021-10-28 14:35 – 000258048 _____ C:WINDOWSsystem32CoreMas.dll

2021-10-28 14:35 – 2021-10-28 14:35 – 000215552 _____ C:WINDOWSsystem32CloudIdWxhExtension.dll

2021-10-28 14:35 – 2021-10-28 14:35 – 000208896 _____ C:WINDOWSsystem32IHDS.dll

2021-10-28 14:35 – 2021-10-28 14:35 – 000167936 _____ C:WINDOWSsystem32TpmTool.exe

2021-10-28 14:35 – 2021-10-28 14:35 – 000121344 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-10-28 14:35 – 2021-10-28 14:35 – 000024576 _____ C:WINDOWSsystem32nrtapi.dll

2021-10-28 14:35 – 2021-10-28 14:35 – 000006656 _____ C:WINDOWSSysWOW64nrtapi.dll

2021-10-28 12:37 – 2021-10-28 12:37 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-10-28 12:35 – 2021-10-28 12:35 – 000000020 ___SH C:Usersbllesntuser.ini

2021-10-28 12:34 – 2021-11-15 11:26 – 000000000 ____D C:WINDOWSsystem32TasksMcAfee

2021-10-28 12:34 – 2021-11-11 12:02 – 000919394 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-10-28 12:34 – 2021-11-11 11:56 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-10-28 12:34 – 2021-11-08 12:00 – 000003378 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2647879020-815856927-1001230537-1001

2021-10-28 12:34 – 2021-11-04 11:01 – 000003316 _____ C:WINDOWSsystem32TasksMcAfeeLogon

2021-10-28 12:34 – 2021-11-03 08:34 – 000003256 _____ C:WINDOWSsystem32TasksHPCeeScheduleForblles

2021-10-28 12:34 – 2021-10-28 12:34 – 000011433 _____ C:WINDOWSdiagwrn.xml

2021-10-28 12:34 – 2021-10-28 12:34 – 000011433 _____ C:WINDOWSdiagerr.xml

2021-10-28 12:34 – 2021-10-28 12:34 – 000003408 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-10-28 12:34 – 2021-10-28 12:34 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000003348 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-10-28 12:34 – 2021-10-28 12:34 – 000003244 _____ C:WINDOWSsystem32TasksOverwolf Updater Task

2021-10-28 12:34 – 2021-10-28 12:34 – 000003184 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-10-28 12:34 – 2021-10-28 12:34 – 000003176 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000003140 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000003124 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-10-28 12:34 – 2021-10-28 12:34 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000002956 _____ C:WINDOWSsystem32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000002856 _____ C:WINDOWSsystem32TasksHPJumpStartLaunch

2021-10-28 12:34 – 2021-10-28 12:34 – 000002838 _____ C:WINDOWSsystem32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000002770 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task v2

2021-10-28 12:34 – 2021-10-28 12:34 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-28 12:34 – 2021-10-28 12:34 – 000002646 _____ C:WINDOWSsystem32TasksMcAfee Remediation (Prepare)

2021-10-28 12:34 – 2021-10-28 12:34 – 000002502 _____ C:WINDOWSsystem32TasksHPEA3JOBS

2021-10-28 12:34 – 2021-10-28 12:34 – 000002440 _____ C:WINDOWSsystem32TasksHPAudioSwitch

2021-10-28 12:34 – 2021-10-28 12:34 – 000002280 _____ C:WINDOWSsystem32TasksRTKCPL

2021-10-28 12:34 – 2021-10-28 12:34 – 000000000 ____D C:WINDOWSsystem32TasksIntel

2021-10-28 12:34 – 2021-10-28 12:34 – 000000000 ____D C:WINDOWSsystem32TasksHewlett-Packard

2021-10-28 12:34 – 2021-10-28 12:34 – 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime

2021-10-28 12:32 – 2021-10-28 12:32 – 000002065 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsDTS Audio Control.lnk

2021-10-28 12:31 – 2021-11-16 09:27 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-10-28 12:31 – 2021-10-28 14:40 – 000302152 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-10-28 12:29 – 2021-09-28 14:02 – 001088512 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfehidk.sys

2021-10-28 12:29 – 2021-09-28 14:02 – 000256512 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfewfpk.sys

2021-10-28 12:29 – 2021-09-28 14:02 – 000090048 _____ (McAfee, LLC) C:WINDOWSsystem32Driversmfeelamk.sys

2021-10-28 12:25 – 2021-11-04 15:24 – 000000000 ____D C:Usersblles

2021-10-28 12:25 – 2021-10-28 12:31 – 000000000 ____D C:WINDOWSsystem32configbbimigrate

2021-10-28 12:25 – 2021-06-05 06:04 – 000001281 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools.lnk

2021-10-28 12:25 – 2021-06-05 06:04 – 000000407 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsFile Explorer.lnk

2021-10-28 12:24 – 2021-10-28 12:31 – 000000000 ____D C:WINDOWSIAStorAfsService

2021-10-28 12:24 – 2021-10-28 12:25 – 000000000 ____D C:WINDOWSServiceProfiles

2021-10-28 12:23 – 2021-06-01 13:30 – 000076060 _____ C:WINDOWSsystem32xpsrchvw.xml

2021-10-28 12:23 – 2021-05-27 16:51 – 000076060 _____ C:WINDOWSSysWOW64xpsrchvw.xml

2021-10-28 12:21 – 2021-10-28 12:21 – 000000000 ____D C:Program FilesReference Assemblies

2021-10-28 12:21 – 2021-10-28 12:21 – 000000000 ____D C:Program FilesMSBuild

2021-10-28 12:21 – 2021-10-28 12:21 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-10-28 12:21 – 2021-10-28 12:21 – 000000000 ____D C:Program Files (x86)MSBuild

2021-10-28 12:17 – 2021-10-28 12:17 – 000008192 _____ C:WINDOWSsystem32configuserdiff

2021-10-28 12:15 – 2021-10-28 12:15 – 000018073 _____ C:UsersbllesDownloadsdiscord-logo-png-7618.html

2021-10-28 12:05 – 2021-11-16 10:04 – 000000000 ___DC C:WINDOWSPanther

2021-10-28 11:32 – 2021-10-28 12:05 – 000000000 ____D C:ESD

2021-10-28 10:50 – 2021-10-28 10:50 – 000000000 ___HD C:$Windows.~WS

2021-10-28 10:45 – 2021-10-28 10:45 – 000000000 ___HD C:$GetCurrent

2021-10-28 10:45 – 2021-10-28 10:45 – 000000000 ____D C:Program Files (x86)WindowsInstallationAssistant

2021-10-27 09:07 – 2021-10-27 09:07 – 057525054 _____ (Aslain ) C:UsersbllesDownloadsAslains_WoWs_Modpack_Installer_v.10.9.0_16.exe

2021-10-24 12:35 – 2021-10-24 12:35 – 000000222 _____ C:UsersbllesDesktopRaft.url

2021-10-24 12:35 – 2021-10-24 12:35 – 000000000 ____D C:UsersbllesAppDataLocalLowRedbeet Interactive

2021-10-22 12:25 – 2021-10-22 12:25 – 011800888 _____ (Tim Kosse) C:UsersbllesDownloadsFileZilla_3.56.0_win64_sponsored-setup.exe

2021-10-20 08:36 – 2021-10-20 08:37 – 053242870 _____ C:UsersbllesDownloadsCudaLaunch_10202021.zip

2021-10-20 08:17 – 2021-10-20 08:17 – 000250778 _____ C:UsersbllesDownloadsRCA_Kno2File_20211013.pdf

2021-10-19 08:51 – 2021-10-19 08:51 – 000001685 _____ C:UsersbllesDesktopWorld_of_Warships_PT.lnk

2021-10-18 14:42 – 2021-10-18 14:42 – 000086297 _____ C:UsersbllesDownloadsNorthEast Steward Locations.xlsx

2021-10-17 15:09 – 2021-10-17 15:20 – 000000369 _____ C:UsersbllesDesktopindx.html

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-16 10:23 – 2021-08-10 12:41 – 000000000 ____D C:Program Files (x86)Steam

2021-11-16 10:16 – 2021-07-13 19:37 – 000000000 ____D C:Program Files (x86)Google

2021-11-16 10:13 – 2021-07-13 20:57 – 000000000 ____D C:UsersbllesAppDataRoamingdiscord

2021-11-16 10:08 – 2021-06-05 06:09 – 000000000 ____D C:WINDOWSINF

2021-11-16 10:05 – 2021-07-13 19:35 – 000000000 ____D C:UsersbllesAppDataLocalVirtualStore

2021-11-16 10:05 – 2021-06-05 06:10 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-11-16 10:04 – 2021-07-14 17:40 – 000000000 ____D C:UsersbllesAppDataLocalCrashDumps

2021-11-16 10:02 – 2021-08-09 11:59 – 000000000 ____D C:temp

2021-11-16 09:34 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-16 09:31 – 2021-07-13 19:35 – 000000000 ____D C:UsersbllesAppDataLocalD3DSCache

2021-11-16 09:29 – 2021-07-13 21:19 – 000000000 ____D C:ProgramDataNVIDIA

2021-11-16 09:29 – 2021-07-13 20:57 – 000000000 ____D C:UsersbllesAppDataLocalDiscord

2021-11-16 09:28 – 2021-07-13 20:50 – 000002324 _____ C:UsersbllesDesktopOutplayed.lnk

2021-11-16 09:28 – 2021-07-13 19:48 – 000000000 ____D C:UsersbllesAppDataLocalOverwolf

2021-11-16 09:27 – 2021-07-14 14:49 – 000000000 __RSD C:UsersbllesDocumentsMcAfee Vaults

2021-11-15 15:59 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSystemTemp

2021-11-14 12:03 – 2021-06-05 06:10 – 000000000 ___HD C:Program FilesWindowsApps

2021-11-14 11:12 – 2021-06-05 06:01 – 000032768 _____ C:WINDOWSsystem32configELAM

2021-11-14 09:07 – 2021-07-13 21:19 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-11-14 09:07 – 2021-07-13 21:19 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-11-11 11:56 – 2021-07-13 21:19 – 000012288 ___SH C:DumpStack.log.tmp

2021-11-11 11:56 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSServiceState

2021-11-11 11:56 – 2021-06-05 06:01 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-11-11 07:56 – 2021-08-29 15:48 – 000000913 _____ C:UsersbllesDesktopAslains WoWs Logs Archiver.lnk

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSystemResources

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-11-10 18:10 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-10 17:10 – 2021-07-14 14:42 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-10 17:09 – 2021-07-14 14:42 – 141529560 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-11-10 17:09 – 2021-06-05 06:01 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-10 16:06 – 2021-07-13 20:50 – 000000000 ____D C:Program Files (x86)Overwolf

2021-11-10 16:01 – 2021-07-14 14:47 – 000000000 ____D C:Program Files (x86)McAfee

2021-11-10 16:01 – 2021-07-13 19:37 – 000000000 ____D C:UsersbllesAppDataLocalPlaceholderTileLogoFolder

2021-11-10 14:56 – 2021-07-13 19:35 – 000000000 ____D C:UsersbllesAppDataLocalPackages

2021-11-10 14:56 – 2021-07-13 19:35 – 000000000 ____D C:ProgramDataPackages

2021-11-10 12:56 – 2021-07-13 19:35 – 000000000 ____D C:UsersbllesAppDataLocalConnectedDevicesPlatform

2021-11-10 12:38 – 2021-09-10 11:52 – 000002064 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Drive.lnk

2021-11-10 12:38 – 2021-09-10 11:52 – 000001906 _____ C:UsersDefaultDesktopGoogle Slides.lnk

2021-11-10 12:38 – 2021-09-10 11:52 – 000001906 _____ C:UsersDefaultDesktopGoogle Sheets.lnk

2021-11-10 12:38 – 2021-09-10 11:52 – 000001894 _____ C:UsersDefaultDesktopGoogle Docs.lnk

2021-11-08 14:54 – 2021-09-01 08:02 – 000000000 ____D C:UsersbllesAppDataRoamingparadox-launcher-v2

2021-11-08 12:00 – 2021-07-13 19:34 – 000002386 _____ C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-04 13:09 – 2021-08-10 12:44 – 000000000 ____D C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2021-11-04 11:01 – 2018-03-29 07:19 – 000000000 ____D C:Program FilesCommon FilesMcAfee

2021-11-04 08:53 – 2021-07-13 20:57 – 000000000 ____D C:UsersbllesAppDataLocalSquirrelTemp

2021-11-04 08:40 – 2021-07-13 19:37 – 000000000 ___RD C:UsersbllesOneDrive

2021-11-04 08:26 – 2021-08-27 08:35 – 000000364 _____ C:WINDOWSTasksHPCeeScheduleForblles.job

2021-11-03 15:45 – 2021-08-01 10:06 – 000000000 ____D C:UsersbllesAppDataRoamingWordPress.com

2021-11-03 07:58 – 2021-07-13 19:37 – 000002254 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-11-03 07:58 – 2021-07-13 19:37 – 000002213 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-10-30 15:31 – 2021-10-06 08:49 – 000000000 ____D C:UsersbllesAppDataLocalNordVPN

2021-10-29 10:21 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-10-29 10:00 – 2021-08-09 21:21 – 000000000 ____D C:UsersbllesAppDataLocalUnrealEngine

2021-10-29 10:00 – 2018-03-29 06:07 – 000000000 ____D C:ProgramDataPackage Cache

2021-10-29 07:37 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSappcompat

2021-10-28 14:39 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSShellComponents

2021-10-28 14:39 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-10-28 14:39 – 2021-06-05 06:01 – 000000000 ____D C:WINDOWSservicing

2021-10-28 12:52 – 2021-06-05 06:10 – 000000000 ___RD C:WINDOWSPrintDialog

2021-10-28 12:35 – 2021-06-05 06:10 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-10-28 12:35 – 2017-10-05 17:38 – 000000000 __RHD C:UsersPublicAccountPictures

2021-10-28 12:34 – 2021-06-05 06:10 – 000000000 ____D C:Program FilesWindows Defender

2021-10-28 12:33 – 2021-06-05 06:10 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-10-28 12:32 – 2021-07-13 21:19 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-10-28 12:32 – 2021-06-05 06:10 – 000000000 __RHD C:UsersPublicLibraries

2021-10-28 12:32 – 2021-06-05 06:10 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-10-28 12:31 – 2021-10-06 08:49 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNordSec

2021-10-28 12:31 – 2021-08-10 12:41 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSteam

2021-10-28 12:31 – 2021-07-14 14:49 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee

2021-10-28 12:31 – 2021-07-13 22:11 – 000000000 ____D C:WINDOWSSysWOW64sda

2021-10-28 12:31 – 2021-07-13 22:08 – 000000000 ____D C:WINDOWSSysWOW64Macromed

2021-10-28 12:31 – 2021-07-13 22:08 – 000000000 ____D C:WINDOWSsystem32Tasks_Migrated

2021-10-28 12:31 – 2021-07-13 22:08 – 000000000 ____D C:WINDOWSsystem32MsDtc

2021-10-28 12:31 – 2021-07-13 22:08 – 000000000 ____D C:WINDOWSsystem32Macromed

2021-10-28 12:31 – 2021-07-13 21:19 – 000000000 ____D C:WINDOWSSysWOW64RTCOM

2021-10-28 12:31 – 2021-07-13 20:57 – 000000000 ____D C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-10-28 12:31 – 2021-07-13 20:50 – 000000000 ____D C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsOverwolf

2021-10-28 12:31 – 2021-07-13 19:41 – 000000000 ____D C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsWargaming.net

2021-10-28 12:31 – 2021-07-13 19:38 – 000000000 ____D C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps

2021-10-28 12:31 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-10-28 12:31 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32spool

2021-10-28 12:31 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSRegistration

2021-10-28 12:31 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSHelp

2021-10-28 12:31 – 2021-06-05 06:08 – 000028672 _____ C:WINDOWSsystem32configBCD-Template

2021-10-28 12:31 – 2018-03-29 07:13 – 000000000 ___HD C:WINDOWSsystem32WLANProfiles

2021-10-28 12:31 – 2018-03-29 07:11 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-10-28 12:31 – 2018-03-29 07:10 – 000000000 ____D C:Program FilesIntel

2021-10-28 12:31 – 2018-03-29 07:09 – 000000000 ____D C:Program Files (x86)Intel

2021-10-28 12:31 – 2018-03-29 06:10 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsHP Help and Support

2021-10-28 12:29 – 2021-06-05 06:14 – 000000000 ____D C:WINDOWSSetup

2021-10-28 12:28 – 2021-06-05 06:10 – 000000000 ____D C:ProgramDataUSOPrivate

2021-10-28 12:25 – 2021-08-30 09:56 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCPUID

2021-10-28 12:25 – 2021-07-13 21:19 – 000000000 ____D C:WINDOWSsystem32SRSLabs

2021-10-28 12:25 – 2021-07-13 21:19 – 000000000 ____D C:Program FilesRealtek

2021-10-28 12:25 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSResources

2021-10-28 12:25 – 2018-03-29 07:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsIntel

2021-10-28 12:24 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSysWOW64lv-LV

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSysWOW64lt-LT

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSysWOW64et-EE

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSSysWOW64es-MX

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-10-28 12:23 – 2021-06-05 06:10 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-10-19 08:51 – 2021-07-13 19:41 – 000000000 ____D C:Games

2021-10-18 09:30 – 2021-08-01 10:04 – 000000000 ____D C:UsersbllesAppDataLocalwordpressdesktop-updater

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021

Ran by blles (16-11-2021 10:27:08)

Running from C:UsersbllesDownloads

Microsoft Windows 11 Home Version 21H2 22000.318 (X64) (2021-10-28 18:34:42)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-2647879020-815856927-1001230537-500 – Administrator – Disabled)

blles (S-1-5-21-2647879020-815856927-1001230537-1001 – Administrator – Enabled) => C:Usersblles

DefaultAccount (S-1-5-21-2647879020-815856927-1001230537-503 – Limited – Disabled)

Guest (S-1-5-21-2647879020-815856927-1001230537-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-2647879020-815856927-1001230537-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee VirusScan (Enabled – Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Aslain’s WoWs Modpack version 10.10.0.03 (HKLM-x32…ASLAINSWARSHIPSTEST_is1) (Version: 10.10.0.03 – Aslain)

Audacity 3.0.2 (HKLM-x32…Audacity_is1) (Version: 3.0.2 – Audacity Team)

Audacity 3.0.3 (64-bit) (HKLM…Audacity_is1) (Version: 3.0.3 – Audacity Team)

Bonjour (HKLM…{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 – Apple Inc.)

CCleaner (HKLM…CCleaner) (Version: 5.87 – Piriform)

CPUID HWMonitor 1.44 (HKLM…CPUID HWMonitor_is1) (Version: 1.44 – CPUID, Inc.)

CyberLink Power Media Player 14 (HKLM-x32…{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7503 – CyberLink Corp.)

Discord (HKUS-1-5-21-2647879020-815856927-1001230537-1001…Discord) (Version: 1.0.9002 – Discord Inc.)

ElevenClock version 2.4 (With high ram usage fix) (HKUS-1-5-21-2647879020-815856927-1001230537-1001…{D62480B8-71F1-48CE-BEEC-9D3E172C87B5}_is1) (Version: 2.4 (With high ram usage fix) – SomePythonThings)

Epic Games Launcher (HKLM-x32…{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Epic Online Services (HKLM-x32…{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 – Epic Games, Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 95.0.4638.69 – Google LLC)

Google Drive (HKLM…{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 53.0.4.0 – Google LLC)

GoTo Opener (HKLM-x32…{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 – LogMeIn, Inc.)

GoToMeeting 10.18.0.19932 (HKUS-1-5-21-2647879020-815856927-1001230537-1001…GoToMeeting) (Version: 10.18.0.19932 – LogMeIn, Inc.)

HP Audio Switch (HKLM-x32…{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 – HP Inc.)

HP Connection Optimizer (HKLM-x32…{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.7.0 – HP Inc.)

HP Documentation (HKLM…HP_Documentation) (Version: 1.0.0.1 – HP Inc.)

HP ePrint SW (HKLM-x32…{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 – HP Inc.)

HP JumpStart Apps (HKLM-x32…HP JumpStart Apps) (Version: 7.0.32 – HP Inc.)

HP JumpStart Bridge (HKLM-x32…{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 – HP Inc.)

HP JumpStart Launch (HKLM-x32…{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 – HP Inc.)

HP Support Assistant (HKLM-x32…{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 – HP Inc.)

HP Support Solutions Framework (HKLM-x32…{FF81F9EB-61C1-48A4-8EE5-45C5D61BC0E0}) (Version: 12.19.53.13 – HP Inc.)

HP System Event Utility (HKLM-x32…{025C1573-2F1D-46AF-BAB8-594EBF56A889}) (Version: 1.4.11 – HP Inc.)

Intel® Chipset Device Software (HKLM-x32…{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 – Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 – Intel Corporation)

Intel® Ready Mode Technology (HKLM…{DBF0CA69-EADE-4CE0-8C09-D200FE80BCDC}) (Version: 1.1.70.534 – Intel Corporation)

Intel® Trusted Connect Service Client x86 (HKLM-x32…{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 – Intel Corporation) Hidden

Intel® Trusted Connect Services Client (HKLM-x32…{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 – Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32…{00000010-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.10.0 – Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32…{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 – Intel Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

McAfee® Total Protection (HKLM-x32…MSC) (Version: 16.0 R40 – McAfee, LLC)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 95.0.1020.53 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 95.0.1020.53 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-2647879020-815856927-1001230537-1001…OneDriveSetup.exe) (Version: 21.205.1003.0005 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-2647879020-815856927-1001230537-1001…Teams) (Version: 1.4.00.29469 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

NordVPN (HKLM…{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.40.5.0 – TEFINCOM S.A.)

NordVPN network TAP (HKLM-x32…{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 – NordVPN)

NordVPN network TUN (HKLM…{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 – NordVPN)

NVIDIA GeForce Experience 3.13.1.30 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 – NVIDIA Corporation)

NVIDIA Graphics Driver 471.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)

OMEN Control (HKLM-x32…{AFE5BCE5-46DD-4DFA-9DD9-00F42E15ABD9}) (Version: 1.1.1 – HP)

Outplayed (HKUS-1-5-21-2647879020-815856927-1001230537-1001…Overwolf_cghphpbjeabdkomiphingnegihoigeggcfphdofo) (Version: 66.1.2665 – Overwolf app)

Overwolf (HKLM-x32…Overwolf) (Version: 0.184.0.35 – Overwolf Ltd.)

Paradox Launcher v2 (HKLM…{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 – Paradox Interactive)

Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 – Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 – Realtek)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8237 – Realtek Semiconductor Corp.)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Streamlabs OBS 1.5.2 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Version: 1.5.2 – General Workings, Inc.)

Wargaming.net Game Center (HKUS-1-5-21-2647879020-815856927-1001230537-1001…Wargaming.net Game Center) (Version: 21.7.3.7062 – Wargaming.net)

WebAdvisor by McAfee (HKLM-x32…{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.648 – McAfee, LLC)

Windows 11 Installation Assistant (HKLM-x32…{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1341 – Microsoft Corporation)

Windows PC Health Check (HKLM…{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 – Microsoft Corporation)

WordPress.com 7.2.0 (HKUS-1-5-21-2647879020-815856927-1001230537-1001…ed4e3354-70d4-58f5-8f6d-7420253356e2) (Version: 7.2.0 – Automattic Inc.)

World_of_Warships (HKUS-1-5-21-2647879020-815856927-1001230537-1001…WOWS.WW.PRODUCTION) (Version:  – Wargaming.net)

World_of_Warships_PT (HKUS-1-5-21-2647879020-815856927-1001230537-1001…WOWS.PT.PRODUCTION) (Version:  – Wargaming.net)

wows-monitor 1.2.1 (HKUS-1-5-21-2647879020-815856927-1001230537-1001…b804ffe2-5072-5e51-89dc-ec53b4656cb2) (Version: 1.2.1 – stewie)

 

Packages:

=========

Dropbox promotion -> C:Program FilesWindowsAppsC27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2021-10-25] (Dropbox Inc.)

Forza Horizon 5 -> C:Program FilesWindowsAppsMicrosoft.624F8B84B80_3.405.2.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Studios)

HP JumpStart -> C:Program FilesWindowsAppsAD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2021-07-13] (HP Inc.)

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-01] (Microsoft Studios) [MS Ad]

Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-07-13] (Netflix, Inc.)

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-20] (NVIDIA Corp.)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-27] (Microsoft Corporation)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-14] (Spotify AB) [Startup Task]

Trello -> C:Program FilesWindowsApps45273LiamForsyth.PawsforTrello_2.12.3.0_x64__7pb5ddty8z1pa [2021-10-27] (Trello, Inc.)

Windows Package Manager Source (winget) -> C:Program FilesWindowsAppsMicrosoft.Winget.Source_2021.1030.1607.809_neutral__8wekyb3d8bbwe [2021-10-30] (Microsoft Corporation)

Xbox Accessories -> C:Program FilesWindowsAppsMicrosoft.XboxDevices_300.2110.13001.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-2647879020-815856927-1001230537-1001_ClassesCLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive – Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKUS-1-5-21-2647879020-815856927-1001230537-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersbllesAppDataLocalMicrosoftTeamsMeetingAddin1.0.21209.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-2647879020-815856927-1001230537-1001_ClassesCLSID{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}InprocServer32 -> C:UsersbllesAppDataLocalGoToMeeting19796G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)

ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:Program FilesMcAfeeMSCMcCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:Program FilesGoogleDrive File Stream53.0.4.0drivefsext.dll [2021-11-03] (Google LLC -> Google, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvhdc.inf_amd64_75e4d75cf672cb89nvshext.dll [2021-08-19] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:Program FilesMcAfeeMSCMcCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersbllesAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsSmartsheet Chrome App.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=alehdleagcgnimdipdmllebddejplpbi

 

==================== Loaded Modules (Whitelisted) =============

 

2021-11-16 09:28 – 2021-11-16 09:28 – 000076288 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082psutil_psutil_windows.cp39-win_amd64.pyd

2021-11-16 09:28 – 2021-11-16 09:28 – 000556544 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082pythoncom39.dll

2021-11-16 09:28 – 2021-11-16 09:28 – 000142336 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082pywintypes39.dll

2021-11-16 09:28 – 2021-11-16 09:28 – 000134656 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082win32api.pyd

2021-11-16 09:28 – 2021-11-16 09:28 – 000228864 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082win32gui.pyd

2021-11-16 09:28 – 2021-11-16 09:28 – 000054272 _____ () [File not signed] C:UsersbllesAppDataLocalTemp_MEI4368082win32process.pyd

2021-10-30 16:44 – 2021-10-30 16:44 – 000160768 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32BRIDGECommon8e59e5086aaa90934b0244f55d8cfca1BRIDGECommon.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000125440 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32BridgeExtension1dd741499e127d135636a7c7a74bc0a0BridgeExtension.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000395264 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32CleanStartController719fce6a36038614e4f5c0806e0073cfCleanStartController.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000138240 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32Interop.IWs06dcaa36#7c6cb2f28873358e87b2a36d331fe377Interop.IWshRuntimeLibrary.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000079872 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32NativeInterop464516154c7a8304f8dd12d7dde79d3fNativeInterop.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000145920 _____ () [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32Registratio4eabc192#282f24a12923df84707c49954fb5c63cRegistrationUtilities.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000134656 _____ (hardcodet.net) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32Hardcodet.W6cab32f3#2c43cb2c1add209abd43d547a4d6d2f5Hardcodet.Wpf.TaskbarNotification.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000136192 _____ (HP Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32CommonPortable71c86b6ecb0a347ab060c2b5b6ee5819CommonPortable.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 001585664 _____ (Mark Heath) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32NAudio3e5d5107e920f860b2fcdd765b9f867fNAudio.ni.dll

2021-10-30 16:44 – 2021-10-30 16:44 – 002306560 _____ (Newtonsoft) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32Newtonsoft.Json2d5ed3aa9d043426569dd65af073c87bNewtonsoft.Json.ni.dll

2021-10-30 16:45 – 2021-10-30 16:45 – 000792064 _____ (The Apache Software Foundation) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_32log4net50b50d010766b1f7ef6b213e9a50ccedlog4net.ni.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMCODS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmcpltsvc => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalModuleCoreService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmcapexe => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMcMPFSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMCODS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmcpltsvc => “”=””

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeaack => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeaack.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeavfk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeavfk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefire => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefirek => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfefirek.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfehidk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfehidk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfemms => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeplk => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfeplk.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfetdi2k => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfetdi2k.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmfevtp => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkModuleCoreService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE

HKUS-1-5-21-2647879020-815856927-1001230537-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE

HKUS-1-5-21-2647879020-815856927-1001230537-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKUS-1-5-21-2647879020-815856927-1001230537-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

SearchScopes: HKUS-1-5-21-2647879020-815856927-1001230537-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorx64IEPlugin.dll [2021-11-09] (McAfee, LLC -> McAfee, LLC)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)

BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:Program FilesMcAfeeWebAdvisorwin32IEPlugin.dll [2021-11-09] (McAfee, LLC -> McAfee, LLC)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)

Filter: application/x-mfe-ipt – {3EF5086B-5478-4598-A054-786C45D75692} – C:Program FilesMcAfeeMSCMcSnIePl64.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

Filter-x32: application/x-mfe-ipt – {3EF5086B-5478-4598-A054-786C45D75692} – C:Program Files (x86)McAfeeMSCMcSnIePl.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2017-09-29 07:46 – 2021-09-07 07:39 – 000000822 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Razer Chroma SDKbin;C:Program FilesRazer Chroma SDKbin;C:Program Files (x86)RazerChromaBroadcastbin;C:Program FilesRazerChromaBroadcastbin;C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;C:windowssystem32;C:windows;C:windowsSystem32Wbem;C:windowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesIntelWiFibin;C:Program FilesCommon FilesIntelWirelessCommon;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:WINDOWSsystem32configsystemprofileAppDataLocalMicrosoftWindowsApps;

HKUS-1-5-21-2647879020-815856927-1001230537-1001Control PanelDesktop\Wallpaper -> C:UsersbllesDownloadsford_mustang_shelby_gt500_4k_2-HD.jpg

DNS Servers: 192.168.1.254

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

Network Binding:

=============

Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 

McAfee VPN: NordVPN LightWeight Firewall -> NordLwf (enabled) 

Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 

Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled) 

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun32: => “HPMessageService”

HKLM…StartupApprovedRun32: => “HPMSGSVC”

HKUS-1-5-21-2647879020-815856927-1001230537-1001…StartupApprovedRun: => “OneDrive”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{FCD2969A-BAAA-49D4-B3D5-1749F77EF0E0}] => (Allow) D:GamessteamappscommonRaftRaft.exe () [File not signed]

FirewallRules: [{F4116060-BD8E-49BE-8E0E-FFD0D7863B78}] => (Allow) D:GamessteamappscommonRaftRaft.exe () [File not signed]

FirewallRules: [{0B431981-97D8-4C5E-A466-EFFB7E659DE7}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{C62FACDE-414E-4F9D-A8AC-15D1F3641F57}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{7D37FC9E-9282-47AA-B732-89145677ADBA}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{B77AECC2-3B70-4338-9D6E-84979F709AA4}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{E988A592-E8F0-462C-ACC3-CFCA30149EEA}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{55AA8153-F226-48F2-B1B7-A7C8846591F5}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{F801D375-79C3-435A-9D41-F3A3B9A95B62}] => (Allow) D:GamessteamappscommonPrison ArchitectPrison Architect.exe () [File not signed]

FirewallRules: [{8D6E094D-B710-45D4-847C-5E795CCC7131}] => (Allow) D:GamessteamappscommonPrison ArchitectPrison Architect.exe () [File not signed]

FirewallRules: [{31D2DDC6-C5E7-425F-9BB6-96485BD1297E}] => (Allow) D:GamessteamappscommonPrison ArchitectLauncherdowser.exe (Paradox Interactive AB (publ) -> )

FirewallRules: [{F5267F16-7BC0-4718-A0E3-78AC80BC20BB}] => (Allow) D:GamessteamappscommonPrison ArchitectLauncherdowser.exe (Paradox Interactive AB (publ) -> )

FirewallRules: [{527FE152-D030-4091-BD17-29785C2C329C}] => (Allow) D:GamessteamappscommonRailway EmpireRailwayEmpire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)

FirewallRules: [{5FFE50DF-4918-4645-A7D4-272403C52A37}] => (Allow) D:GamessteamappscommonRailway EmpireRailwayEmpire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)

FirewallRules: [{A3204885-9D2D-49A4-AA71-81F360EF13E7}] => (Allow) D:GamessteamappscommonCnCRemasteredInstanceServerG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{24089ACB-5555-4C0D-8569-3EFEF69BDEBD}] => (Allow) D:GamessteamappscommonCnCRemasteredInstanceServerG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{41118FC3-5C50-4813-9FCC-56484B65F530}] => (Allow) D:GamessteamappscommonCnCRemasteredClientG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{1B2CDF6E-045B-4F53-97EE-87341DEA291E}] => (Allow) D:GamessteamappscommonCnCRemasteredClientG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{2B0D6881-DEB0-43BC-AF00-DB4CFDB842F5}] => (Allow) D:GamessteamappscommonCnCRemasteredClientLauncherG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{F2BB7FCB-1EE3-4DF9-84A1-BE7BEBDBAEC8}] => (Allow) D:GamessteamappscommonCnCRemasteredClientLauncherG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)

FirewallRules: [{89DF7E7E-AF69-4BA3-8EF8-B233EA40B69A}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{EBA6BC2A-9E21-4013-A2F8-5A89B767C873}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{16E60AD3-CA9E-4143-A3A6-C6C5DB8D63E8}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{DB42FF24-29AF-4ED5-B515-A31797E950F6}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{B035E27C-5166-4B05-9B07-69B65CB252A2}] => (Allow) C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe => No File

FirewallRules: [{6FFC0D2A-8793-47E8-9B6A-65AB236FECC3}] => (Allow) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [{00F2E74C-B826-4AEE-8CB3-9D58BA544F88}] => (Allow) C:Program Files (x86)Common FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [UDP Query User{3C59569E-DE95-4C99-8AE8-5E037A698D44}C:programdatawargaming.netgamecenterwgc.exe] => (Allow) C:programdatawargaming.netgamecenterwgc.exe (Wargaming.net Limited -> Wargaming.net)

FirewallRules: [TCP Query User{6EC5DFB7-F761-4F59-AC1E-3DBB016AD309}C:programdatawargaming.netgamecenterwgc.exe] => (Allow) C:programdatawargaming.netgamecenterwgc.exe (Wargaming.net Limited -> Wargaming.net)

FirewallRules: [{270FE3AB-5EEB-4E73-8081-2233A44A8E9D}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{96F295D0-3862-45F1-9127-6B892B569AF2}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{9FF8C797-67B9-4341-9E3C-5AE78A2753FA}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{A892CE46-7EA7-4064-844E-1706BD89D25F}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{6B3A73B6-DCD8-4ECE-A714-40F4B5EB494E}] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )

FirewallRules: [{C56A8B47-D9C6-47B7-8CAA-7A401D0E0CAC}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{FCCA127E-4E86-4F2F-AEDB-DBE98CC54EBD}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14KernelDMSCLMSServerPDVD14.exe => No File

FirewallRules: [{0B42331D-1877-4474-8C35-79E6C8A0EE67}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD14Agent.exe => No File

FirewallRules: [{679433B2-FCC5-4FED-98D9-600FF4F66D0D}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{684FE0A9-4409-4E02-B7B8-CFE4D5024256}] => (Allow) D:GamessteamappscommonNASCAR 21 IgnitionNascarNext.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{71F10796-F56B-490E-924E-F8D34E323FB0}] => (Allow) D:GamessteamappscommonNASCAR 21 IgnitionNascarNext.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{72BFC3E7-B50F-4E67-A3C0-1045CB88B92B}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{59A13BB7-90FD-4AB3-A8FD-31E186683E0B}C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{1254BEB0-ADB5-46EE-A50D-448B737DA80C}C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{387504F0-7C9F-4E4A-A4FF-3AC44346123E}] => (Block) C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B0BF57EE-DE4E-456E-8AA8-7951DADA816D}] => (Block) C:usersbllesappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{E7F5C85C-BEA4-4870-81AE-035FD1741326}] => (Allow) D:GamessteamappscommonGold Rush The GameGoldRushTheGame.exe () [File not signed]

FirewallRules: [{355868C1-944D-4981-9EFD-6D1FB45B7749}] => (Allow) D:GamessteamappscommonGold Rush The GameGoldRushTheGame.exe () [File not signed]

FirewallRules: [{B751F4FE-ED70-4112-9A9E-64293892DE39}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{EA200426-A695-408A-AF4F-977CA63864B2}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{E1D3A2CF-AA09-467D-A3D3-0AFFC8FF864D}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{21C4ED96-D886-45C9-B830-7A24A4C7EEC4}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{FD1589C9-B675-4382-A407-43952EED2462}] => (Allow) C:Program Files (x86)Overwolf.181.0.11OverwolfBrowser.exe => No File

FirewallRules: [{B15CE6D4-581D-4027-B986-B85A56D37CE9}] => (Allow) C:Program Files (x86)Overwolf.181.0.11OverwolfBrowser.exe => No File

FirewallRules: [{C2338FB6-393C-4E16-A3D9-3CF192D57252}] => (Block) C:Program Files (x86)Overwolf.181.0.11OverwolfBrowser.exe => No File

FirewallRules: [{2FBB6431-8AA6-4204-B0D6-9CF6C3217FC6}] => (Block) C:Program Files (x86)Overwolf.181.0.11OverwolfBrowser.exe => No File

FirewallRules: [{70098844-1CCA-458C-9DB5-796145B4F0CE}] => (Allow) C:Program Files (x86)Overwolf.184.0.35OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{7F48CDF0-A9ED-4356-BCA3-CEF38AAFDD4E}] => (Allow) C:Program Files (x86)Overwolf.184.0.35OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{39879375-BF2C-43ED-816A-2AF5B04CC1F8}] => (Block) C:Program Files (x86)Overwolf.184.0.35OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{865A4640-34AE-480E-AD7A-DE6DADB8A89D}] => (Block) C:Program Files (x86)Overwolf.184.0.35OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{A3F20D41-41FA-4662-8DE2-4B9E0AAD06CC}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{CA373911-2A19-40E9-AAD6-48D76B4CE63E}] => (Allow) C:Program FilesWindowsAppsMicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwemsteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3B67B0C0-6E81-4144-B00F-29876E8002B7}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication95.0.1020.53msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{4A9EB3A1-B07B-4864-9026-3F5FCB1E12D4}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5A927E8B-758C-4A52-BA28-47AF5CA7AE19}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5CCEE252-F8B1-45B0-B390-C71AFB8C09CD}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{31B1C88E-C809-4650-A63D-6D9633AAE4C7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{ADA036BB-9218-4C42-AE00-EFC6B0E4133E}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{AE8782A4-6EE0-4098-94CF-D4C1091962F1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D7805481-B7B0-46A0-89F2-BBCAC00D609B}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{729A028D-6E94-4ECD-AE1B-B6EF9C3E6755}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

 

==================== Restore Points =========================

 

09-11-2021 13:46:15 Scheduled Checkpoint

10-11-2021 17:06:51 Windows Modules Installer

16-11-2021 10:08:06 Piriform Driver Updater – Update 10.1.1.45

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname DESKTOP-5G4HP4P.local already in use; will try DESKTOP-5G4HP4P-2.local instead

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 DESKTOP-5G4HP4P.local. Addr 192.168.1.67

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.1.67:5353   16 DESKTOP-5G4HP4P.local. AAAA 2600:1700:7B91:4DE0:0000:0000:0000:003B

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-5G4HP4P.local. AAAA FE80:0000:0000:0000:2C6B:3CD5:A722:E294

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-5G4HP4P.local. AAAA 2600:1700:7B91:4DE0:949E:4A66:9DCC:8CD8

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-5G4HP4P.local. AAAA 2600:1700:7B91:4DE0:2C6B:3CD5:A722:E294

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 DESKTOP-5G4HP4P.local. Addr 192.168.1.67

 

Error: (11/16/2021 10:08:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-5G4HP4P.local. AAAA FE80:0000:0000:0000:2C6B:3CD5:A722:E294

 

 

System errors:

=============

Error: (11/16/2021 10:08:28 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 10:08:27 AM) (Source: Tcpip) (EventID: 4199) (User: )

Description: The system detected an address conflict for IP address 2600:1700:7b91:4de0::3b with the system

having network hardware address 9E-C6-A7-86-35-6F. Network operations on this system may

be disrupted as a result.

 

Error: (11/16/2021 10:08:24 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 09:39:33 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 09:35:47 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 09:32:33 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 09:29:39 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{C203F21E-49EA-4052-9E7F-FDFD75A4897C} because another computer on the network has the same name.  The server could not start.

 

Error: (11/16/2021 09:28:58 AM) (Source: Server) (EventID: 2505) (User: )

Description: The server could not bind to the transport DeviceNetBT_Tcpip_{2266D305-948B-40C5-A18F-B7397D07A3B6} because another computer on the network has the same name.  The server could not start.

 

 

CodeIntegrity:

===============

Date: 2021-11-16 09:29:07

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume9WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume9Program FilesMcAfeeMfeAVAMSIExt.dll that did not meet the Windows signing level requirements. ਍

 

 

==================== Memory info =========================== 

 

BIOS: AMI F.23 01/26/2018

Motherboard: HP 830C

Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz

Percentage of memory in use: 40%

Total physical RAM: 32696.11 MB

Available physical RAM: 19344.06 MB

Total Virtual: 37560.11 MB

Available Virtual: 16813.11 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:463.91 GB) (Free:247.01 GB) NTFS

Drive d: (Windows) (Fixed) (Total:917.22 GB) (Free:672.5 GB) NTFS

Drive e: (RECOVERY) (Fixed) (Total:13.06 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]

 

\?Volume{50934a84-480f-11e9-9b2c-34415d553420} (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.41 GB) NTFS

\?Volume{e14c87a7-c435-430a-be4a-8a3e8ff69152} () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS

\?Volume{fa593e82-6228-4252-ba13-547ad2c502d8} (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.41 GB) NTFS

\?Volume{538a6a1f-4dc8-6248-5b5f-13c49b28a56a} () (Fixed) (Total:101.08 GB) (Free:0 GB) NTFS

\?Volume{e7623431-fc30-466a-aff8-704141d2d633} () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

\?Volume{320ae379-cac4-43f3-a378-b0321bd5fb98} () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 18186ACC)

 

Partition: GPT.

 

==========================================================

Disk: 1 (Size: 931.5 GB) (Disk ID: 28AA1D15)

 

Partition: GPT.

Attempted reading MBR returned 0 bytes.

 Could not read MBR for disk 2.

 

==================== End of Addition.txt =======================

 

 

 




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

sixty six − = sixty four