Suspected virus from my task manager, ColorMania(GoogleDiagonstics) | #firefox | #chrome | #microsoftedge

I’m unable to end it using the task manager, I get a pop up saying “The operation is not valid for this process” and I’m being directed to an empty folder when I try to get to it’s file location.

And antivirus searches aren’t detecting anything. I see no use for it, I want to get rid of it. Please help.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01

Ran by Paul (administrator) on DESKTOP-OU0QPUF (Hewlett-Packard HP 255 G5 Notebook PC) (21-07-2021 14:29:17)

Running from C:UsersPaulDownloads

Loaded Profiles: Paul

Platform: Windows 10 Pro Version 21H1 19043.1083 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0366969.inf_amd64_011e273f4453e6ecB367342atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0366969.inf_amd64_011e273f4453e6ecB367342atiesrxx.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavgnt.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavguard.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusavshadow.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirusprotectedservice.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraAntivirussched.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraOptimizer HostAvira.OptimizerHost.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraSecurityAvira.Spotlight.Service.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraSecurityAvira.Spotlight.Systray.Application.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraSoftwareUpdaterAvira.SoftwareUpdater.ServiceHost.exe

(Blacksun Software) [File not signed] [File is in use] C:UsersPaulAppDataRoamingGoogleGoogleDiagnostics.exe <2>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.92GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.92GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <23>

(HP Inc. -> HP Inc.) C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe

(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersPaulAppDataLocalMicrosoftOneDriveOneDrive.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbweGameBar.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbweGameBarFTServer.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32CastSrv.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [] => [X]

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [11236136 2021-07-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32…Run: [] => [X]

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…Run: [Discord] => C:UsersPaulAppDataLocalDiscordUpdate.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…Run: [] => [X]

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…Run: [Adobe Reader Synchronizer] => C:Program Files (x86)AdobeAcrobat Reader DCReaderAdobeCollabSync.exe [5550304 2021-06-27] (Adobe Inc. -> Adobe Systems Incorporated)

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…PoliciesExplorer: [DisallowRun] 1

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication91.0.4472.164Installerchrmstp.exe [2021-07-20] (Google LLC -> Google LLC)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {059D64CB-BA92-4562-A077-E7A666FDC6F5} – System32TasksDriver Booster SkipUAC (Paul) => C:Program Files (x86)IObitDriver Booster8.2.0DriverBooster.exe [8147216 2020-12-24] (IObit Information Technology -> IObit)

Task: {06109BB3-2EAE-413E-8F20-F06329E23047} – System32TasksAvira_Security_Service_SCM_Watchdog => C:Program Files (x86)AviraSecurityAvira.Spotlight.Service.Worker.exe [248552 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {0F9C1C5F-604D-4B3C-A56B-4FCCFFA691B4} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [118104 2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {1F1E22FC-C544-4337-B5C4-BB23F8FC1802} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-06-19] (Google LLC -> Google LLC)

Task: {31D98B74-8837-4B79-AB72-D5F987E9237C} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Updater => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)

Task: {35C6206B-B9BF-42B6-9351-D39C0AE06417} – System32TasksAvira_Antivirus_Systray => C:Program Files (x86)AviraAntivirusavgnt.exe [2651056 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {3763C370-6444-4914-9401-EB1FC4942A80} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Updater – Install HPSA => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)

Task: {39DFA127-320C-4414-87D6-5BD4C9B8110E} – System32TasksGoogleUpdateSoftware => C:UsersPaulAppDataRoamingGoogleGoogleDiagnostics.exe [800303616 2021-06-21] (Blacksun Software) [File not signed] [File is in use] <==== ATTENTION

Task: {43B350FB-0AA0-4048-814D-FDE3DABD7BC0} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [118104 2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {5BA70A53-D603-4B48-8062-6FF25756F3CF} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)

Task: {61005CB1-1579-4731-A863-D6E128FB4153} – System32TasksAvira_Security_Update => C:Program Files (x86)AviraSecurityAvira.Spotlight.Common.Updater.exe [267080 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {7AA9B08B-E995-4FC5-BABD-12F615C269CF} – System32TasksDriver Easy Scheduled Scan => C:Program FilesEasewareDriverEasyDriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)

Task: {81E7D812-1055-4F19-AF45-5EB872365078} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)Hewlett-PackardHP Support SolutionsModulesHPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)

Task: {882D2CA7-BFE0-434F-8064-202A7C67D427} – System32TasksDriver Booster Scheduler => C:Program Files (x86)IObitDriver Booster8.2.0Scheduler.exe [152848 2020-12-23] (IObit Information Technology -> IObit)

Task: {8A5922F7-DB1E-4A26-BE28-DFB21E5B9E82} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)

Task: {8C1ED09C-2746-4495-8F09-44F6EE6A1EE7} – System32TasksAvira_Security_Systray => C:Program Files (x86)AviraSecurityAvira.Spotlight.Systray.Application.exe [1628464 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {BCC83280-7C83-40B3-818E-ECA8D2B5E54B} – UpdateWindows -> No File <==== ATTENTION

Task: {C6EB9F4B-871E-4B41-BDDB-2C98C11661DF} – System32TasksDriver Booster Update => C:Program Files (x86)IObitDriver Booster8.2.0AutoUpdate.exe [2268432 2020-12-23] (IObit Information Technology -> IObit)

Task: {D104B805-4173-449D-8E00-F3DEC94171E6} – System32TasksAviraSystemSpeedupUpdate => C:ProgramDataAviraSystemSpeedupUpdateavira_speedup_setup_update.exe [29802464 2021-06-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {F3BE2FAB-F74C-4A8D-BBA0-0F1FEA19F519} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154456 2021-06-19] (Google LLC -> Google LLC)

Task: {F6CB6950-2EF7-4018-B410-7620E6CC2B73} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WindowsTasksDriver Easy Scheduled Scan.job => C:Program FilesEasewareDriverEasyDriverEasy.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.101.80

Tcpip..Interfaces{96d78ee2-f7ae-49ac-9005-00595af5934a}: [DhcpNameServer] 192.168.1.1 8.8.8.8

Tcpip..Interfaces{a9f0b94d-f7a9-4eb2-853a-f1a07da293ee}: [DhcpNameServer] 192.168.197.28

Tcpip..Interfaces{d1e43591-e507-4067-af07-d7af242f0ade}: [DhcpNameServer] 192.168.101.80

 

Edge: 

=======

Edge Profile: C:UsersPaulAppDataLocalMicrosoftEdgeUser DataDefault [2021-07-08]

 

FireFox:

========

FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersPaulAppDataLocalGoogleChromeUser DataDefault [2021-07-21]

CHR Notifications: Default -> hxxps://meet.google.com; hxxps://us04web.zoom.us; hxxps://www.reddit.com; hxxps://www.tradingview.com

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> “hxxps://www.google.com/”

CHR Extension: (Google Translate) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsaapbdbdomjkkjkaonfhkkikfgjllcleb [2021-06-19]

CHR Extension: (Slides) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-06-19]

CHR Extension: (Safe Torrent Scanner) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsaegnopegbbhjeeiganiajffnalhlkkjb [2021-07-01]

CHR Extension: (Just Black) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsaghfnjkcakhmadgdomlmlhhaocbkloab [2021-06-19]

CHR Extension: (Docs) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-06-19]

CHR Extension: (Google Drive) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-06-19]

CHR Extension: (MEGA) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsbigefpfhnfcobdlfbedofhhaibnlghod [2021-07-17]

CHR Extension: (Solitaire Games) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsbmfmccmloeoabkbgidmhjpdonhbnjfjh [2021-06-19]

CHR Extension: (Honey) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-07-20]

CHR Extension: (Avira Safe Shopping) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-24]

CHR Extension: (Adobe Acrobat) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-07-01]

CHR Extension: (Free Rider HD) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsemikpifndnjfkgofoglceekhkbaicbde [2021-06-19]

CHR Extension: (Sheets) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-06-19]

CHR Extension: (Avira Browser Safety) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsflliilndjeohchalpbbcdekjklbdgfkk [2021-07-20]

CHR Extension: (Google Docs Offline) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-11]

CHR Extension: (AdBlock — best ad blocker) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-06-23]

CHR Extension: (Chrome Web Store Payments) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-06-19]

CHR Extension: (Chrome Media Router) – C:UsersPaulAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-19]

CHR Profile: C:UsersPaulAppDataLocalGoogleChromeUser DataGuest Profile [2021-07-19]

CHR Profile: C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1 [2021-07-21]

CHR Notifications: Profile 1 -> hxxps://meet.google.com

CHR Extension: (Slides) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-06-19]

CHR Extension: (Adobe Acrobat) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-07-02]

CHR Extension: (Sheets) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-06-19]

CHR Extension: (Avira Browser Safety) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsflliilndjeohchalpbbcdekjklbdgfkk [2021-07-21]

CHR Extension: (Google Docs Offline) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-19]

CHR Extension: (Chrome Web Store Payments) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-06-19]

CHR Extension: (Chrome Media Router) – C:UsersPaulAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-19]

CHR Profile: C:UsersPaulAppDataLocalGoogleChromeUser DataSystem Profile [2021-07-08]

CHR HKLM-x32…ChromeExtension: [caljgklbbfbcjjanaijlacgncafpegll]

CHR HKLM-x32…ChromeExtension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)

S2 AntiVirMailService; C:Program Files (x86)AviraAntivirusavmailc7.exe [1206648 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AntivirProtectedService; C:Program Files (x86)AviraAntivirusProtectedService.exe [538000 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:Program Files (x86)AviraAntivirussched.exe [485048 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:Program Files (x86)AviraAntivirusavguard.exe [485048 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:Program Files (x86)AviraAntivirusavwebg7.exe [574672 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraOptimizerHost; C:Program Files (x86)AviraOptimizer HostAvira.OptimizerHost.exe [2988816 2021-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S4 AviraPhantomVPN; C:Program Files (x86)AviraVPNAvira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraSecurity; C:Program Files (x86)AviraSecurityAvira.Spotlight.Service.exe [264880 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraUpdaterService; C:Program Files (x86)AviraSoftwareUpdaterAvira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11279752 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)

R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)Hewlett-PackardHP Support SolutionsHPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5394864 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 avdevprot; C:WindowsSystem32DRIVERSavdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S0 avelam; C:WindowsSystem32driversavelam.sys [22848 2021-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)

R2 avgntflt; C:WindowsSystem32DRIVERSavgntflt.sys [208336 2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R1 avipbb; C:Windowssystem32DRIVERSavipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R1 avkmgr; C:Windowssystem32DRIVERSavkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 avnetflt; C:Windowssystem32DRIVERSavnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R0 avusbflt; C:WindowsSystem32Driversavusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S3 dg_ssudbus; C:Windowssystem32DRIVERSssudbus2.sys [159800 2021-04-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 ss_conn_usb_driver2; C:WindowsSystem32Driversss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 WdBoot; C:Windowssystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:Windowssystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

R3 WirelessButtonDriver64; C:WindowsSystem32driversWirelessButtonDriver64.sys [35392 2021-07-07] (HP Inc. -> HP)

S3 WTPTP; C:WindowsSystem32DriversWTPTP.sys [30208 2014-03-24] (Marvell International Ltd. -> Marvell Corporation (Hefei Branch), Inc.)

S3 cpuz148; ??C:Windowstempcpuz148cpuz148_x64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-07-21 14:29 – 2021-07-21 14:40 – 000022040 _____ C:UsersPaulDownloadsFRST.txt

2021-07-21 14:28 – 2021-07-21 14:39 – 000000000 ____D C:FRST

2021-07-21 14:26 – 2021-07-21 14:26 – 002300416 _____ (Farbar) C:UsersPaulDownloadsFRST64.exe

2021-07-21 11:14 – 2021-07-21 11:15 – 005183384 _____ (Husdawg, LLC) C:UsersPaulDownloadsDetection.exe

2021-07-20 10:51 – 2021-07-20 10:51 – 000000000 ____D C:UsersTresphordAppDataLocalPlaceholderTileLogoFolder

2021-07-20 10:27 – 2021-07-20 10:27 – 000000000 ____D C:UsersTresphordAppDataLocalLowIObit

2021-07-20 10:27 – 2021-07-20 10:27 – 000000000 ____D C:UsersTresphordAppDataLocalAdobe

2021-07-20 10:24 – 2021-07-20 10:24 – 000000000 ____D C:UsersTresphordAppDataRoamingIObit

2021-07-20 10:20 – 2021-07-20 10:20 – 000000000 ____D C:UsersTresphordAppDataLocal__SHARED

2021-07-20 10:19 – 2021-07-20 10:19 – 000000000 ____D C:UsersTresphordAppDataLocalLowAMD

2021-07-19 11:07 – 2021-07-19 11:07 – 000000000 ____D C:UsersPaulAppDataRoamingCall of Duty – Modern Warfare 2

2021-07-19 11:07 – 2021-07-19 11:07 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsR.G. Mechanics

2021-07-19 09:48 – 2021-07-19 09:48 – 000000000 ____D C:Program Files (x86)R.G. Mechanics

2021-07-19 08:16 – 2021-07-19 08:16 – 000000000 ____D C:UsersPaulDocumentsZoom

2021-07-19 02:07 – 2021-07-19 02:07 – 000000000 ____D C:UsersPaulDocumentsICT

2021-07-19 01:57 – 2021-07-19 01:59 – 000000000 ____D C:UsersPaulDocumentsCall Of Duty Modern Warfare 2

2021-07-18 23:31 – 2021-07-19 09:46 – 000000000 ____D C:UsersPaulDownloadsCallOfDutyMW2

2021-07-18 22:58 – 2021-07-18 22:58 – 000000000 ____D C:WindowsLastGood.Tmp

2021-07-18 22:57 – 2021-07-18 22:57 – 072520816 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RCoRes64.dat

2021-07-18 22:57 – 2021-07-18 22:57 – 038636585 _____ C:Windowssystem32DriversRTAIODAT.DAT

2021-07-18 22:57 – 2021-07-18 22:57 – 003677176 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RTSnMg64.cpl

2021-07-18 22:57 – 2021-07-18 22:57 – 003168280 _____ (DTS, Inc.) C:Windowssystem32sltech64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 003159880 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtPgEx64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 002930256 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RCoInstII64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001435032 _____ (Synopsys, Inc.) C:Windowssystem32SRRPTR64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001396840 _____ (Sound Research, Corp.) C:Windowssystem32SECOMN64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001386680 _____ (Sound Research, Corp.) C:Windowssystem32SEHDHF64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001353216 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RTCOM64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001294192 _____ (Sound Research, Corp.) C:Windowssystem32SEAPO64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001180792 _____ (Sound Research, Corp.) C:Windowssystem32SEHDRA64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001110072 _____ (DTS, Inc.) C:Windowssystem32sl3apo64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001078576 _____ (Sound Research, Corp.) C:WindowsSysWOW64SEHDHF32.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 001061464 _____ (Sound Research, Corp.) C:WindowsSysWOW64SECOMN32.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000692056 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtDataProc64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000541008 _____ (SRS Labs, Inc.) C:Windowssystem32SRSTSX64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000467048 _____ (Synopsys, Inc.) C:Windowssystem32SRAPO64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000392768 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RTEEP64A.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000381304 _____ (Synopsys, Inc.) C:Windowssystem32SRCOM64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000343600 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtlCPAPI64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000341040 _____ (Synopsys, Inc.) C:WindowsSysWOW64SRCOM.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000341040 _____ (Synopsys, Inc.) C:Windowssystem32SRCOM.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000327168 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RP3DHT64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000327168 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RP3DAA64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000266656 _____ (TODO: <Company name>) C:Windowssystem32slprp64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000220280 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RTEED64A.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000174832 _____ (SRS Labs, Inc.) C:Windowssystem32SRSWOW64.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000122424 _____ (Real Sound Lab SIA) C:Windowssystem32CONEQMSAPOGUILibrary.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000116432 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RTEEL64A.dll

2021-07-18 22:57 – 2021-07-18 22:57 – 000093800 _____ (Dolby Laboratories, Inc.) C:Windowssystem32RTEEG64A.dll

2021-07-18 22:47 – 2021-07-18 22:47 – 008654184 _____ (Intel Corporation) C:Windowssystem32DriversNetwtw04.sys

2021-07-18 22:47 – 2021-07-18 22:47 – 002074564 _____ C:Windowssystem32DriversNetwfw04.dat

2021-07-18 22:47 – 2021-07-18 22:47 – 001422184 _____ (Intel Corporation) C:Windowssystem32IntelIHVRouter04.dll

2021-07-18 22:44 – 2021-07-18 22:44 – 001149432 _____ (Realtek ) C:Windowssystem32Driversrt640x64.sys

2021-07-18 22:36 – 2021-07-18 22:36 – 081573696 _____ C:Windowssystem32amd_comgr.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 067153744 _____ C:WindowsSysWOW64amd_comgr32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 005800768 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amfrt64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 005520200 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amfrt32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001748816 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atiadlxx.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001685728 _____ (AMD) C:Windowssystem32amf-mft-mjpeg-decoder64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001535312 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atiacm64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001365080 _____ (AMD) C:WindowsSysWOW64amf-mft-mjpeg-decoder32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001331536 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64atiadlxy.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001331536 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64atiadlxx.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001093736 _____ C:Windowssystem32vulkan-1-999-0-0-0.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 001093736 _____ C:Windowssystem32vulkan-1.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000946904 _____ C:WindowsSysWOW64vulkan-1-999-0-0-0.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000946904 _____ C:WindowsSysWOW64vulkan-1.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000736576 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32Rapidfire64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000620864 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64Rapidfire.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000496448 _____ C:Windowssystem32GameManager64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000468304 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atidemgy.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000379712 _____ C:WindowsSysWOW64GameManager32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000245056 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atig6txx.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000212808 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atigktxx.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000186688 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mantle64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000182096 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32aticfx64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000166712 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atisamu64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000166224 _____ (AMD) C:Windowssystem32atimuixx.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000166208 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mantleaxl64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000158360 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64aticfx32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000156480 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mantle32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000149824 _____ (Khronos Group) C:Windowssystem32OpenCL.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000142144 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mantleaxl32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000140600 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atisamu32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000135504 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdxc64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000130896 _____ (Khronos Group) C:WindowsSysWOW64OpenCL.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000130336 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atimpc64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000125264 _____ C:Windowssystem32atidxx64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000115528 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdxc32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000108352 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atimpc32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000107328 _____ C:WindowsSysWOW64atidxx32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000090432 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mcl64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000075072 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mcl32.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000069952 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32ati2erec.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000046400 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32RapidFireServer64.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000043328 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64RapidFireServer.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000019880 _____ (Microsoft Corporation) C:WindowsSysWOW64detoured.dll

2021-07-18 22:36 – 2021-07-18 22:36 – 000019880 _____ (Microsoft Corporation) C:Windowssystem32detoured.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 072481616 _____ (Advanced Micro Devices Inc.) C:Windowssystem32amdhip64.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 059164696 _____ C:Windowssystem32amdxc64.so

2021-07-18 22:35 – 2021-07-18 22:35 – 003471376 _____ C:WindowsSysWOW64atiumdva.cap

2021-07-18 22:35 – 2021-07-18 22:35 – 003437632 _____ C:Windowssystem32atiumd6a.cap

2021-07-18 22:35 – 2021-07-18 22:35 – 001857856 _____ C:Windowssystem32vulkaninfo-1-999-0-0-0.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 001857856 _____ C:Windowssystem32vulkaninfo.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 001438536 _____ C:WindowsSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 001438536 _____ C:WindowsSysWOW64vulkaninfo.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000940880 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amdlvr64.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000821056 _____ (AMD) C:Windowssystem32atieclxx.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000768336 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amdlvr32.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000558136 _____ C:WindowsSysWOW64atiapfxx.blb

2021-07-18 22:35 – 2021-07-18 22:35 – 000558136 _____ C:Windowssystem32atiapfxx.blb

2021-07-18 22:35 – 2021-07-18 22:35 – 000546872 _____ C:Windowssystem32amdmiracast.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000492864 _____ C:Windowssystem32dgtrayicon.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000489272 _____ C:Windowssystem32amdgfxinfo64.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000466256 _____ C:Windowssystem32amdlogum.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000455992 _____ C:Windowssystem32atieah64.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000432448 _____ C:Windowssystem32EEURestart.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000379704 _____ C:WindowsSysWOW64amdgfxinfo32.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000351552 _____ C:WindowsSysWOW64atieah32.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000346432 _____ C:Windowssystem32clinfo.exe

2021-07-18 22:35 – 2021-07-18 22:35 – 000136000 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdave64.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000130336 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdpcom64.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000128048 _____ C:Windowssystem32kapp_ci.sbin

2021-07-18 22:35 – 2021-07-18 22:35 – 000120344 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdave32.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000108352 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdpcom32.dll

2021-07-18 22:35 – 2021-07-18 22:35 – 000076237 _____ C:Windowssystem32AMDKernelEvents.man

2021-07-18 22:35 – 2021-07-18 22:35 – 000012344 _____ C:Windowssystem32brandingWS_RSX.bmp

2021-07-18 22:35 – 2021-07-18 22:35 – 000012344 _____ C:Windowssystem32brandingRSX.bmp

2021-07-18 22:35 – 2021-07-18 22:35 – 000011014 _____ C:Windowssystem32atiacmLocalisation.ini

2021-07-18 22:35 – 2021-07-18 22:35 – 000000822 _____ C:Windowssystem32branding.bmp

2021-07-18 21:35 – 2021-07-18 21:35 – 000466456 _____ (Creative Labs) C:Windowssystem32wrap_oal.dll

2021-07-18 21:35 – 2021-07-18 21:35 – 000444952 _____ (Creative Labs) C:WindowsSysWOW64wrap_oal.dll

2021-07-18 21:35 – 2021-07-18 21:35 – 000122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:Windowssystem32OpenAL32.dll

2021-07-18 21:35 – 2021-07-18 21:35 – 000109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:WindowsSysWOW64OpenAL32.dll

2021-07-18 21:35 – 2021-07-18 21:35 – 000000000 ____D C:Program Files (x86)OpenAL

2021-07-18 21:31 – 2021-07-18 21:35 – 000000000 ____D C:UsersPaulAppDataRoaminginstinfo

2021-07-18 21:31 – 2021-07-18 21:31 – 000000000 ____D C:ProgramDataProductData

2021-07-18 11:21 – 2021-07-18 21:31 – 000000000 ____D C:UsersPaulAppDataLocalLowIObit

2021-07-18 11:21 – 2021-07-18 11:21 – 000003188 _____ C:Windowssystem32TasksDriver Booster Scheduler

2021-07-18 11:21 – 2021-07-18 11:21 – 000003174 _____ C:Windowssystem32TasksDriver Booster Update

2021-07-18 11:21 – 2021-07-18 11:21 – 000002946 _____ C:Windowssystem32TasksDriver Booster SkipUAC (Paul)

2021-07-18 11:21 – 2021-07-18 11:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDriver Booster 8

2021-07-18 11:21 – 2021-07-18 11:21 – 000000000 ____D C:ProgramData{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}

2021-07-18 11:21 – 2021-07-18 11:21 – 000000000 ____D C:Program Files (x86)IObit

2021-07-18 11:20 – 2021-07-18 21:53 – 000000000 ____D C:ProgramDataIObit

2021-07-18 11:20 – 2021-07-18 11:20 – 000000000 ____D C:UsersPaulAppDataRoamingIObit

2021-07-09 12:24 – 2014-03-24 10:13 – 000030208 _____ (Marvell Corporation (Hefei Branch), Inc.) C:Windowssystem32Driverswtptp.sys

2021-07-09 12:20 – 2014-04-18 11:19 – 000000000 ____D C:UsersPaulDownloadsWTPTP

2021-07-09 12:05 – 2021-07-09 12:08 – 000000000 ____D C:UsersPaulDownloadsL02B-16-NEW UPDATE

2021-07-08 19:58 – 2021-07-08 19:59 – 000000444 _____ C:Windowssystem32Driversetchosts.ics

2021-07-07 02:08 – 2021-07-07 02:08 – 001687040 _____ C:Windowssystem32libcrypto.dll

2021-07-07 02:07 – 2021-07-07 02:07 – 002755584 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb

2021-07-07 02:07 – 2021-07-07 02:07 – 000452608 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2021-07-07 02:07 – 2021-07-07 02:07 – 000157184 _____ C:Windowssystem32uwfcsp.dll

2021-07-07 02:07 – 2021-07-07 02:07 – 000153600 _____ C:Windowssystem32uwfcfgmgmt.dll

2021-07-07 02:07 – 2021-07-07 02:07 – 000067584 _____ (Microsoft Corporation) C:WindowsSysWOW64wscui.cpl

2021-07-07 02:06 – 2021-07-07 02:06 – 002755584 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb

2021-07-07 02:06 – 2021-07-07 02:06 – 002371072 _____ C:Windowssystem32rdpnano.dll

2021-07-07 02:06 – 2021-07-07 02:06 – 000700928 _____ C:Windowssystem32FsNVSDeviceSource.dll

2021-07-07 02:06 – 2021-07-07 02:06 – 000570880 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl

2021-07-07 02:06 – 2021-07-07 02:06 – 000084992 _____ (Microsoft Corporation) C:Windowssystem32wscui.cpl

2021-07-07 02:05 – 2021-07-07 02:05 – 001314128 _____ (Microsoft Corporation) C:Windowssystem32SecConfig.efi

2021-07-07 02:05 – 2021-07-07 02:05 – 000011351 _____ C:Windowssystem32DrtmAuthTxt.wim

2021-07-07 02:04 – 2021-07-07 02:04 – 001864192 _____ (The ICU Project) C:WindowsSysWOW64icu.dll

2021-07-07 02:04 – 2021-07-07 02:04 – 000468440 _____ C:WindowsSysWOW64WindowManagementAPI.dll

2021-07-07 02:03 – 2021-07-07 02:03 – 001163776 _____ C:Windowssystem32MBR2GPT.EXE

2021-07-07 02:03 – 2021-07-07 02:03 – 000423936 _____ (Microsoft Corporation) C:WindowsSysWOW64winspool.drv

2021-07-07 02:03 – 2021-07-07 02:03 – 000223744 _____ C:WindowsSysWOW64TpmTool.exe

2021-07-07 02:02 – 2021-07-07 02:02 – 001823304 _____ (Microsoft Corporation) C:Windowssystem32winload.efi

2021-07-07 02:02 – 2021-07-07 02:02 – 001393504 _____ (Microsoft Corporation) C:Windowssystem32winresume.efi

2021-07-07 02:02 – 2021-07-07 02:02 – 000060928 _____ C:Windowssystem32runexehelper.exe

2021-07-07 02:01 – 2021-07-07 02:01 – 000097792 _____ C:Windowssystem32Driverscimfs.sys

2021-07-07 02:00 – 2021-07-07 02:00 – 002260992 _____ C:Windowssystem32TextInputMethodFormatter.dll

2021-07-07 02:00 – 2021-07-07 02:00 – 002260480 _____ (The ICU Project) C:Windowssystem32icu.dll

2021-07-07 02:00 – 2021-07-07 02:00 – 000657464 _____ C:Windowssystem32WindowManagementAPI.dll

2021-07-07 01:59 – 2021-07-07 01:59 – 000272384 _____ C:Windowssystem32TpmTool.exe

2021-07-07 01:59 – 2021-07-07 01:59 – 000165888 _____ C:Windowssystem32DataStoreCacheDumpTool.exe

2021-07-07 01:58 – 2021-07-07 01:58 – 000563712 _____ (Microsoft Corporation) C:Windowssystem32winspool.drv

2021-07-07 01:58 – 2021-07-07 01:58 – 000287232 _____ C:Windowssystem32CoreMas.dll

2021-07-07 01:58 – 2021-07-07 01:58 – 000013312 _____ C:Windowssystem32agentactivationruntimestarter.exe

2021-07-07 01:20 – 2021-07-07 01:21 – 000438856 _____ (Intel Corporation) C:Windowssystem32ibtproppage.dll

2021-07-07 01:20 – 2021-07-07 01:20 – 000261688 _____ (Intel Corporation) C:Windowssystem32Driversibtusb.sys

2021-07-07 01:06 – 2021-07-07 01:06 – 000035392 _____ (HP) C:Windowssystem32DriversWirelessButtonDriver64.sys

2021-07-07 00:58 – 2021-07-07 00:58 – 000483024 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32tbaseregistry64.dll

2021-07-07 00:58 – 2021-07-07 00:58 – 000434384 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32t-base_client_api.dll

2021-07-07 00:58 – 2021-07-07 00:58 – 000384720 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64tbaseregistry32.dll

2021-07-07 00:58 – 2021-07-07 00:58 – 000347856 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64t-base_client_api.dll

2021-07-07 00:57 – 2021-07-07 00:57 – 000137424 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32Driversamdpsp.sys

2021-07-07 00:50 – 2021-07-07 00:50 – 000045560 _____ (Advanced Micro Devices) C:Windowssystem32Driversstormmc.sys

2021-07-07 00:36 – 2021-07-07 00:36 – 000035848 _____ (Advanced Micro Devices, INC.) C:Windowssystem32DriversAmdAS4.sys

2021-07-07 00:12 – 2020-11-11 03:54 – 000043376 _____ (Samsung Electronics Co., Ltd.) C:Windowssystem32Driversss_conn_usb_driver2.sys

2021-07-06 17:07 – 2021-07-06 17:07 – 000000000 ____D C:ProgramDataHP

2021-07-06 17:07 – 2021-07-06 17:07 – 000000000 ____D C:Program Files (x86)HP

2021-07-06 16:19 – 2021-07-18 22:59 – 000057556 _____ C:Windowssystem32Driversrtkhdasetting.zip

2021-07-06 16:19 – 2021-07-18 22:59 – 000002058 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsDTS Audio Control.lnk

2021-07-06 16:19 – 2021-07-06 16:19 – 000000000 ____D C:ProgramDataSRS Labs

2021-07-06 16:19 – 2021-07-06 16:19 – 000000000 ____D C:ProgramDataSoundResearch

2021-07-06 16:17 – 2021-07-06 16:17 – 000000000 ____D C:Program FilesRealtek

2021-07-06 16:15 – 2021-07-18 22:57 – 007281960 _____ (Realtek Semiconductor Corp.) C:Windowssystem32DriversRTKVHD64.sys

2021-07-06 16:15 – 2021-07-18 22:57 – 003769296 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RltkAPO64.dll

2021-07-06 16:15 – 2021-07-18 22:57 – 003445640 _____ (DTS, Inc.) C:Windowssystem32slcnt64.dll

2021-07-06 16:15 – 2021-07-18 22:57 – 003353720 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtkApi64.dll

2021-07-06 16:15 – 2021-07-18 22:57 – 000192872 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtkCfg64.dll

2021-07-06 16:15 – 2021-07-18 22:57 – 000023800 _____ (Realtek Semiconductor Corp.) C:Windowssystem32RtkCoLDR64.dll

2021-07-06 16:14 – 2021-07-06 16:14 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2021-07-06 16:14 – 2017-05-10 05:06 – 001616680 _____ (Conexant Systems Inc.) C:Windowssystem32CX64APO.dll

2021-07-06 16:14 – 2017-05-10 05:06 – 001529128 _____ (Conexant Systems Inc.) C:Windowssystem32CX64Proxy.dll

2021-07-06 16:14 – 2017-05-10 05:06 – 000467136 _____ (Conexant Systems, Inc.) C:Windowssystem32CAF64APO2.dll

2021-07-06 16:14 – 2017-05-10 05:06 – 000112488 _____ (Conexant Systems, Inc.) C:Windowssystem32Caf64api.dll

2021-07-06 16:14 – 2017-05-10 05:06 – 000005604 _____ C:Windowssystem32cxapo.lncs

2021-07-06 16:14 – 2017-05-10 05:06 – 000000864 _____ C:Windowssystem32cxapo.prop

2021-07-06 14:56 – 2021-07-01 21:08 – 000000030 _____ C:AVScanner.ini

2021-07-06 14:44 – 2021-07-06 14:44 – 000000000 ____D C:Windowspss

2021-07-06 14:36 – 2021-07-06 16:27 – 000000436 _____ C:WindowsTasksDriver Easy Scheduled Scan.job

2021-07-06 14:36 – 2021-07-06 14:36 – 000003906 _____ C:Windowssystem32TasksDriver Easy Scheduled Scan

2021-07-06 14:36 – 2021-07-06 14:36 – 000000000 ____D C:UsersPaulAppDataRoamingEaseware

2021-07-06 14:36 – 2021-07-06 14:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDriver Easy

2021-07-06 14:36 – 2021-07-06 14:36 – 000000000 ____D C:Program FilesEaseware

2021-07-06 08:48 – 2021-07-06 08:48 – 001632091 _____ C:UsersPaulDownloadsThe Way of the Superior Man A Spiritual Guide to Mastering the Challenges of Women, Work, and Sexual Desire by David Deida (z-lib.org).epub

2021-07-01 22:14 – 2021-07-01 22:14 – 000014720 _____ C:UsersPaulDocuments41Rollo_Tomassi___The_Rational_Male____.torrent

2021-07-01 21:40 – 2021-07-01 21:40 – 000000000 ____D C:Program FilesCommon FilesMcAfee

2021-07-01 21:22 – 2021-07-01 21:24 – 000000000 ____D C:UsersPaulAppDataLocalLowAdobe

2021-07-01 21:07 – 2021-07-01 21:08 – 000000000 ____D C:ProgramDataMcAfee

2021-07-01 21:07 – 2021-07-01 21:07 – 000004562 _____ C:Windowssystem32TasksAdobe Acrobat Update Task

2021-07-01 21:05 – 2021-07-17 12:26 – 000002136 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

2021-07-01 21:05 – 2021-07-01 21:05 – 000002124 _____ C:UsersPublicDesktopAcrobat Reader DC.lnk

2021-07-01 21:03 – 2021-07-01 21:03 – 000000000 ____D C:Program Files (x86)Adobe

2021-07-01 21:00 – 2021-07-01 21:24 – 000000000 ____D C:ProgramDataAdobe

2021-07-01 20:34 – 2021-07-01 21:24 – 000000000 ____D C:UsersPaulAppDataLocalAdobe

2021-07-01 19:51 – 2017-05-10 05:06 – 002839520 _____ (Realtek Semiconductor Corp.) C:WindowsRtlExUpd.dll

2021-07-01 19:40 – 2021-07-01 19:40 – 000000000 ____D C:Program Files (x86)Realtek

2021-07-01 19:38 – 2021-07-06 16:24 – 000000000 ___HD C:Program Files (x86)Temp

2021-07-01 19:38 – 2021-07-01 19:38 – 000000000 ____D C:system.sav

2021-07-01 19:06 – 2021-07-06 17:03 – 000000000 ____D C:SWsetup

2021-07-01 18:26 – 2021-07-18 22:58 – 000000000 ____D C:WindowsSysWOW64RTCOM

2021-07-01 18:26 – 2021-07-01 18:26 – 000000000 ____D C:Windowssystem32SRSLabs

2021-07-01 18:17 – 2021-07-01 18:17 – 000000000 ____D C:ProgramDataHewlett-Packard

2021-07-01 18:15 – 2021-07-01 19:59 – 000000000 ____D C:Windowssystem32TasksHewlett-Packard

2021-07-01 18:15 – 2021-07-01 18:15 – 000000000 ____D C:UsersPaulAppDataLocalHP

2021-07-01 18:08 – 2021-07-01 18:08 – 000000000 ____D C:Program Files (x86)Hewlett-Packard

2021-07-01 18:05 – 2020-11-11 03:54 – 000167280 _____ (Samsung Electronics Co., Ltd.) C:Windowssystem32Driversssudmdm.sys

2021-06-30 11:08 – 2021-06-30 11:08 – 000000000 ____D C:UsersPaulAppDataLocalMendeley Ltd

2021-06-30 11:05 – 2021-06-30 11:06 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMendeley Desktop

2021-06-30 11:05 – 2021-06-30 11:05 – 000000000 ____D C:Program Files (x86)Mendeley Desktop

2021-06-26 18:25 – 2021-06-26 18:25 – 000000000 ____H C:Windowssystem32DriversMsft_User_WpdFs_01_11_00.Wdf

2021-06-25 11:11 – 2021-07-20 14:08 – 000000000 ____D C:UsersPaulAppDataRoamingZoom

2021-06-25 10:43 – 2021-06-25 10:43 – 003171253 _____ C:UsersPaulDownloadsnull.pdf

2021-06-24 19:17 – 2021-06-24 19:17 – 000000000 ____D C:UsersPaulAppDataLocalAAR

2021-06-23 18:28 – 2021-06-28 17:05 – 000000000 ____D C:UsersPaulAppDataRoamingvlc

2021-06-23 18:27 – 2021-06-23 18:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN

2021-06-23 18:26 – 2021-06-23 18:26 – 000000000 ____D C:Program FilesVideoLAN

2021-06-22 19:05 – 2021-07-19 23:53 – 000000000 ____D C:UsersPaulAppDataLocalElevatedDiagnostics

2021-06-21 04:42 – 2021-06-21 04:42 – 000417792 _____ C:Windowssystem32d3dconfig.exe

2021-06-21 04:42 – 2021-06-21 04:42 – 000374784 _____ (Windows ® Win 7 DDK provider) C:Windowssystem32DXCpl.exe

2021-06-21 04:42 – 2021-06-21 04:42 – 000365056 _____ C:WindowsSysWOW64d3dconfig.exe

2021-06-21 04:42 – 2021-06-21 04:42 – 000347136 _____ (Windows ® Win 7 DDK provider) C:WindowsSysWOW64DXCpl.exe

2021-06-21 03:57 – 2021-04-22 06:12 – 000159800 _____ (Samsung Electronics Co., Ltd.) C:Windowssystem32Driversssudbus2.sys

2021-06-21 02:57 – 2021-06-21 02:57 – 000000000 ____D C:UsersPaulAppDataRoamingMicrosoftWindowsStart MenuProgramsJDownloader

2021-06-21 02:51 – 2021-07-18 23:29 – 000000000 ____D C:UsersPaulAppDataLocalJDownloader 2.0

2021-06-21 02:28 – 2021-07-02 12:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office Tools

2021-06-21 02:28 – 2021-06-21 02:28 – 000002493 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWord.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002492 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPowerPoint.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002456 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAccess.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002455 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002449 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002443 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPublisher.lnk

2021-06-21 02:28 – 2021-06-21 02:28 – 000002435 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneNote.lnk

2021-06-21 02:18 – 2021-06-21 02:18 – 003759288 _____ (Microsoft Corporation) C:UsersPaulDownloadsSetup.x86.en-us_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1.exe

2021-06-21 00:48 – 2021-06-21 00:48 – 000003884 _____ C:Windowssystem32TasksGoogleUpdateSoftware

2021-06-21 00:48 – 2021-06-21 00:48 – 000000000 _RSHD C:UsersPaulAppDataRoamingGoogle

2021-06-21 00:45 – 2021-06-21 00:45 – 000000000 _RSHD C:UsersPaulAppDataRoamingWindows

2021-06-21 00:38 – 2021-06-21 01:21 – 000000012 _____ C:ProgramDatakrosqm.txt

2021-06-21 00:35 – 2021-07-01 23:21 – 000000000 ____D C:UsersPaulAppDataRoamingqBittorrent

2021-06-21 00:35 – 2021-06-21 00:35 – 000000000 ____D C:UsersPaulAppDataLocalqBittorrent

2021-06-21 00:33 – 2021-06-21 00:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent

2021-06-21 00:33 – 2021-06-21 00:33 – 000000000 ____D C:Program FilesqBittorrent

2021-06-21 00:15 – 2021-06-21 00:15 – 000000000 ____D C:UsersPaulAppDataLocal__SHARED

2021-06-21 00:14 – 2021-07-09 19:27 – 000000000 ____D C:UsersPaulAppDataRoamingdiscord

2021-06-21 00:14 – 2021-07-09 19:24 – 000000000 ____D C:UsersPaulAppDataLocalDiscord

2021-06-21 00:14 – 2021-06-21 00:14 – 000000000 ____D C:UsersPaulAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-06-21 00:13 – 2021-06-21 00:15 – 000000000 ____D C:UsersPaulAppDataLocalSquirrelTemp

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-07-21 14:31 – 2021-06-19 00:14 – 000000000 ____D C:Program Files (x86)Google

2021-07-21 14:22 – 2019-12-07 11:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-07-21 13:30 – 2021-06-19 07:57 – 000000000 ___RD C:UsersPaulOneDrive

2021-07-21 12:39 – 2021-06-19 05:02 – 000000000 ____D C:Windowssystem32SleepStudy

2021-07-21 11:12 – 2021-06-18 23:36 – 000000000 ____D C:UsersPaulAppDataLocalD3DSCache

2021-07-21 09:49 – 2021-06-19 05:02 – 000008192 ___SH C:DumpStack.log.tmp

2021-07-21 09:49 – 2021-06-19 05:02 – 000000006 ____H C:WindowsTasksSA.DAT

2021-07-21 09:48 – 2021-06-19 00:47 – 000065536 _____ C:Windowssystem32spu_storage.bin

2021-07-21 09:48 – 2019-12-07 11:03 – 000786432 _____ C:Windowssystem32configBBI

2021-07-21 09:47 – 2019-12-07 11:14 – 000000000 ____D C:WindowsAppReadiness

2021-07-21 00:48 – 2019-12-07 11:14 – 000000000 ____D C:WindowsLiveKernelReports

2021-07-20 22:35 – 2021-06-19 00:20 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-07-20 22:35 – 2021-06-19 00:20 – 000002206 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-07-20 10:34 – 2021-06-20 19:53 – 000000000 ____D C:Windowssystem32TasksAgent Activation Runtime

2021-07-20 10:21 – 2021-06-19 07:42 – 000000000 ____D C:UsersTresphordAppDataLocalPackages

2021-07-20 10:21 – 2019-12-07 11:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-07-20 10:16 – 2019-12-07 11:14 – 000000000 ___RD C:WindowsImmersiveControlPanel

2021-07-19 23:47 – 2021-06-19 07:52 – 000000000 ____D C:UsersPaul

2021-07-19 11:22 – 2021-06-19 07:53 – 000000000 ____D C:UsersPaulAppDataLocalVirtualStore

2021-07-19 06:17 – 2019-12-07 11:13 – 000000000 ____D C:WindowsINF

2021-07-18 22:35 – 2021-06-19 00:40 – 000202144 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amdihk64.dll

2021-07-18 22:35 – 2021-06-19 00:40 – 000169696 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amdihk32.dll

2021-07-18 11:14 – 2021-06-19 07:53 – 000000000 ____D C:UsersPaulAppDataLocalPackages

2021-07-18 10:34 – 2021-06-19 00:47 – 000000000 ____D C:UsersPaulAppDataLocalAMD

2021-07-17 12:28 – 2021-06-19 06:50 – 000795738 _____ C:Windowssystem32PerfStringBackup.INI

2021-07-16 11:26 – 2021-06-19 00:14 – 000003418 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA

2021-07-16 11:26 – 2021-06-19 00:14 – 000003294 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore

2021-07-15 21:22 – 2021-06-19 13:00 – 000002250 __RSH C:ProgramDatantuser.pol

2021-07-11 10:44 – 2021-06-18 23:23 – 000003714 _____ C:Windowssystem32TasksAvira_Security_Update

2021-07-11 10:44 – 2021-06-18 23:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAvira

2021-07-10 10:50 – 2021-06-19 07:57 – 000003378 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-2132373798-3794873339-3959275379-1005

2021-07-10 10:50 – 2021-06-19 07:52 – 000002380 _____ C:UsersPaulAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-07-09 14:25 – 2021-06-18 23:25 – 000003786 _____ C:Windowssystem32TasksAviraSystemSpeedupUpdate

2021-07-08 21:33 – 2021-06-18 23:50 – 000208336 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavgntflt.sys

2021-07-08 21:33 – 2021-06-18 23:50 – 000022848 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavelam.sys

2021-07-07 11:23 – 2021-06-20 23:29 – 000000000 ____D C:UsersPaulAppDataLocalPlaceholderTileLogoFolder

2021-07-07 02:35 – 2021-06-19 05:02 – 000446184 _____ C:Windowssystem32FNTCACHE.DAT

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64WinMetadata

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64setup

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64oobe

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64lv-LV

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64lt-LT

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64et-EE

2021-07-07 02:31 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSysWOW64Dism

2021-07-07 02:30 – 2019-12-07 11:51 – 000000000 ____D C:Windowssystem32OpenSSH

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSystemResources

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32WinMetadata

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32SystemResetPlatform

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32setup

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32oobe

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32migwiz

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32lv-LV

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32lt-LT

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32et-EE

2021-07-07 02:30 – 2019-12-07 11:14 – 000000000 ____D C:Windowssystem32Dism

2021-07-07 02:29 – 2019-12-07 11:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-07-07 02:29 – 2019-12-07 11:14 – 000000000 ___RD C:WindowsPrintDialog

2021-07-07 02:29 – 2019-12-07 11:14 – 000000000 ____D C:WindowsProvisioning

2021-07-07 02:29 – 2019-12-07 11:14 – 000000000 ____D C:WindowsPolicyDefinitions

2021-07-07 02:29 – 2019-12-07 11:14 – 000000000 ____D C:WindowsDiagTrack

2021-07-07 02:29 – 2019-12-07 11:14 – 000000000 ____D C:Windowsbcastdvr

2021-07-07 02:27 – 2019-12-07 11:03 – 000000000 ____D C:WindowsCbsTemp

2021-07-07 02:21 – 2019-12-07 11:03 – 000000000 ____D C:Windowsservicing

2021-07-07 02:20 – 2019-12-07 11:54 – 000023552 _____ (Microsoft Corporation) C:Windowssystem32OEMDefaultAssociations.dll

2021-07-06 15:46 – 2017-11-17 07:20 – 000247200 _____ (Advanced Micro Devices) C:Windowssystem32DriversAtihdWT6.sys

2021-07-02 12:05 – 2021-06-19 00:56 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-07-02 11:35 – 2021-06-19 05:21 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-07-02 09:17 – 2021-06-19 07:43 – 000000000 ____D C:ProgramDataPackages

2021-07-01 21:22 – 2021-06-19 07:53 – 000000000 ____D C:UsersPaulAppDataRoamingAdobe

2021-06-30 10:01 – 2021-06-19 05:20 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-06-30 10:01 – 2021-06-19 05:20 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-06-22 21:37 – 2019-12-07 11:14 – 000000000 ____D C:WindowsServiceState

2021-06-21 08:48 – 2021-06-19 06:00 – 000000000 ____D C:WindowsPanther

2021-06-21 02:20 – 2019-12-07 11:14 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-06-21 00:05 – 2019-12-07 11:14 – 000000000 ____D C:WindowsSystemApps

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01

Ran by Paul (21-07-2021 14:46:32)

Running from C:UsersPaulDownloads

Windows 10 Pro Version 21H1 19043.1083 (X64) (2021-06-19 04:46:29)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-2132373798-3794873339-3959275379-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-2132373798-3794873339-3959275379-503 – Limited – Disabled)

Guest (S-1-5-21-2132373798-3794873339-3959275379-501 – Limited – Disabled)

Paul (S-1-5-21-2132373798-3794873339-3959275379-1005 – Administrator – Enabled) => C:UsersPaul

Tresphord (S-1-5-21-2132373798-3794873339-3959275379-1004 – Administrator – Enabled) => C:UsersTresphord

WDAGUtilityAccount (S-1-5-21-2132373798-3794873339-3959275379-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Avira Antivirus (Enabled – Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20058 – Adobe Systems Incorporated)

Avira Antivirus (HKLM-x32…Avira Antivirus) (Version: 15.0.2107.2107 – Avira Operations GmbH & Co. KG) Hidden

Avira Phantom VPN (HKLM-x32…Avira Phantom VPN) (Version: 2.37.4.17510 – Avira Operations GmbH & Co. KG) Hidden

Avira Security (HKLM-x32…Avira Security_is1) (Version: 1.1.51.20724 – Avira Operations GmbH & Co. KG) Hidden

Avira Security (HKLM-x32…AviraSecurityUninstaller) (Version:  – Avira Operations GmbH & Co. KG;)

Avira Software Updater (HKLM-x32…{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 – Avira Operations GmbH & Co. KG) Hidden

Avira System Speedup (HKLM-x32…Avira System Speedup_is1) (Version: 6.11.0.11177 – Avira Operations GmbH & Co. KG) Hidden

Call of Duty – Modern Warfare 2 (HKLM-x32…Call of Duty – Modern Warfare 2_is1) (Version:  – R.G. Mechanics, spider91)

Discord (HKUS-1-5-21-2132373798-3794873339-3959275379-1005…Discord) (Version: 1.0.9002 – Discord Inc.)

Driver Booster 8 (HKLM-x32…Driver Booster_is1) (Version: 8.2.0 – IObit)

Driver Easy 5.6.15 (HKLM…DriverEasy_is1) (Version: 5.6.15 – Easeware)

Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.164 – Google LLC)

HP Support Solutions Framework (HKLM-x32…{FF81F9EB-61C1-48A4-8EE5-45C5D61BC0E0}) (Version: 12.19.53.13 – HP Inc.)

JDownloader 2 (HKUS-1-5-21-2132373798-3794873339-3959275379-1005…jdownloader2) (Version: 2.0 – AppWork GmbH)

Mendeley Desktop 1.19.8 (HKLM-x32…Mendeley Desktop) (Version: 1.19.8 – Mendeley Ltd.)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.64 – Microsoft Corporation)

Microsoft Office Professional 2016 – en-us (HKLM…ProfessionalRetail – en-us) (Version: 16.0.14026.20308 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-2132373798-3794873339-3959275379-1004…OneDriveSetup.exe) (Version: 19.043.0304.0013 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-2132373798-3794873339-3959275379-1005…OneDriveSetup.exe) (Version: 21.119.0613.0001 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20308 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

OpenAL (HKLM-x32…OpenAL) (Version:  – )

qBittorrent 4.3.5 (HKLM-x32…qBittorrent) (Version: 4.3.5 – The qBittorrent project)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 – Realtek Semiconductor Corp.)

Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 19.5.10.75 – Synaptics Incorporated)

VLC media player (HKLM…VLC media player) (Version: 3.0.16 – VideoLAN)

WinRAR 6.00 (64-bit) (HKLM…WinRAR archiver) (Version: 6.00.0 – win.rar GmbH)

 

Packages:

=========

Mail and Calendar -> C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-20] (Microsoft Studios) [MS Ad]

Microsoft To Do -> C:Program FilesWindowsAppsMicrosoft.Todos_2.47.41791.0_x64__8wekyb3d8bbwe [2021-07-01] (Microsoft Corporation) [Startup Task]

MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-06-18] (Microsoft Corporation) [MS Ad]

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-18] (Microsoft Corporation)

Reader Notification Client -> C:Program FilesWindowsAppsReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-07-01] (Adobe Systems Incorporated)

Samsung Flow -> C:Program FilesWindowsAppsSAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.9.0_x64__wyx1vj98g3asy [2021-07-19] (Samsung Electronics Co, Ltd.)

Skype -> C:Program FilesWindowsAppsMicrosoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-06-18] (Skype)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-07-01] (Spotify AB) [Startup Task]

Synaptics TouchPad -> C:Program FilesWindowsAppsSynapticsIncorporated.SynHPConsumerDApp_19005.35002.0.0_x64__807d65c4rvak2 [2021-07-20] (Synaptics Incorporated)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:Program Files (x86)AviraAntivirusshlext64.dll [2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:WindowsSystem32atiacm64.dll [2021-07-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2021-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:Program Files (x86)AviraAntivirusshlext64.dll [2021-07-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersPaulDesktopPersonal.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Default”

ShortcutWithArgument: C:UsersPaulDesktopSchool.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 1″

ShortcutWithArgument: C:UsersPaulAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarPaul – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Default”

ShortcutWithArgument: C:UsersPaulAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarSchool.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 1″

 

==================== Loaded Modules (Whitelisted) =============

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-2132373798-3794873339-3959275379-1005SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__181020

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-07-02] (Microsoft Corporation -> Microsoft Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-12-07 11:14 – 2019-12-07 11:12 – 000000824 _____ C:Windowssystem32driversetchosts

 

2021-07-08 19:58 – 2021-07-08 19:59 – 000000444 _____ C:Windowssystem32driversetchosts.ics

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-2132373798-3794873339-3959275379-1004Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperWindowsimg0.jpg

HKUS-1-5-21-2132373798-3794873339-3959275379-1005Control PanelDesktop\Wallpaper -> C:UsersPaulAppDataLocalMicrosoftWindowsThemesRoamedThemeFilesDesktopBackgroundimg0.jpg

DNS Servers: Media is not connected to internet.

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AviraOptimizerHost => 2

MSCONFIGServices: AviraPhantomVPN => 2

MSCONFIGServices: GoogleChromeElevationService => 3

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: McComponentHostService => 3

MSCONFIGServices: SetupARService => 2

HKLM…StartupApprovedStartupFolder: => “McAfee Security Scan Plus.lnk”

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…StartupApprovedRun: => “Discord”

HKUS-1-5-21-2132373798-3794873339-3959275379-1005…StartupApprovedRun: => “Adobe Reader Synchronizer”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{AFC1A926-48C5-4643-AA26-5D80ED81F55B}] => (Allow) C:Program FilesWindowsAppsSAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.9.0_x64__wyx1vj98g3asyDesktopAppSamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [{37D9E2CC-73C4-48F1-941F-3A9797B8FBC9}] => (Allow) C:Program FilesWindowsAppsSAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.9.0_x64__wyx1vj98g3asyDesktopAppSamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [{43986D99-69AF-4D9E-BEFF-61759C39E1C5}] => (Allow) C:Program FilesWindowsAppsSAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.9.0_x64__wyx1vj98g3asyDesktopAppSamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [{312B4548-0F7F-4C90-AC6A-272168061E0C}] => (Allow) C:Program FilesWindowsAppsSAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.9.0_x64__wyx1vj98g3asyDesktopAppSamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> )

FirewallRules: [{6B0E61E8-E7C8-4847-8FE9-8CE74ADF888D}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [{6EAA5689-D958-4EA6-B9E4-1BEE60054A97}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [TCP Query User{B1E6280F-15CD-4BEF-821A-E6A58153568D}C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]

FirewallRules: [UDP Query User{F8167A7C-D76D-44D9-9BA2-F8D073A939E1}C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]

FirewallRules: [{BA6F2E3A-870B-456A-9EED-EBDE73A34DE5}] => (Allow) C:UsersPaulAppDataRoamingZoombinZoom.exe => No File

FirewallRules: [{AE255395-7DAB-4777-9B3C-21E5514B1B82}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{7DA2658C-3995-41DD-B243-A6E7F562101C}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{01A55CDD-1F4B-47B4-B2C6-28D1F1BDFEFB}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{EFF0A25E-117E-4B43-B4CC-BE6789ADBEA4}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{EBDC8EFF-BBDF-47B2-BDE8-DE2D9A9EA282}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D928AB81-7850-4428-867B-6B08A75BE9BE}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{8B94F7A2-D36F-4B50-9AC1-5274F89C7C7F}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{EB22A51F-7E2B-4980-A812-355B0B746061}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{C19E929A-6392-4CE3-9835-563474E331EC}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{94BE3CFE-55A4-4436-A318-C52D1ACDC9DF}] => (Allow) C:Program FilesEasewareDriverEasyDriverEasy.exe (Easeware Technology Limited -> Easeware)

FirewallRules: [{38047B11-1435-4C0D-8D91-90FC1C0F7A72}] => (Allow) C:UsersPaulAppDataRoamingZoombinZoom.exe => No File

FirewallRules: [{69A9F30E-2057-48AB-9715-ECEFFBCCD36F}] => (Allow) C:UsersPaulAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [{59830B8D-3606-4E93-AE44-94AC4FEBB6DC}] => (Allow) C:UsersPaulAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [{584E9126-6FCF-4E49-9B80-3208B1525D1C}] => (Block) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [{5C46E36B-744C-417B-9C76-26DC3D203EDD}] => (Allow) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [{365CABF6-04D3-4971-AE7D-6D62FAE900C3}] => (Allow) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [{AC37E8AB-1095-4F7F-9B97-E9D41C975647}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

Check “VSS” service

 

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (07/21/2021 09:50:42 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)

Description: Windows cannot load the extensible counter DLL “C:Windowssystem32sysmain.dll” (Win32 error code 126).

 

Error: (07/19/2021 11:50:00 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)

Description: Windows cannot load the extensible counter DLL “C:Windowssystem32sysmain.dll” (Win32 error code 126).

 

Error: (07/19/2021 07:45:37 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program explorer.exe version 10.0.19041.1081 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

 

Process ID: 18ec

 

Start Time: 01d77cc578e5feb1

 

Termination Time: 0

 

Application Path: C:Windowsexplorer.exe

 

Report Id: a73afaba-b87e-4bc1-944d-17a224a48ea2

 

Faulting package full name: 

 

Faulting package-relative application ID: 

 

Hang type: Cross-thread

 

Error: (07/18/2021 10:34:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program DriverEasy.exe version 5.6.15.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

 

Process ID: 25d0

 

Start Time: 01d77c13828754e6

 

Termination Time: 31

 

Application Path: C:Program FilesEasewareDriverEasyDriverEasy.exe

 

Report Id: d54bccb4-b3a4-4f8e-a0ed-be91029063bb

 

Faulting package full name: 

 

Faulting package-relative application ID: 

 

Hang type: Unknown

 

Error: (07/18/2021 09:28:48 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)

Description: Windows cannot load the extensible counter DLL “C:Windowssystem32sysmain.dll” (Win32 error code 126).

 

Error: (07/18/2021 09:54:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on New Volume (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (07/18/2021 09:54:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (07/17/2021 09:19:58 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)

Description: Windows cannot load the extensible counter DLL “C:Windowssystem32sysmain.dll” (Win32 error code 126).

 

 

System errors:

=============

Error: (07/21/2021 02:52:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OU0QPUF)

Description: The server Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe!Microsoft.ZuneMusic did not register with DCOM within the required timeout.

 

Error: (07/21/2021 02:52:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

 

Error: (07/21/2021 02:51:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error: 

The service did not respond to the start or control request in a timely fashion.

 

Error: (07/21/2021 02:51:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

 

Error: (07/21/2021 02:50:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error: 

The service did not respond to the start or control request in a timely fashion.

 

Error: (07/21/2021 02:50:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

 

Error: (07/21/2021 02:48:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Group Policy Client service failed to start due to the following error: 

The service did not respond to the start or control request in a timely fashion.

 

Error: (07/21/2021 02:48:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Group Policy Client service to connect.

 

 

==================== Memory info =========================== 

 

BIOS: Insyde F.09 05/19/2016

Motherboard: Hewlett-Packard 81F5

Processor: AMD E2-7110 APU with AMD Radeon R2 Graphics 

Percentage of memory in use: 51%

Total physical RAM: 7113.02 MB

Available physical RAM: 3415.81 MB

Total Virtual: 11081.02 MB

Available Virtual: 6785.69 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:159.89 GB) (Free:72.47 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:305.76 GB) (Free:293.19 GB) NTFS

 

\?Volume{8e164fa5-8c07-4680-8305-c29f49e0e769} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

− 1 = one